Global Featured Wired

The Sexual Harassment Scandals are a Watershed Moment but We’ve Had Those Before

Ethics & Compliance Matters™ by NAVEX Global -

For any watershed moment to truly make a difference, organizational leaders need to address the real problem behind the issue. Leaders and board members must be accountable for the culture of, and the behaviors in, their organizations – their responsibilities extend beyond just the financial results. So how do we ensure this watershed moment on sexual harassment is met with real action and leadership?

Practical Investigative Interviewing Tips to Improve Your ORC Investigations

Loss Prevention Media -

The increase in organized retail crime (ORC) activity has prompted many retailers to invest in tools and technologies to protect their merchandise. Partnerships between the private sector and public law enforcement professionals also help to improve security. But one useful tool is often overlooked in the fight against ORC: the investigative interview.

.inline-text-ad h1, .inline-text-ad h2, .inline-text-ad h3 { margin-top: 0; } .inline-text-ad h1 { font-size: 18px !important; font-weight: bold !important; } .inline-text-ad p { font-size: 1.0rem; } .inline-text-ad { border-top: 1px dotted #cccccc; border-bottom: 1px dotted #cccccc; padding-top: 20px; } @media only screen and (max-width: 768px) { .inline-text-ad { text-align: center; } .inline-text-ad h1, .inline-text-ad h3, .inline-text-ad h3 { font-size: 1.15em; } } @media only screen and (max-width: 460px) { .inline-text-ad h1, .inline-text-ad h3, .inline-text-ad h3 { font-size: 1em; } }

Get the facts about shoplifting in our FREE Special Report,Tips on How to Stop Shoplifting:   What You Can Learn from Shoplifting Statistics, Organized Retail Crime Facts & Shoplifting Stories right now!

Using thorough investigative interviewing strategies and techniques, an ORC investigator may be able to obtain crucial and reliable information from an apprehended shoplifter. During the interview, the subject may even reveal merchandise resale locations, means of transportation for the theft ring, or other target locations.

In an article in the latest issue of LPM Online, David Thompson, CFI, goes in-depth on the topic of ORC interviews. What do investigators want to know, and what are the major challenges to obtaining that information? From the article:

In the event of an ORC interview, time is often an uncontrollable variable that expires rather quickly. Interviews conducted while the shoplifter is in law enforcement custody, detained in a loss prevention office, or any other unique field interview will present the challenge of having minimal time to gain maximum information. This increases the importance of the interviewer’s strategy to know what their priority of information should be.

There is a wide variety of information that may fall into different levels of priority depending on the context of the investigation and the availability of evidence. Primarily, understanding the flow of the stolen product is essential to most investigators. Identifying where the stolen items are delivered to, sold from, or distributed at may produce a domino effect resulting in additional information. If a subject discusses that the product is sold through online channels, this provides the investigator with potential sales history and tracking ability. Product that is delivered to street vendors, pawnshops, or storage units may be easier to recover and substantiate the total loss.

Read more about ORC investigative interviewing tips in “Inside the ORC Interview.” If you’ve missed any of our previous LPM Online editions, go to the Archives page at the end of the edition to see what you’ve missed. Be sure to be an LPM digital subscriber so you are the first to know when new issues are available. If you haven’t already, sign up on the SUBSCRIBE NOW link. (Note: if you’re already subscribed, the previous link will take you to the current issue of the print magazine.)

The post Practical Investigative Interviewing Tips to Improve Your ORC Investigations appeared first on LPM.

Day 11 of 31 Days to a More Effective Compliance Program-What is Effective Compliance Training?

FCPA Compliance & Ethics -

The communication of your anti-corruption compliance program, both through training and message, is something that must be done on a regular basis to ensure its effectiveness. The FCPA Guidance explains, “Compliance policies cannot work unless effectively communicated throughout a company. Accordingly, DOJ and SEC will evaluate whether a company has taken steps to ensure that relevant policies and procedures [...]

The post Day 11 of 31 Days to a More Effective Compliance Program-What is Effective Compliance Training? appeared first on Compliance Report.

Breaking News in the Industry: January 11, 2018

Loss Prevention Media -

Two sentenced in $65K store theft

Two people charged in connection with the theft of more than $65,000 in merchandise from Bed Bath & Beyond in Martinsburg, West Virginia, over a two-year period were sentenced Tuesday in Berkeley County Circuit Court. Curt David Danner, 50, of Martinsburg was placed on probation for five years and ordered to pay $45,000 in restitution by 23rd Judicial Circuit Judge Laura Faircloth after he pleaded guilty to one count of felony embezzlement. The probationary period was imposed in place of a one- to 10-year prison sentence, which was suspended by the judge. Co-defendant Heather Hutzler, 41, also of Martinsburg, separately entered an Alford plea Tuesday to one felony count of conspiracy to commit transferring stolen property, but adjudication of her case was deferred for three years by the judge. An Alford plea is not an admission of guilt, but an acknowledgment by a defendant that the prosecution has enough evidence to gain a conviction. Hutzler can avoid the possible felony conviction and a maximum one- to five-year prison sentence that comes with the offense if she successfully completes a three-year, probation-like period. If successful, Hutzler instead would be convicted of a misdemeanor count of conspiracy. The maximum sentence for the misdemeanor conviction is up to a year in jail. Danner was an assistant manager at the store at 172 Retail Commons Parkway when the items were taken between January 2015 and December 2016 and sold online, court records said. The stolen items, which were valued at $65,931.72, included 47 Illumnibowl motion-activated toilet night lights, 25 Fitbit Flex wireless activity-and-sleep wristbands and 23 Breville the Barista Express 8-cup espresso machines, court records said. Berkeley County Assistant Prosecuting Attorney Ben Hiller said Tuesday that the prosecution’s evidence in the case included items from the store that were seized from the defendants’ home.  [Source: HeraldMailMedia]

Runaway busted for shoplifting leads cops to sex trafficker

A teenage runaway busted for shoplifting in Brooklyn, New York, led police to a sex trafficker, police sources said Tuesday. The 14-year-old girl allegedly told detectives at the 63rd Precinct station house late Monday that she left her Nevada home for California, where she met a man who forced her into prostitution, there and in New York City. While she was being interviewed, sources said, the suspect, 17-year-old Mark Obeyz, walked into the station house and was arrested. He was charged early Tuesday with acting in a matter injurious to a child less than 17 years old. Detectives assigned to a human trafficking unit are trying to determine if Obeyz was working with anyone else. This is the first city arrest for Obeyz, who lives in Kensington. Sources said he used to live in California. The sticky-fingered teenager was taken into custody after she and a 19-year-old woman were arrested for shoplifting, cops said. The older woman allegedly stole $663 in clothing from the Macy’s store inside the Kings Plaza shopping center. Because the younger girl is a sex crime victim, she was not charged, sources said.  [Source: Daily News]

Police believe 2 brazen shoplifting cases committed by 1 group

Menomonee Falls, Wisconsin, police believe two brazen shoplifting cases — executed by several people in both incidents — are connected.
According to police, the first theft happened at the Kohl’s store located on Appleton Avenue, on Sunday, January 7th. Police say shortly after 6:30 p.m., seven black males and two black females — ranging in ages from 16-25 — fled the store with Nike brand clothing. The group left the scene in three vehicles, two of which were reported stolen from the City of Milwaukee the day earlier.

Menomonee Falls officials say the next day, January 8th, a similar incident happened at the Walgreen’s located on Silver Spring Drive. Police say six black males and three black females — ranging in ages from 16-30 — fled the store with two baskets of merchandise. The suspects left in a maroon Jeep Cherokee SUV and a silver sedan, believed to be the same vehicles from Kohl’s. If you can identify any of the suspects in the photos on their website provided by police, or have any information related to these incidents, you’re asked to contact the Menomonee Falls Police Department at 262-532-8700.  [Source: Fox6 News]

New Texas law allows merchants to refuse sales for credit purchases without ID

A new law in Texas is changing the way merchants do business. SB 1381 allows a business to request government-issued photo identification during a sale. If the consumer doesn’t have a matching i.D. That merchant now has the ability to decline a transaction if they choose.  Due to the implementation of card chip technology and shifts in liability for fraudulent purchases, merchants may now be “on the hook” for some losses. This legislation states that this law will provide merchants with an additional tool to attempt to minimize fraud.  “Well that just didn’t make sense to me,” said Texas Senator Bryan Hughes of District 1, who authored the legislation. “So we were thankful to get a law passed that says any merchant in Texas can ask for your I.D. Now once they look at the I.D. And it matches or doesn’t match, they decide what to do but they should at least be able to ask.” There’s an ongoing concern not only for consumers but also for community financial institutions. Fraudulent debit and credit cards can be utilized in person as well as through internet and telephoner “card not present” transactions. Additionally, lost and stolen credit and debit cards are frequently used by criminals to make purchases before the consumer realizes that his/her card is missing. “But the hope is it will be a deterrent,” said Sen. Hughes. “Right, if you’re going to ask for I.D. And I’ve got a stolen credit card then I am probably not going to try to make that purchase. So it’s just about letting the merchant ask for the I.D. If they have a reason to doubt. ” This also helps banks as well. In most cases, the bank that issued the card ends up taking the loss for the fraud as well as absorbing the costs to reissue the compromised card.  This has been an ongoing and costly frustration for community bankers across the state. It is important to note that there are absolutely no penalties for not requesting validation of identification. It also does not stipulate a shift in liability between the parties. [Source: Star Local News]

Florida police seek help identifying 3 suspects caught on video shoplifting [Viral Video]

Police are asking for the public’s help in identifying three people caught on security camera Monday shoplifting more than $1,000 in electronics from Walmart in Winter Haven, Florida. Jamie Brown, spokesperson for the Winter Haven Police Department, said that two women, a man and a small child came into the store through the garden center and walked to the electronics section. While the women loaded sound bars into shopping carts, the man kept walking, taking the child back out to the parking lot. While he moved the car, a black Chevy Impala, to the parking area outside the automotive section, the women moved on to the electronic toys section and loaded more items into the carts. The women then left the store through doors in the automotive section, making no attempt to pay, according to the WHPD. “A customer sitting in the automotive section immediately alerted an employee, but by the time they got outside, the group had left the parking lot,” Brown said in a news release.
Anyone with information about their identities can post a comment at or make an anonymous report to Heartland Crime Stoppers at 800-226-8477, where callers may be eligible for a cash reward.  [Source: The Ledger]

The post Breaking News in the Industry: January 11, 2018 appeared first on LPM.

