The world in which boards of directors operate has been fundamentally transformed in recent years. There is increased operational complexity, rapidly changing technology, global political instability, the proliferation of cyber-threats, vocal demands from shareholders and stakeholders, new regulatory requirements, and greater levels of media visibility and public scrutiny.

Directors must ask themselves if their boards’ composition and director skill sets remain appropriate amid dramatically evolving mandates.

The National Association of Corporate Directors recently released its “2016 Blue Ribbon Commission Report.” Its recommendations stress that boards must move beyond traditional approaches to board refreshment and establish a system for continuous improvement that enable it to adapt over time as the organization’s competitive environment evolves.

We talked to Steven Walker, NACD’s general counsel and managing director of board advisory and recruitment services, about the report, the challenges facing directors, and why self-assessment is more important than ever before.

Can you tell us about the current environment for boards and the evolution that has taken place? In the new report, what do you mean by “building the strategic-asset board”?

Over time, we have seen an evolution from the traditional review-and-concur boards, which were basically ceremonial boards, usually hand-selected by the CEO or the president and were often friends, family, or close colleagues. The management team would present their report and the board would rubber-stamp it.

What we are teaching our more than 17,000 members is that we want them to truly go beyond the normal course of business and prepare themselves. Just as doctors, lawyers, and accountants have continuing education, we want to make sure they are not just thinking about the past, but are really focused on the future and how to remain competitive. They should be equipping themselves to go beyond listening mode. They should be proactive and provide constructive tension, insight, and mentoring as they fully utilize the unique skills they bring to the table.

What are some of the identified challenges modern directors face?

We are looking at increased complexity in the business from rapidly changing technology and volatility in global politics, international economics, and trade flows. There is a proliferation of information and the presence of major threats, such as cyber-attacks. There is disruptive competition and innovation can render companies obsolete, seemingly overnight.

With our membership at NACD we have representation in about 85 percent of the Fortune 1000 and see a very broad cross-section of every type of industry. Everywhere we go, everyone we talk to is dealing with real-world, frontline struggles.

Maybe the board is not growing organically and their traditional business line is? What are their options for survival and remaining competitive? Sometimes that includes completely changing the line of business, acquiring a line of business, or merging.

Boards also need to take a hard look at the tone at the top and leadership at the highest levels. Does this management team have the needed skills and attributes? Is the board truly providing strategic advice and counsel, rather than simply listening to business plans? Does it take an active role in asking difficult questions and bringing up issues and ideas to challenge management’s strategy and risk analysis?

Continuous improvement includes board self-assessment, peer review, and allowing management to give the board feedback on how they are working together to identify gaps and align strategy and risk.

Boards have to ask themselves, “Are we ready to be competitive? Are we ready to provide value?”

I often ask our board members to reflect on when they themselves were C-suite executives, preparing for board meetings in the past. Did they look forward to board meetings? Did they find value in them? Did they look, with anticipation, at the feedback they would receive from the board? Most of the time these folks are shaking their heads no.

We are preparing boards to be an asset that management teams truly look forward to having interactions with because they provide value and get them to think of things they haven’t thought of. Directors should offer constructive questions that might create constructive tension, but are not arbitrary. They need to be a thoughtful devil’s advocate.

I find that management teams prefer boards that are equipped, engaged, and thinking; come from outside the industry; and have different industry backgrounds and skill. They want to be thinking outside of their comfort zone and thinking like activists and analysts do.

Among the major challenges at modern companies, and for modern boards, is cyber-security. Directors have increasing responsibilities in this area and there are increasing demands for boards to include related skill sets.

A question we have asked is, if we are educating boards on cyber-security and helping them be more qualified and educated in that area, would the plaintiff’s bar hold them to a higher standard? If there was a breach, because they have somehow educated themselves and are saying they are prepared to ask the right questions, would that risk exist?


Steven R. Walker serves as NACD’s general counsel and managing director of board advisory and recruitment services. In his board advisory services role, Walker provides counsel to boards and C-suite executives on a wide range of strategic governance matters. 
Prior to joining NACD, Walker served as general counsel and/or senior executive to public and private entities ranging from private equity backed start-ups to Fortune 100 corporations in a variety of sectors, including managed healthcare, healthcare delivery, pharmaceuticals, life and health insurance, banking, securities, financial services, technology, funeral/cemetery, and emerging technology.
Walker has also served in the government sector as an attorney-advisor with the Securities and Exchange Commission's Division of Corporation Finance during the implementation of Sarbanes-Oxley. He was also senior enforcement counsel with the State of Florida's Division of Banking, Finance, Securities and Investor Protection.
Walker is an alumnus of Florida State University where he earned his BS and JD degrees. He also completed post graduate studies at Oxford University and Emory University.

When we have asked people in high places in the judiciary their opinion, they have said, “absolutely not” and they will not hold the board to a higher standard. They want boards to seek as much education as they can and believe it is absolutely prudent.

We often get calls from Capitol Hill when there is proposed legislation and asked the question of whether boards should be required to have a designated cyber-expert, like a financial expert is required on public companies. We are not of the opinion that is practical.

Boards should have access to real-time experts who are actively engaged in the profession of cyber-security and are actively engaged in the changes that are occurring every day, versus having a board member who, perhaps, worked for a tech company in the 80s or 90s but considers himself technologically literate. We don’t think that cuts it.

Rather than forcing companies to designate an expert on the board, it is far more critical to require that directors have access to experts and seek education.

The starting point for directors is not having all the knowledge themselves, but knowing what questions they should be asking to trust and verify management’s oversight. What are we doing to verify that we are testing ourselves? Do we have access to our own experts who can verify their internal policies procedures and do some testing against that?

How should boards better keep pace with regulatory changes?

It is critical for boards to have access to internal audit and compliance officers and have the ability to ask these executives what keeps them up at night. What procedures do they have in place to give boards a level of comfort that they will know about things long before they snowball into something that might hit the newspapers or affect the company’s reputation.

Directors are very concerned about their fiduciary responsibilities, and part of that is having information flow beyond the CEO. It is critical to regularly meet, through a board committee, with officers beyond the C-suite, including the chief information security officer, the chief compliance officer, ethics, internal audit, and general counsel. It is important to have access to those folks so they are getting things on the board’