The 7-11 Compliance Conondrum

Compliance Building -

Immigration and citizenship employee compliance requirements are fairly straightforward, although awkward. You can’t usually ask whether or not a job applicant is a United States citizen before making an offer of employment. But you do need to verify the identity and employment eligibility of all employees, by completing the Employment Eligibility Verification (I-9) Form, and reviewing documents showing the employee’s identity and employment authorization. Then you need to hold onto the I-9 while the person is employed.

U.S. Immigration and Customs Enforcement agents targeted nearly 100 of 7-Eleven stores in 17 states before dawn Wednesday to deliver audit notifications of their I-9 paperwork. In the process, it made 21 arrests of employees on suspicion of being in the U.S. illegally.

But why 7-11?

A press release from 7-11 HQ pointed out:

“7-Eleven Franchisees are independent business owners and are solely responsible for their employees including deciding who to hire and verifying their eligibility to work in the United States.”

So effectively, ICE deployed hundreds of agents at almost 100 locations at what are essentially each a separate business. I would guess that each location employs a few dozen employees at the most. That seems like a huge deployment of resources for a small amount of potential targets.

I suppose this does send a message to franchisees and franchisors of all industries to make sure they follow the I-9 requirements because ICE is willing to dedicate a ludicrous amount of resources to make a statement.

ICE indicated that this sweep was a “follow-up” of a 2013 ICE action that resulted in the arrests of nine 7-Eleven franchise owners and managers in New York and Virginia on charges of employing undocumented workers. That was one of the largest criminal immigrant employment investigations ever conducted.

Meanwhile the Office Inspector General released a report the raised concerns about ICE detainee treatment and care at detention facilities and ICE’s Screening Protocol of Aliens Who May Be Known or Suspected Terrorists is Limited and Risks National Security.

It still looks a huge of amount of resources deployed against the 7-11 franchises. In contrast, ICE raided an Iowa meatpacking plant in 2008 and detained nearly 400 undocumented workers. That plant owner, Sholom Rubashkin, recently had his prison sentence commuted by President Trump.

You can look at the 7-11 raid as a follow-up to a prior action.

“Today’s actions send a strong message to U.S. businesses that hire and employ an illegal workforce: ICE will enforce the law, and if you are found to be breaking the law, you will be held accountable,” said Thomas D. Homan, ICE Deputy Director and Senior Official Performing the Duties of the Director. “Businesses that hire illegal workers are a pull factor for illegal immigration and we are working hard to remove this magnet. ICE will continue its efforts to protect jobs for American workers by eliminating unfair competitive advantages for companies that exploit illegal immigration.” –  ICE Deputy Director Thomas D. Homan

So according to ICE statement, 7-11 draws illegal immigrants into the US and those illegal workers are taking away jobs from Americans who want to work at 7-11.

For those in compliance like me, our job is not to question the wisdom of the rule, but make sure our companies are following the rule. That means running the I-9 process and keeping the paperwork to avoid an ICE raid.


Walgreens Boots Alliance: Proxy Vote

Corporate Governance -

Walgreens Boots Alliance (WBA), operates as a pharmacy-led health and wellbeing company. It operates through three segments: Retail Pharmacy USA, Retail Pharmacy International, and Pharmaceutical Wholesale. Walgreens opposes giving shareholders more effective proxy access to enable us to place nominees on our company’s ballot. Additionally, Walgreens opposes lowering the threshold to enable shareholders to call […]

The post Walgreens Boots Alliance: Proxy Vote appeared first on Corporate Governance.

SEC Guidance on Tax Reform Reporting

The Harvard Law School Forum on Corporate Governance and Financial Regulation -

Posted by Catherine M. Clarkin, Robert W. Downes, and Brian D. Farber, Sullivan & Cromwell LLP, on Thursday, January 11, 2018 Editor's Note: Catherine M. Clarkin and Robert W. Downes are partners and Brian D. Farber is an associate at Sullivan & Cromwell LLP. This post is based on a Sullivan & Cromwell publication by Ms. Clarkin, Mr. Downes, Mr. Farber, Scott D. Miller, and Benjamin H. Weiner.

On December 22, 2017, the Securities and Exchange Commission’s Division of Corporation Finance released Form 8-K Compliance and Disclosure Interpretation 110.02 and its Office of the Chief Accountant published Staff Accounting Bulletin No. 118, which provide guidance on reporting accounting impacts of the recently enacted tax reform legislation. The new C&DI clarifies that disclosure under Item 2.06 of Form 8-K (Material Impairments) is not triggered by the re-measurement of deferred tax assets due to a change in tax rates or tax laws. New SAB 118 provides guidance on reporting the income tax effects of U.S. tax reform for issuers that are not able to complete the accounting for certain tax effects by the time financial statements are issued covering the reporting period that includes the date of the enactment of the Tax Cuts and Jobs Act (December 22, 2017). [1]


The Most Important Developments in M&A Law in 2017

The Harvard Law School Forum on Corporate Governance and Financial Regulation -

Posted by Gail Weinstein, Philip Richter, and Steve Epstein, Fried, Frank, Harris, Shriver & Jacobson LLP, on Thursday, January 11, 2018 Editor's Note: Gail Weinstein is senior counsel, and Philip Richter and Steven Epstein are partners at Fried, Frank, Harris, Shriver & Jacobson LLP. This post is based on a Fried Frank publication by Ms. Weinstein, Mr. Richter, Mr. Epstein, Scott B. LuftglassWarren S. de Wied, and Matthew V. Soran, and is part of the Delaware law series; links to other posts in the series are available here. Appraisal, Corwin, Controllers, Director Self-Interest, Disclosure, M&A Agreements, MLPs, Financial Advisors

Below, we (i) outline the key developments in M&A law in 2017; (ii) review the transformation that has occurred since 2014; and (iii) summarize the Delaware courts’ major 2017 decisions.


Political Uncertainty and Cross-Border Acquisitions

The Harvard Law School Forum on Corporate Governance and Financial Regulation -

Posted by Chunfang Cao (Sun Yat-sen University), Xiaoyang Li (Shanghai Jiao Tong University), and Guilin Liu, (Huatai Property & Casualty Insurance Co., Ltd.), on Thursday, January 11, 2018 Editor's Note: Chunfang Cao is an associate professor of accounting at the Business School, Sun Yat-sen University; Xiaoyang Li is an associate professor of finance at the Shanghai Advanced Institute of Finance (SAIF), Shanghai Jiao Tong University; and Guilin Liu is with Huatai Property & Casualty Insurance Co., Ltd. This post is based on their recent article, forthcoming in the Review of Finance.

Cross-border acquisitions have become increasingly popular as more firms expand their businesses across national borders. Yet, politicians frequently make decisions that alter the environment in which firms operate, which creates a significant amount of uncertainty for acquisition decisions. Business executives often cite uncertainty as a major threat to investments and growth. Considering the rising importance of cross-border acquisitions and executives’ concerns over heightened political uncertainty, the authors investigate how political uncertainty affects such decisions.


Ethisphere and Convercent Partner to Promote Ethics and Integrity at the 2018 Global Ethics Summit

Ethisphere -

The 10th anniversary of Ethisphere’s Global Ethics Summit will feature CEOs, Board Members, General Counsel, Chief Ethics and Compliance Officers, and other company leaders focused on promoting integrity within their organizations globally

New York, NY – January 11, 2018 – Ethisphere announced today that Convercent, a leading provider of ethics and compliance software, will serve as a strategic partner for the 2018 Global Ethics Summit. As a partner, Convercent will join the conference faculty alongside leading CEOs, General Counsel, and Chief Compliance Officers, as well as provide opportunities for Convercent customers to showcase their best practices, ethical expertise, and leading role within the compliance and ethics community. The Global Ethics Summit is the leading forum highlighting companies with best in class programs and driving the idea that ethical companies outperform their peers, as evidenced by the ethics premium data showcased as part of Ethisphere’s World’s Most Ethical Companies program.

“This is the 10th anniversary of the 2018 Global Ethics Summit, and we are proud to be able to work with and feature more leaders this year than ever, including CEOs of Ingredion, Aflac and more; and a wide range of well-respected, expert executives.  We are excited to continue our partnership with Convercent and include their participation and expertise in this year’s Summit,” said Stefan Linssen, Chief Content Officer, Ethisphere.

Ethisphere is looking to Convercent to bring the importance of ethics and integrity to life by leveraging their insights and datasets to inform and drive discussion at the conference. Alongside other senior corporate leaders, Convercent will join the annual Global Ethics Summit podcast series that Ethisphere hosts leading up to the Summit and contribute thought leadership on the ethics industry as a whole.

“In a rapidly evolving ethics and compliance landscape, the Global Ethics Summit plays a hugely influential role in shaping the conversation around corporate ethics and integrity,” said Patrick Quinlan, CEO of Convercent (pictured right). “As a company whose mission is to drive ethics to the center of business, Convercent is committed to moving this conversation forward and sharing our insight and experiences with other conference participants.”

A defining feature of the Global Ethics Summit is the opportunity for in-house leaders to discuss the latest trends in ethics and compliance and share their organizations’ best practices for fostering a culture of integrity. This partnership will also provide Convercent’s customers and partners with the opportunity to engage in the Summit and highlight their own programs in front of an audience of around 500 senior leaders.

The 2018 Global Ethics Summit takes place March 14th and 15th in New York City and is preceded by the 2018 World’s Most Ethical Companies Gala on the evening of the 13th.  More information on the Summit and associated activities can be found at

About Ethisphere 

The Ethisphere® Institute is the global leader in defining and advancing the standards of ethical business practices that fuel corporate character, marketplace trust and business success. Ethisphere has deep expertise in measuring and defining core ethics standards using data-driven insights that help companies enhance corporate character. Ethisphere honors superior achievement through its World’s Most Ethical Companies® recognition program, provides a community of industry experts with the Business Ethics Leadership Alliance (BELA) and showcases trends and best practices in ethics with Ethisphere Magazine. Ethisphere is also the leading provider of independent verification of corporate ethics and compliance programs, including Ethics Inside® Certification and Compliance Leader Verification™. More information about Ethisphere can be found at

Media Contact
Aarti Maharaj
Director of Communications

Is cyber risk a D&O risk?

Ethical Boardroom Feeds -

By Kevin Kalinich, Global Practice Leader – Cyber Insurance, Jacqueline Waters, Management Liability Legal & Claims Practice Leader and Chris Rafferty, US Sales & Growth Strategies Leader, Management Liability –  Aon Risk Solutions


For years, insurance industry pundits predicted that cyber-related losses could lead to directors’ and officers’ liability. Prior to 2017, that concern was largely overstated since most headlining cyber breaches resulted in dismissal of the related ‘follow on’ shareholder derivative directors’ and officers’ (D&O) litigation.

However, 2017 is a different story. The $350million Yahoo! purchase price reduction following its disclosure of massive breaches, the WannaCry ransomware incident, the NotPetya ransomware incident and the Equifax security breach have changed the paradigm. How do we know?

“Prior to suffering a cyber incident, businesses should confer with knowledgeable counsel and technology consultants to implement cybersecurity measures and compliance procedures”

1. Increased public company disclosures of cyber incidents that have a material impact on the organisations’ financial statements

2. Increased public company disclosures of potential material cyber risks[1]

3. Increased regulatory scrutiny[2]

4. Resignations of public company officers

5. The $5billion drop in Equifax market capitalisation

Cyber events now rank among the top three triggers for D&O derivative actions (along with M&A activity and environmental issues).

What are a board’s duties with respect to cyber risk management and disclosure?

On 13 October 2011, the US Securities and Exchange Commission’s (SEC) Division of Corporation Finance issued a non-binding guidance on reporting obligations for public companies regarding cybersecurity risks and cyber incidents (the Disclosure Guidance). The Disclosure Guidance recognised that the growing reliance of companies on digital technologies meant that such risks and events could be sufficiently material to investors that they may be required to be disclosed in public securities filings.

How much information is vital to investors depends a lot on who is defining what information is material and what is immaterial. Generally, according to the SEC, information is material if it ‘limits the information required to those matters to which there is a substantial likelihood that a reasonable investor would attach importance in determining whether to purchase the security registered’.

In the US, directors are held to standards of fiduciary duty, loyalty and care, with the business judgement rule as a defence against many allegations of wrongdoing. The ability to demonstrate that directors have appropriately discharged their duties often dictates the ability to successfully rebut claims made against such individuals. Outside of the US, the standard to which corporate leaders are held in many cases is higher. For example, the European Union General Data Protection Regulation (GDPR) intends to strengthen and unify data protection for all individuals within the European Union, with potential penalties of up to four per cent of an organisation’s worldwide revenues for noncompliance. All of these factors lead to significant care required of directors and officers and ensure that appropriate cyber controls are in place. It is interesting to examine recent cyber incidents and the frequency of follow-on D&O litigation in the US.

Selected cyber breaches

A brief scan of notable cyber breaches[3] in the public record includes the table (below).

Most of these matters have been dismissed with corporate defendants successfully rebutting the alleged wrongdoings. There are some lessons to be learned with regard to appropriate planning to reduce cyber risk and the successful defences asserted by corporate boards. One such example comes from the Wyndham cyber breach. In brief, a shareholder derivative suit was filed against Wyndham and its directors and officers in 2014. The suit alleged that Wyndham failed to implement adequate cybersecurity measures and disclose the data breaches in a timely manner, which caused the company to suffer damages. Ultimately, the court disagreed with the plaintiffs, citing that Wyndham and its directors and officers utilised appropriate (un-conflicted) counsel, the board investigated and took reasonable steps to familiarise itself with the allegations of the derivative demand, the board had taken prudent steps to familiarise itself with cyberattacks and had discussed the attacks at multiple board and committee meetings.

The Wyndham litigation provides several important lessons for businesses that may be subject to a cyber risk incident:[4]

1. Prior to suffering a cyber incident, businesses should confer with knowledgeable counsel and technology consultants to implement cybersecurity measures and compliance procedures. The board should document the steps taken to evaluate a company’s cyber exposures, the resulting recommendation, and, most importantly, the actions completed as a result

2. Following a cyber incident, businesses must be prepared to respond to civil legal proceedings and government regulatory inquiries and investigations. The best protection from such challenges is having a documented deliberative process resulting in formal prevention and crisis response plans that were routinely monitored

Impact to business results and financial reporting

In most situations where personally identifiable information (PII) was a prime source of the alleged breach, there was generally limited actual damage to the value of the business at hand. As of 31 December 2016:

  • 85 per cent < $1million damages
  • 10 per cent between $1million to $20million damages
  • 5 per cent > $20million damages

While PII will continue to be a prime source of cybersecurity exposure, it is expected that business interruption (i.e. supply chain), bodily injury (i.e. transportation GPS), tangible property damage (i.e. manufacturing hack and Internet of Things) and actual diminution in financial results (and, therefore, business valuation) will increasingly arise from cyber exposures. According to the 2017 Ponemon Global Cyber Risk Transfer Comparison Report:[5]

  • The impact of business disruption to cyber assets is 72 per cent greater than to property, plant and equipment (PP&E) assets
  • Quantification of probable maximum loss from cyber assets is 27 per cent higher than from PP&E
  • Organisations valued cyber assets 14 per cent more than PP&E assets
  • Organisations insure on average 59 per cent of PP&E losses, compared to an average of 15 per cent of cyber exposures

Growing impact of cyber assets and exposures

Yahoo!  The Yahoo! cyber breach, in which more than three billion user accounts were impacted, led to a material impact to deal valuation and significant repercussions for Yahoo! leadership:

  • Verizon Communications Inc. acquired Yahoo! Inc.’s internet properties at a $350million discount after revelations of security breaches
  • Yahoo! general counsel Ronald Bell has left the company after an investigation of security breaches
  • It was found that the legal team had enough information to warrant further inquiry but didn’t sufficiently pursue it[6]
  • Yahoo! chief executive officer, Marissa Mayer, has foregone her annual bonus, due to the breach

NotPetya  In June 2017, A.P. Moller-Maersk,[7] Mondelez,[8] Reckitt Benckiser,[9] Merck,[10] DLA Piper Law Firm[11] and DT Express, a FedEx subsidiary based in the Netherlands,[12] among other organisations, announced that the NotPetya virus had crippled supply chain operations.

The malware, disguised to appear as a ransomware attack, wiped the computers’ data instead. FedEx Corp. estimates it took a $300million hit from the late June cyberattack that started by targeting Ukrainian companies and spread globally, particularly affecting FedEx subsidiary TNT Express.

The attack resulted in a significant business interruption and financial impact. According to FedEx CFO Alan Graf: “The impact from lost revenues was and continues to be more heavily weighted toward our higher-yielding international shipments, resulting in a more pronounced impact on profits. It is taking longer to restore our international business due to the complexity of clearance systems and business processes.” Unfortunately, as FedEx explained to investors, the company did not have a cyber policy in place that would cover this type of attack.

Equifax13  Equifax announced that its CEO, Richard Smith, had retired following similar retirements by its top information security executives, the chief information officer and chief security officer. The market has continued to punish Equifax shareholders. The company’s market capitalisation was down nearly 30 per cent or about $5billion. As of 21 September 2017, more than 100 lawsuits had been filed, including shareholder derivative litigation against the directors and officers, some of whom sold stock between the 29 July 2017 date of discovery of the breach and the 7 September 2017 public disclosure of the incident.

Each of these instances – Yahoo!, NotPetya and Equifax – are examples of the evolving business impact resulting from cybersecurity breaches and the financial reporting considerations that follow. In each of these recent incidents, companies either had to disclose the materiality of the cyber breach as it relates to their financial reporting, or publicly reference the impact to future earnings and business operations resulting from the breach

“The brave new world of cybersecurity and the need for board-level focus on risk assessment, quantification, testing, mitigation, transfer and response, demands that corporate leadership cannot be complacent”

Going forward: be proactive

The brave new world of cybersecurity and the need for board-level focus on risk assessment, quantification, testing, mitigation, transfer and response, demands that corporate leadership cannot be complacent (see AON Framework, right). A number of realities have emerged from recent cyber incidents that corporate leaders should consider, including the following:[14]

1. Cybersecurity presents equal, if not more, risk than financial reporting failure and should receive the same level of oversight and audit

Organisations formulating their cybersecurity oversight need look no further than the current chief financial officer oversight paradigm for financial accounting and reporting. Organisations should establish governance procedures to oversee a corporation’s cybersecurity wellness substantially similar to those that have proven effective and sufficiently flexible to assess and validate financial statement accuracy and reliability.

2. Financial reporting related to cybersecurity is an increasing concern

While the disclosures required are a matter of regulation and statute, investors’ and regulators’ expectations about information to be disclosed evolve over time and the recent emergence of cybersecurity concerns are driving changes with regard to disclosure expectations.

3. Insurance as an effective risk reduction tool

As a general matter, D&O policies have responded effectively to cyber-related litigation. Cyber insurers are evolving with broader coverage and greater capacity to address the growing cyber threat. Property, general liability, crime (i.e. social engineering funds transfers), K&R (i.e. ransomware), EPLI and professional liability insurance programmes may also provide elements of risk transfer protection from cyber exposures.

A comprehensive cyber risk management programme can help serve to effectively achieve positive insurance programme results, aim to reduce an organisation’s cyber exposure and ultimately lead to a more resilient organisation


While there’s never been a more challenging time to be a director or officer given the intersection of information technology and corporate governance, there has never been a more exciting time to provide risk management advice given the growing complexity of risk. Insurance, both cyber and D&O, can be core compoPullnents of a company’s risk mitigation efforts. A well-crafted insurance programme can help maximise the recoveries available, both in efforts to remediate corporate breaches as well as to help protect the insured organisation’s and individual directors’ assets.


About the Authors:

Kevin Kalinich, Esq. – Global Cyber Insurance Practice Leader, Aon Risk Solutions. Following his career as a technology attorney and running an “Internet of Things” company, Kevin leads Aon’s global practice to identify exposures and develop insurance solutions related to technology errors and omissions, professional liability, media liability, network risk and intellectual property. He is a five time Risk & Insurance “Power Broker” and is a consistent source of expertise for numerous media publications, including the insurance chapters for three cyber books, as well as a frequent speaker on professional liability topics. Kevin earned a Mathematics and Economics B.A. from Yale University and a Juris Doctor from the University of Michigan.

Jacqueline A. Waters – Co-Practice Leader of Aon Risk Solutions’ Financial Services Group Legal and Claims Practice. Jacqueline Waters is the managing director and co-practice leader for Aon Risk Solutions’ Financial Services Group Legal and Claims Practice. Her expertise lies in management liability and cyber risks, including D&O, EPL, fiduciary, and certain E&O coverages. Her team serves as claim advocates and assists clients in interpreting carriers’ coverage positions, attending mediations and negotiating resolutions to coverage disputes. Ms. Waters, who is based in Chicago, has been with the firm for over a decade. She earned her Bachelor of Science degree in Music Education from the University of Minnesota and is a graduate of Northwestern University School of Law.

She is a member of the Chicago Bar Association and the Professional Liability Underwriting Society.  She is a regular speaker at industry events and conferences on management liability and cyber liability.

Chris Rafferty –  Managing Director and U.S. Sales & Growth Strategies Leader for Aon’s Financial Services Group. In this role, Chris is responsible for serving some of Aon’s largest FSG clients as well as driving growth strategy, collaboration and best practices across all of FSG’s specializations, including Management Liability, Professional Liability, and Transactional Liability. Prior to Aon, Chris was with Lincoln International, a Chicago-based mergers & acquisition investment bank. He earned a Bachelor of Science degree from University of Evansville and a MBA from Harvard Business School. He was recognized as a 2016 Power Broker and a 2016 Rising Star by Risk & Insurance magazine


1. A July 26, 2017 Bloomberg article entitled Corporate Cyber Security Risk Disclosures Jump Dramatically in 2017 reports that “more public companies described ‘cybersecurity’ as a risk in their financial disclosures in the first half of 2017 than in all of 2016, suggesting that board fears over data breaches may be escalating.”

2. Newly appointed SEC chair Jay Clayton has emphasised that disclosure requirements extend to cybersecurity issues, stating that “public companies have a clear obligation to disclose material information about cyber risks and cyber events. I expect them to take this requirement seriously.”  (July 12, 2017),

3. Multiple SEC filings:

4. Bracewell, Lessons for Corporate Directors from the Wyndham Data Breach Derivative Action

5. 2017 Ponemon Global Cyber Risk Transfer Comparison Report:

6. Brian Womak, Yahoo! Counsel Leaves After Hack Investigation Finds Lack of Action





11.; 3 Lessons For Firms After Cyberattack on DLA Piper

12. 7/17/2017 SEC 10K Filing, pg 43

13. Equifax Press Release, Equifax Announces Cybersecurity Incident Involving Consumer Information (Sept. 7, 2017),

14. David R. Fontaine and John Reed Stark, Yahoo’s Warning To GCs: Your Job Description Just Expanded

Sillaman and Bernardi: Italy steps up whistleblowing regulation

The FCPA Blog -

Since 2001, private Italian companies have been encouraged -- through legislative initiatives -- to adopt and implement robust compliance programs. Legislative Decree No. 231 of June 8, 2001 (commonly referred to as “Law 231”) allows private companies that chose to adopt specific compliance programs and mechanisms to avoid corporate liability where certain offenses are committed in the interest of the corporation by its directors or employees.

Across the Board-Episode 12, Prudent Discharge of Board Compliance Obligations

FCPA Compliance & Ethics -

I. Legal Requirements of the Board Regarding Compliance A. Case Law As to the specific role of ‘Best Practices’ in the area of general compliance and ethics, one can look to Delaware corporate law for guidance. The case of In Re Caremark International Inc. was the first case to hold that a Board’s obligation “includes [...]

The post Across the Board-Episode 12, Prudent Discharge of Board Compliance Obligations appeared first on Compliance Report.

Remuneration practices in 2017

Ethical Boardroom Feeds -

By Fabio Bianconi – Director at Morrow Sodali




Executive remuneration is increasingly perceived by stakeholders as a window into how the board sets the strategy and how it motivates management.

The say-on-pay votes have thus assumed greater importance. Remuneration policies and practices are required to be in line with the business strategy and not encourage risk-taking. The engagement between companies and investors is still a key driver for the development of sustainable remuneration practices and long-term value creation.

USA and Australia

For companies belonging to the S&P 500, support levels in 2017 remained consistent with 2016 – 91.8 per cent average in 2017 (v. 91.4 per cent in 2016) and a median of 95.2 per cent in 2017 (v. 95.3 per cent in 2016). Pay for performance misalignment, magnitude of pay and ‘rigour’ of performance goals (i.e. how the compensation committee sets performance targets) under incentive schemes are the predominant themes for adverse proxy advisory firm vote recommendations and low support on 2017 say-on-pay. A total of 449 proposals had been voted up to 31 July 2017 and only four proposals failed (0.9 per cent in total). While the average support level on the proposals that passed was 91.8 per cent, the median was notably higher at 95.2 per cent.

Comprehensive disclosure on shareholder outreach, engagement discussions, actions taken (or to be taken) in response to ‘low support’ are expected to avoid potential negative vote recommendations against compensation committee members. If the issue persists, the full board may be held accountable.

With the exception of blind followers of ISS and Glass Lewis, institutional voting on say-on-pay is usually case-by-case. Early planning, year-round engagement to foster relationships with shareholders whose support may be needed in the future, comprehensive disclosure and effective communication of a company’s business strategy and its link to executive compensation and corresponding pay decisions are essential in garnering support.

Historically, proposals on incentive plans typically have not received the same level of attention, scrutiny or opposition as say-on-pay proposals – and that continued to hold true in 2017. A total of 120 proposals have been voted upon through to 31 July 2017.

Proxy advisory firm evaluations and vote recommendations are driven primarily by the size of the new share request and associated cost to shareholders, along with a company’s three-year average burn rate. Despite ISS adopting the Equity Plan Scorecard model beginning with the 2015 proxy season in an attempt to make the evaluation process more ‘holistic’ (i.e. take plan features and grant practices into consideration in addition to cost and burn rate), the primary driver for negative vote recommendations continues to be predominantly based on the shareholder value transfer cost and three-year historical share utilisation rate. Companies typically engage with shareholders on use of equity in the context of executive compensation and say-on-pay rather than exclusively on a company’s equity plan.

In Australia, the ‘two-strikes’ rule was introduced in 2011 to increase directors’ accountability beyond executive pay. The entire company board can face re-election (within 90 days) if the remuneration report receives two  strikes in a row (at least 25 per cent level of discontent). Among the top 180 Australian listed companies only 12 companies did not exceed the 75 per cent hurdle.


The United Kingdom is the highest performing country in which the average level of approval of the remuneration report is 92.9 per cent and reaches the 94.9 per cent threshold in relation to the binding vote on policies (that takes place every three years).

In France, as a result of the enforcement of the Sapin 2 Act, an increased level of transparency and explanations from issuers on executive remuneration has been noticed, notably pay-mix, benchmarks and rationale for the choice of the performance metrics driving variable remuneration components. However, this headway on transparency did not lead to a significant improvement in the average ex-post say-on-pay scores at SBF120 companies (average approval of 89.1 per cent v. 88.7 per cent in 2016). We even noticed a reduction of the average approval score at CAC40 companies compared to 2016. Indeed, proxy advisors and institutional investors have taken stricter stances on executive remuneration packages, placing greater focus on pay for performance alignment.

In the opposite direction, there is an increasing trend in the average scores of equity incentive schemes (authorisations to issue stock-options and performance shares). This development is likely due to greater transparency from issuers on the performance conditions tied to the equity awards in response to institutional investors and proxy advisors’ requests. While ex-ante disclosure on the performance targets is still scarce, issuers are becoming more explicit on the performance targets tied to past equity awards, or at least on the level of achievement thereof.

The 2017 scores also show that proxy advisors and institutional investors’ requirements on post-mandate arrangements in favour of executives are becoming stricter. The higher level of dissent may notably be explained by proxy advisors’ growing scrutiny of the methods used for the computation of rights under defined-benefit pension schemes, and continued concern regarding the performance conditions triggering executives’ entitlements to severance payments, on a ‘no pay for failure’ basis.

In Spain this year, the median investor support for remuneration reports across the IBEX 25 is 86 per cent, broadly in line with 2016. LTIs are increasingly better-aligned with international best practice and, therefore, institutional investors and proxy advisors are focussing more on specifics. But issues persist and namely pertain to disclosure on peer group composition for relative (e.g. TSR) metrics, targets and degree of achievement thereof. The implementation of qualitative metrics lead to another common issue related to discretionary power of boards in awarding bonuses. Investors are increasingly placing more attention on targets that are claimed to be ‘sufficiently challenging’. This is especially the case with relative metrics (e.g. TSR), which entail peer groups, normally expecting that there is no vesting/pay out in the case of performance below the median.

Among the 25 FTSE/ATHEX large cap companies in Greece, say-on-pay still remains relevant only to the very few companies headquartered outside of Greece. Of those having dual listings in the UK and/or Switzerland, we note a slight increase in approval (from 92.5 per cent in 2016 to 98.8 per cent and 99.2 per cent in 2017), suggesting an increased awareness of issuers in aligning their pay for performance practices.

Germany is the lowest performing country where there is still no obligation to present the say-on-pay resolution for shareholders’ vote. The average support for those companies that voluntarily submitted the remuneration policy in 2017 was 69 per cent.

“Early planning, year-round engagement to foster relationships with shareholders whose support may be needed in the future, comprehensive disclosure and effective communication of a company’s business strategy and its link to executive compensation and corresponding pay decisions are extremely essential in garnering support”

In Italy the level of support for remuneration policies slightly decreased from 91.5 per cent in 2016 to 88 per cent in 2017. A more in-depth analysis, which refers only to minority shareholders, however, reveals that in 2017, only 70.6 per cent approved remuneration policy reports, while the remaining voters dissented.

The major issues identified in 2017 essentially referred to the level of severance payments and the absence of transparency in the definition of the performance metrics for variable incentive plans. The main companies have undertaken structured engagement programmes (with proxy advisors and institutional investors) in order to understand their evaluation metrics to the fullest and to improve alignment with international best practice where needed.

The involvement of HR departments in engagement can be now considered a solid practice and contributed to a better understanding of institutional investors on the peculiarities of local compensation practices.


While shareholder engagement on compensation resolutions has historically come into play during proxy campaigns only as a result of negative voting recommendations from proxy advisory firms, good disclosure and early communication with top holders should be set as a company’s strategy to demonstrate alignment with long-term shareholder interests and to mitigate future shareholder concerns.


About the Author:

Fabio Bianconi is Director at Morrow Sodali, a global leader in corporate governance consulting, shareholder and bondholder transactions and institutional investor relations. He is focusing on helping companies to enhance communications with their stakeholders and third-party opinion-makers and to analyze their current practices in light of the current corporate governance landscape and their own business developments. Mr. Bianconi also assists companies in designing compensation related proposals and remuneration policies. During his career he has specialized also in capital markets regulation, activism, merger & acquisition, cross-border standard-setting providing expertise in both corporate and shareholder perspectives.

Mr. Bianconi has a strong experience in providing advice/consultation, educational sessions on specific governance related issues to boards, senior management, AGM planning groups and investors. Prior to joining Morrow Sodali, Mr. Bianconi served as Head of Corporate Governance Advisory at Georgeson and corporate governance analyst for ISS Proxy Advisory Services. He has also served as researcher at Financial Times Idc a leading international supplier of financial market and company information services to the finance, banking, corporate and government sectors. Fabio Bianconi has a degree in Political Science and a Master in International Affairs and Finance. He currently sits on the Ethics and Systemic Risk Committee at the International Corporate Governance Network (ICGN)


Joseph Pozsgai-Alvarez: The Quest for a Unified Theory of Corruption

The FCPA Blog -

Writing from 2018, it seems rather unnecessary to keep opening academic articles on corruption by introducing the reader to its social, political, and economic significance—the phenomenon is today so ingrained in popular scholarly thought that there is hardly an individual who needs to be convinced about the position of society at large in regards to public and private malfeasance.

A smarter way to corporate governance

Ethical Boardroom Feeds -

By Cristina Ungureanu – Head of Corporate Governance, Eurizon Capital



It is increasingly acknowledged that successful and sustainable businesses are not just good for the economy, they support the wider society by providing jobs and helping to create prosperity, too. Society wants evidence that companies exist for more than simply generating short-term profits and expectations are for corporate governance principles to enhance confidence that companies act in the public interest.

This has been an emerging mood across global economies, in the belief that sound corporate governance significantly influences the perspectives of organisations and makes them catalysts for improved societies.

The future of corporate governance is clearly marked by several social trends that have been taking place globally. ESG (environment, social and governance) and technology are fast-growing topics and may be the ones most impacting corporate governance.

ESG The focus on ESG as a means to creating sustainable value is on the rise. Socially responsible investing has become an important consideration for a growing number of investors, while ESG issues become more thoroughly integrated with company business as a whole. The aspect that is still elusive and is currently on the agenda of companies and investors, is how we can all leverage capital markets to improve not just risk-adjusted returns, but our society as a whole. In other words, how can ESG integration help create sustainable value? An appropriate corporate governance surely holds answers to this.

Technology Today, innovation is all around us. The Internet of Things (IoT) is the driving force behind the latest digital trend of improving everything in our society, and so making our lives ‘smarter’. Organisations whose leadership is able to understand the nature of these challenges and has the temperament to embrace it will have a meaningful advantage in the increasingly technological future.

Smart investors and smart companies

We seem to be living in the era of ‘smart’ – we have smart phones, we use smart cars and some of us are or will be soon living in smart cities. The smart part sits at the very core of economics and society – it empowers the community to make better choices for its future. Given these societal trends, it may be the time now in the corporate world to speak about ‘smart corporate governance’: smart investors, smart companies, smart boards of directors, smart principles.

“The future of corporate governance is clearly marked by several social trends that have been taking place globally. ESG and technology are fast- growing topics and may be the ones most impacting  corporate governance”

The changing landscape of corporate governance is stimulated by increasingly more responsible, more powerful and vocal institutional investors. Responsible investing and stewardship has gathered momentum across the world in the past decade, as we as investors look for financial returns while helping to achieve a positive impact on the world around us.

The rising voices of the investor community relates to the impact that investors have on company boards. Just by looking at the main takeaways from the 2017 AGM season, one can observe the evolving policies of voting and engagement of many institutional investors on ESG matters. Among all the shareholder proposals on the US AGM agendas, almost 60% are ESG-related proposals. Consequently, the newest and perhaps most important board risk oversight expectations are being elevated by investors, calling on executives and boards to spend more time and effort directing and overseeing long-term value creation for shareholders and stakeholders.

Companies, too, have new ways of doing things: the shift from a ‘linear’ to a ‘circular’ way of doing business will be one of the medium- and long-term goals of several companies, also through the development of new technologies. Companies are making more efforts to understand what part of their value chains are associated with the main environmental and social impacts, as well as the magnitude of such impacts.

From our investor perspective through monitoring and engagement, we can positively observe the fact that company boards are listening and are acting upon our suggestions and expectations. For example, many boards are adjusting their composition in response to investor requirements for specific skills, i.e. adding ESG skills, cyber skills, international experience or diverse members, refreshing the boards or, in some cases, even asking certain members who did not perform accordingly to step down.

Even traditional corporate governance issues, such as executive remuneration, are evolving to meet the alignment, not only with performance or shareholder interest, but also with stakeholder interest. As investors, we are encouraging companies to approach remuneration from a wider angle and many companies are responding or are proactive in this regard. Financial performance no longer makes up the only metric for setting executive pay; non-financial, discretionary metrics are starting to become part of the pay policies. Tying company integrity, ethics, diversity, employee or customer satisfaction and ESG conduct to executive pay is becoming best practice.

Smart boards of directors

The fast pace of change raises major issues for company boards of directors – how to achieve a balance between oversight and accountability on the one hand, while ensuring innovation and dynamism on the other. The focus of a smart board will be on ensuring that the business creates value for the company, its shareholders and stakeholders, while achieving its goals under conditions of uncertainty and unpredictable competition.

The smart board is fit for the future, is forward-looking with regards to future commercial and industry contexts, seeking to understand the driving forces that are impacting on the business. Many companies are looking not only to long industry experience, but for first-time directors who demonstrate good judgement, intellectual agility, knowledge of technology or digital and the ability to deal with complexity and fast-changing marketplace challenges.​ And, as fresh faces enter the boardroom, more attention will be paid to director onboarding, an area of corporate governance that has been underserved for some time now.

For years we have been talking about tone at the top, but this is no longer sufficient for a lot of companies. New risks, such as disruption, reputation risks or conduct risks, are determining several boards to start asking questions about the company’s tone at the bottom, about the company culture. These boards want to ensure that the tone that they set permeates through the entire organisation and that the tone of their company not only flows down but also flows up to the board, for example through organisational training, induction and through appropriate whistle-blowing procedures.

Things are also evolving with board committees. The traditional standing board committees – nomination, remuneration and audit – are no longer the only norm. Many boards are getting creative and setting up new special committees, as an increasing way for boards to be more efficient. These are generally a reflection of the environment and trends we are experiencing, such as technology, cybersecurity, climate change, social care. There are no limits to creating specialised committees and some are given unique nomenclature: from sustainability committee or technology & innovation committee, to environmental & safety committee to strategic planning or quality committees. In many circumstances these are not just special committees, but are chartered committees, which is an approach that we investors expect in order to understand the role and functioning of these new bodies.

Traditional board committees have also evolved, particularly as to their role and composition. The criteria for committee chairs has become an important challenge for the overall board composition. We have already seen this approach with the audit committee requiring financial experts as members. For the remuneration committee, a unique skill-set focussed on remuneration or employee issues is now becoming desirable, as well as an expectation from the investor community who will look to discuss remuneration plans with committee members rather than with the company’s human resources department. The risk committee in certain companies may also call for cyber or technology expertise because of these emerging corporate risks, placed high on board agendas.

Smart corporate governance principles

Corporate governance is indeed evolving to meet the changing needs of the society. The ‘new’ corporate governance seems to suggest that sustainability aspects (such as environmental matters, social and employee-related matters, human rights concerns, anticorruption and bribery) have a relevant impact on the business and should be considered in the definition of the risk profile and strategic objectives of a company. The definition of corporate governance is moving beyond ‘rules’ and ‘processes’ towards corporate culture, vision and responsibility, placing long-term value creation at centre stage.

Several corporate governance codes and principles have been updated across the globe in recent years and the main reason was to adjust them to the pace of the society. While keeping consideration for the context of the individual jurisdiction, society and culture have been firmly positioned as a common change agent in many of these reviews. The new codes also place more focus on transparency by the companies, to ensure there is no loophole and the preference – driven also by investors – is for simplicity rather than complexity of governance and its disclosure. The value of ‘comply or explain’ has been acknowledged and enhanced by most countries in the past years.

Looking at the principles that have marked the developments in corporate governance globally, one of the chapters of the recently revised OECD (Organisation for Economic Co-operation and Development) Corporate Governance Principles is actually dedicated to the role of stakeholders in corporate governance. This chapter outlines the benefit of active co-operation between corporations and stakeholders and underlines the importance of recognising the rights of stakeholders established by law or through mutual agreements. The chapter also supports stakeholders’ access to information on a timely and regular basis the possibility to obtain redress for violations of their rights.

In Italy, the most recent amendments of the Italian corporate governance code (which has in time inspired also legislative reforms of the national corporate law) covers different areas, including sustainability, a board’s approach to risk and the focussed role of the nomination committee. The code expands the role of the board of directors with reference to the sustainability of the business; the company risk profile is to consider also the risks that may be relevant for the sustainability of the business activities in the medium to long term. To further stress the importance of the sustainability matters for a good corporate governance, the code recommends relevant issuers (i.e. issuers included in the FTSE-MIB index) to consider setting up a committee having the task to supervise sustainability issues related to the relevant business and to its interactions with all the stakeholders. The Italian code also introduces the importance of a whistle-blowing system at relevant issuers within an adequate system of internal control and risk management.

The most important change introduced by the revised Dutch corporate governance code is placing long-term value creation centre stage, requiring executive and supervisory directors of Dutch companies to act in a sustainable manner by making deliberate choices on the sustainability of the strategy in the long term. Even more than previously, the code is predicated on personal responsibility on the part of management board and supervisory board members, the provisions being formulated in a principle-based way as much as possible, so that executives and directors are encouraged to find an appropriate way to fulfil their responsibilities. Notable, one of the principles in the code specifically states that the board is responsible for shaping a culture that is aimed at long-term value creation.

The most recent South African King IV report on Corporate Governance has advanced from the ‘apply or explain’ principle of the earlier King III report to ‘apply and explain’. Practically this means that companies are required to take measures to achieve the principles, but also to explain measures and their results. With the drafting of King IV, changes were effected to the code in order to present very clearly its contribution to organisational value, advocating that an organisation defines its role and purpose to create value not only for itself and its shareholders but also for all stakeholders. Clearly, the code in its revision has considered the realities of the South African landscape at country level, including  socio-economic inequality, economic and political instability, and skills shortage.

“Corporate governance is evolving to meet the changing needs of the society. The ‘new’ corporate governance seems to suggest that sustainability aspects have a relevant impact on the business and should be considered in the definition of the risk profile and strategic objectives of a company”

The US Commonsense Corporate Governance Principles published in 2016 were actually drawn up by large investors (not by market authorities or industry associations as in other countries). The aim was to create a logical reference piece and baseline principles that companies should follow in order to meet investor expectations. The most important message coming out of these principles is for the boards to think long term, as many international institutional investors are also committing their investment in companies long term.

Looking at Brazil, because of the strong legal framework and the force of the public prosecutors, it is not uncommon for companies in the country to face public civil actions in the case of ESG-related violations; and we’ve seen several recent cases. The new Brazilian Code issued in 2015 accommodates these issues and sees the role of directors evolving: becoming more proactive rather than reactive, focussing on the long term rather than on the short term, considering intangibles rather than tangibles, having a broad vision about the role of the company in the society and consider stakeholders rather than just shareholders.

Asia is also aligning, albeit slowly, to the global pace of corporate governance reforms. In Japan, a corporate governance code that took effect in 2015 seeks to make companies more transparent and responsive to shareholders, also giving consideration to the increase in foreign investments in the country. According to the Council of Experts Concerning the Corporate Governance Code of the Japanese FSA, ‘the code seeks growth-oriented governance (and) promotes timely and decisive decision-making based upon transparent and fair choices through the fulfilment of companies’ accountability in relation to responsibilities to shareholders and stakeholders’.

Most recently the reforms revealed by the UK government in 2017, which will impact the UK Corporate Governance Code, aim to create ‘efffective system of corporate governance which incentivises business to take the right long-term decisions’ through greater stakeholder participation, fairer executive pay and superior governance in private companies. The emphasis is on strengthening stakeholder voices in corporate decisions.

Interestingly, too, other countries that do not have a corporate governance history have put forward certain principles that are quite unique and that we may expect to find within future revisions of other countries’ codes. For example, in Pakistan the State Bank of Pakistan (SBP) has been developing a framework on ‘enterprise technology governance and risk management in financial institutions’ with a vision to provide baseline technology governance and risk management principles to the financial institutions. As part of the governance framework, SBP has mandated financial institutions to have a board IT committee with a minimum of three directors as its members, one of whom shall be an independent director and at least one member shall have relevant qualification or experience of IT.

All these approaches are marking a forward-looking corporate governance, an effective way to implement it for the future of our society: a smart corporate governance.

Smart approach

What is relevant for the recent global corporate governance codes and principles is that the new reforms are timely, addressing two crucial audiences: shareholders and stakeholders. They will respond to investor long-term interests, being complemented by the stakeholder interest, approaching the issues of governance with a view to companies’ broader role – as being responsible towards investors, employers, customers and as a force in society. Culture and ethics are also key aspects of the ‘new’ corporate governance principles and standards.

Nevertheless, while development of new frameworks for corporate governance are centred around the delivery of purpose and long-term value, companies do not need to wait for legislation or redrafted codes to act. Companies now have wide stimulus, from both investors and from society, to evolve governance reforms.

The challenge should not be underestimated but opportunities should not be underestimated either. Evidence shows that focussing on long-term value creation and treating stakeholders responsibly leads to superior long-term shareholder returns. So, across the world, it is in a company’s interest to outclass and be the driver in sustainable wealth creation.


About the Author:

Cristina Ungureanu is Head of Corporate Governance at Eurizon Capital SGR, the asset management company of Intesa Sanpaolo Group. She is responsible for Corporate Governance and Stewardship, being actively involved in Eurizon’s responsible investment approach and promoting sound corporate governance practices at investee companies.

Before her role in Eurizon, she worked in international corporate and academic environments in South Africa, United Kingdom and Italy, providing high-level corporate governance consulting and research to a diverse range of institutions.

Cristina started her career with Georgeson Shareholder Communications in Johannesburg as Key Foreign Account Executive and Director Corporate Advisory, five years later moving to London as Head of Corporate Meetings at Computershare Investor Services. Her London experience continued as Senior Associate Investor Relations with Taylor Rafferty, a US investor relations consultancy.  In 2007 she moved from UK to Italy, working in Genoa and Milan as consultant and research coordinator for various international corporate governance projects. She collaborated, among others, with the European Corporate Governance Institute, the University of Genoa and of Pavia, the Italian Association of Listed companies, the European Commission and the European Parliament.

Between 2012 and 2015, Cristina held the role of Senior Consultant at Crisci & Partners, an independent professional firm specialized in Board Governance consulting, and afterwards was appointed Head of Corporate Governance Advisory of Sodali, a global corporate governance and shareholder services consultancy. Cristina holds a Bachelor Degree in Economics and Business Administration, a Master’s Degree in International Affairs and a PhD in Finance and Banking. She is author of several publications on corporate governance and financial regulation and is often invited at international conferences to present on related topics.

Boardroom investment and engagement in Japan

Ethical Boardroom Feeds -

By Yoshikazu Maeda – Head of Responsible Investment, GO Japan



Japan has the third largest economy in the world and its stock markets account for about  eight per cent of global equities, the second largest after US markets.

On one hand, the country might be known for its slowness to change and its sluggish growth over the past 20 years. However, on the corporate governance and investor stewardship fronts, Japan has been through drastic changes since Mr Abe became the Prime Minister in 2012.

Investor stewardship and corporate governance reforms have been one of the top economic agenda items under his administration and one of the most successful that he has implemented in recent years. The government introduced the Stewardship Code in February 2014 and the Corporate Governance Code in June 2015. The Stewardship Code was then revised in May 2017 to further promote investor stewardship. These initiatives are framed in the context of promoting sustainable growth of Japanese companies. It’s a unique aspect of the reform in Japan as in other countries corporate governance and stewardship reforms are often implemented against the background of corporate scandals.

Outside influence

This series of policy measures had significant impacts on Japanese corporates and investors. For example, 45 per cent of companies listed on the First Section of the Tokyo Stock Exchange had no outside directors on their boards in 2012. Currently, nearly all companies in the section have adopted outside representation on their boards and on average around 30 per cent of the board members are outsiders. Another example is that the number of companies  removing poison pills each year is increasing. There are clear signs that companies are responding to investors’ engagement and the Corporate Governance Code.

In the meantime, investors are stepping up stewardship activities in response to the Stewardship Code. More than 200 institutional investors have now signed up for the code and disclose their statement on stewardship responsibilities on their websites. Our firm, Governance for Owners Japan (GO Japan), has been engaging with Japanese companies on behalf of institutional investors since 2007 and is one of those signatories.[1]

Our first-hand experience over 10 years is that the environment of investor engagement has never been more favourable for investors; companies are more open to dialogue with investors and the two codes provide a common ground for dialogue. At the same time, investor engagement sheds light on some challenges and opportunities for investor stewardship in Japan. This article elaborates on the capability of investors to conduct investor engagement as a challenge and the use of collective engagement as an opportunity.

Institutional investors

While Japan’s Stewardship Code has many principles in common with the UK Stewardship Code the Japanese version has its uniqueness in principle seven. This says ‘institutional investors should have in-depth knowledge of the investee companies and their business environment and skills and resources needed to appropriately engage with the companies and make proper judgments in fulfilling their stewardship activities’. In short, it requires investors to achieve a deep understanding of the company’s business and business environment. However, statistics show that there is a large gap between what the code envisages and the reality.

“There has been a huge demand particularly from non-Japanese institutional investors for collective engagement in Japan and the revised Stewardship Code now makes it clear that collective engagement can be beneficial under certain circumstances”

According to a survey done by the Life Insurance Association of Japan, where the association sent questionnaires to 1,088 listed companies and received responses from 572 of them, 37.4 per cent of respondents said that investors’ analysis and understanding of the company is shallow.[2] The survey also found that 53.8 per cent of responded companies thought that investors’ dialogues are based only on short-term themes. Investor engagement is expected to contribute positively to the sustainable growth of investee companies, but a large number of companies see the expectation as unmet.

This is a flipside of the reality that investors are not experts in managing businesses and their knowledge about each business is always less deep than that of corporate managers. Also, stewardship and engagement activities only started for many investors around three years ago. The investor community should be able to do better with more experience. We believe that investors can provide a different perspective to corporate management given that they look into companies across different sectors. In our experience, companies often appreciate those different perspectives if they are keen to learn about good practices in other companies and if those suggestions are made in a supportive way.

Now onto the opportunity. There was one aspect that the original Japan Stewardship Code omitted that is included in the UK Stewardship Code; it is that UK investors are encouraged to engage collectively. On the other hand, there has been a huge demand particularly from non-Japanese institutional investors for collective engagement in Japan and the revised Stewardship Code now makes it clear that collective engagement can be beneficial under certain circumstances. In fact, collective engagement has not been prohibited. However, under Japanese financial regulations, if institutional investors together make important suggestions to companies in carrying out an investor engagement or in exercising their vote and if they are regarded as a concert party, they as a group will face stricter disclosure rules in reporting large shareholdings. Therefore, if large investors intend to engage with companies collaboratively, they risk being subject to the more stringent disclosure requirement. It therefore appears to be practically prohibitive for institutional investors to carry out collective engagements at the present time.

Get involved

Governance for Owners Japan has provided an engagement platform for institutional clients so that they can implement quasi-collective engagements within the current regulations. We therefore understand from our experience that it is sometimes beneficial to engage with companies on behalf of multiple investors. In my view, it is desirable for collective engagement to be more practically usable.

Asian Corporate Governance Association releases its CG Watch Report to summarise the corporate governance environment across Asian countries every two years. In its latest publication in 2016, the association described the Japanese situation as ‘the
hard work begins’.[3] I presented above a challenge and an opportunity that investor stewardship in Japan faces among others. These are still work in progress and we have yet to see how they develop.

As to the challenge, investor stewardship and engagement have just started and if investors can add to their experience, the challenge can be resolved; in other words, time may ease the current difficulty. This is consistent with our experience as our capacity to gain trust from corporate management and to achieve engagement objectives has increased gradually over around five years in a J-shaped curve.

As to the opportunity, it requires much harder work by investors if it is to be captured. The stricter disclosure regulations in place were introduced because some activist funds had abused the then disclosure framework and surprised company managements when they suddenly appeared on the share register as a large shareholder. Thus, it is not easy for the regulations to be reversed, given the expected negative reaction from companies to such a proposal.

In fact, the challenge and opportunity might be closely linked. It is now investors’ turn to show that their engagement adds value to corporates and enhances sustainable growth of  companies. Then, companies will view investor engagement and even collective engagement more favourably. Also, regulators could be more willing to make the regulations more practical if given evidence of the benefits of investor engagement.

The government is pressing corporate governance reform and Government Pension Investment Fund, the world’s largest asset owner, encourages stewardship activities by its external asset managers; the trend of investor stewardship in Japan therefore appears irreversible. From now on, investors have to focus on improving the quality of their stewardship activities; this will create a virtuous cycle. I am optimistic that investor engagement in Japan can only get better and there is nothing to lose.


About the Author:

Yoshi joined GO Japan in October 2009 and is Head of Responsible Investment, GO Japan. He leads engagement programmes for clients under Japan Engagement Consortium. Prior to joining GO Japan, Yoshi was a sell-side analyst at Goldman Sachs covering the Japanese banking sector. He also worked at the Financial Services Agency in Tokyo. He holds a Masters in Finance with distinction from London Business School as well as a Bachelor of Law from University of Tokyo. Yoshi is one of contributing authors to “21st Century Engagement” by BlackRock and Ceres.”


3. Asian Corporate Governance Association, CG Watch 2016, September 2016

BRINK’s Top 5 Environmental Risk Stories of 2017

BRINK News -

Environmental risk factors must be top of mind for executives today as they are increasingly called upon to shield their organizations from threats associated with the natural world.  

From questions about how society should respond to the challenges of climate change to concerns about disruption within the transportation, shipping, and energy sectors, 2017 provided no shortage of inputs in the evolving conversation on environmental risks.  

Here is a recap of BRINK’s top five stories about environmental risk, which ranged in subject from an analysis of Germany’s plans electric cars and renewable energy to the vast potential of fusion power.

The Surprising Effects of an All Electric-Car Society

In October 2016, the Bundesrat—Germany’s upper legislative chamber—called on the country to support a phase-out of gasoline vehicles by 2030. The resolution isn’t official government policy, but even talk of such a ban sends a strong signal toward the country’s huge car industry. So, what if Germany really did go 100 percent electric by 2030?

Instinctually, one might assume that replacing regular petrol vehicles with electric cars would cut the carbon footprint. But it isn’t that simple, explains Dénes Csala, a lecturer in Energy Storage Systems Dynamics at Lancaster University.

An electric car running on power generated by dirty coal or gas actually creates more emissions than a car that burns petrol, writes Mr. Csala. For such a switch to actually reduce net emissions, the electricity that powers those cars must be renewable. And, unless things change, Germany is unlikely to have enough green energy in time.

The Danger Lurking in the Hotter Cities of the Future

Since 2000, more than three quarters of Americans reside in cities, and cities have grown both up and out. They don’t just have more people; they have more buildings, more cars, and more machines, all of which create heat. Cities also have more cement and asphalt, which hold in more heat than plants and grass.

These changes have created urban heat islands—areas in and around cities where temperatures are measurably hotter than in nearby rural areas. As a result, the young and old living in urban centers will be vulnerable to health issues from extreme heat and the smog it helps generate; the power grid will be pushed to the limit by an ever-increasing demand for air conditioning; and hotter cities will actually perpetuate a vicious cycle of greenhouse-gas-driven global warming.

Cities can better prepare themselves and their residents for heat waves and increase the overall awareness of the hazards of urban heat islands, writes Alyson Kenward, vice president for creative production at Climate Central. But the risks will persist unless global greenhouse gas emissions are also dramatically reduced.

Saving Coastal Communities Requires a Community-Based Approach

Hurricanes Harvey and Irma exposed how vulnerable communities are to extreme climate events. With the two storms destroying thousands of houses and causing well over $200 billion worth of losses, questions have been raised about how we don’t seem to be doing enough to move homes out of harm’s way.

The worst is yet to come for many at-risk communities, writes B. R. Balachandran, director at Alchemy Urban Systems. It is imperative for governments at national, state and local levels to work together to facilitate processes by which such communities can move out of harm’s way while protecting their culture and the social capital of community life.

Fusion Energy: A Time of Transition and Potential

If we’re able to solve an extremely complex set of scientific and engineering problems, fusion energy promises a green, safe, unlimited source of energy. But how likely is it that fusion researchers can accomplish this task—and incorporate fusion power into planning for use in the future?

Stewart Prager, a professor of Astrophysical Sciences at Princeton University, and Michael C. Zarnstorff, deputy director for research at the Princeton Plasma Physics Laboratory, outline the progress to date on this ambitious energy innovation and the road ahead on the path to fusion.

The positives are matched by the significant scientific challenge of fusion, write Mr. Prager and Mr. Zarnstorff. But the potential of fusion’s outsize benefits to arrive in the second half of this century means we must keep working.

Shaping the Low Carbon Future of the Shipping Industry

Shipping is arguably the most carbon-efficient mode of commercial transport and is fundamental to the functioning of the global economy. However, there will be no space in the carbon budget to allow even the emissions of shipping (currently approximately 1 gigaton per annum) to be ignored, writes Alastair Marsh, CEO of Lloyd’s Register.

Low Carbon Pathways 2050—a joint study by Lloyd’s Register and Shipping in Changing Climates—aims to answer a fundamental question: What is a reasonable estimate of how shipping might be required to change, and what does this look like?

The results of the report show that shipping likely needs to start its decarbonization imminently and that the associated changes will be fundamental and require a lot of further work and development to minimize disruption.

Three Simple Steps to Improve Your Corporate Culture

Corruption, Crime & Compliance Blog -

Lauren Connell, Managing Associate at The Volkov Law Group, rejoins us and provides a posting on corporate culture.  Lauren can be reached at

What exactly does “corporate culture” mean?  Compliance professionals often talk about how important “tone from the top” or the “mood in the middle” is, but what does that really mean?

Improving corporate culture has been directly tied to higher profits and a wide range of benefits to all stakeholders.  A recent study by NBER (Here) found that 91% of executives consider corporate culture to be “very important” or “important” at their firm, and 79% rank culture as at least a “top 5” factor among all of the things that make their firms valuable.  A strong company culture is correlated with higher employee retention rates, increased creative thinking and more collaborative work, a decreased likelihood of whistleblowing, and, at the end, a more profitable company.  Statistical research and empirical studies support these conclusions.

But building culture requires a paradigm shift from compliance departments.  Traditionally the ethics and compliance function has been focused on program components – such as training or policies and procedures, but research has shown again and again that we must shift our focus to include corporate culture and the underlying values held by your organization.  This will improve not only compliance with legal and regulatory requirements, but also build a foundation where employees make decisions and act on your organizations values, even when no one is looking.

An example of the paradigm shift compliance departments need to make is asking ourselves why we slow down at school crossings – is it to avoid a ticket or protect nearby children?  As a society, we want the answer to be the latter. Your company should seek to build a similar mindset with its own culture.  Employees, managers, and executives should seek to make the ethical choice, which is also compliance with relevant laws and regulations.  In the FCPA context, “we don’t bribe because it is against the law” should be replaced by “we don’t bribe because it is not ethical.”

But measuring and building culture is not simple. It is not as easy to report on as a 99% training completion rate.  It is also not as easy to communicate success or problems with corporate culture as with other metrics.  The NBER study notes that “corporate culture is a difficult-to-observe force within companies,” and focuses closely on the process it uses to collect and analyze data.  That is putting it mildly, corporate culture is difficult to observe… and measure, and change, and establish.

Corporate culture must be conscientiously built – this is where ethics and compliance departments and professionals must take the lead.  Corporate culture must be communicated through simple messages about the values a company believes in and, at the same time, leverage corporate governance mechanisms, such as the program components mentioned earlier, to strengthen and reinforce these values.  For example, including values-based metrics in employee performance reviews that, ultimately, will lead to increased compensation.  These can be, for example, whether or not the employee collaborates with colleagues or acts as an ethics leader. Another example is structuring compensation to reward long-term success instead of short-term profits.  Here are three simple steps to start integrating corporate culture into your compliance program:

  1. First, you have to understand where corporate culture is now. Using tools like surveys, interviews, and focus groups allows you to measure what your employees and managers value now and what your workplace norms are. Use simple questions in surveys to increase participate rates and save more in-depth discussions for interviews and focus groups.  Ask questions about what their values are and how they act workplace.
  2. Next, work to define what values should guide your organization. These will form the basis for the corporate culture you want to build and your compliance program as a whole.  Use the information you gathered in the first step to understand where your weak points are.  Most importantly, set a message that will be understood across your organization, taking into account cultural or location differences.
  3. Finally, you put the two together and design an implementation process to build and improve on what you have – through not only your policies and procedures and training programs, but also the entire compliance communication structure. Use meetings, emails, social media, and any other chance you have to emphasize corporate values. Your ultimate goal is to ensure that corporate values are reflected within the daily activities of your employees, managers, and executives.

To get the process started, it is important to get the support and buy-in of senior executives and company leaders. Their message has the greatest impact on company values as perceived by employees and mid-level managers.  Involving them in the first steps will build buy-in and ongoing support.  To do that, start with the same message about improving profitably and corporate performance as I did here… it works.

The post Three Simple Steps to Improve Your Corporate Culture appeared first on Corruption, Crime & Compliance.


Subscribe to Hong Kong Loss Prevention Association 香港防損協會 aggregator - Global Featured Wired

HKLPA (@the_hklpa) Tweets

RT @mikevolkov20: Episode 14 - What Every Compliance Officer Needs to Know About Data Privacy and the EU's GDPR - Corruption, Crime &… 2 weeks 3 days ago
RT @ComplianceXprts: What You Need To Know About Auditing And Risk Management In The Transport Industry 3 weeks 5 days ago
RT @EthicalSystems: Our 2017 End of Year Letter from @JonHaidt and @azishf "This is the time for the business… 4 weeks 21 hours ago
RT @ComplianceXprts: Inspection of Facilities and Sporting Venues - Due Diligence 4 weeks 21 hours ago
RT @ComplianceXprts: 14 Essentials For Your Compliance Management System 1 month 2 weeks ago
RT @ComplianceXprts: Our focus is on what people don't want to do. #ce 1 month 2 weeks ago
RT @mikevolkov20: ISO 37001: Board, Top Management and Anti-Bribery Compliance Responsibilities (Part III of V) - 3 months 1 day ago
RT @RSAFraud: 1 in 4 retailers state loyalty #fraud is one of the most detrimental threats to their e-commerce business… 3 months 3 weeks ago
RT @ComplianceXprts: FTAs, Risk Management and The Transport Industry #riskmanagement 3 months 3 weeks ago
RT @ComplianceXprts: How To Navigate Audit Road Blocks : Part II Avoid Challenges To The Audit Scope 4 months 1 day ago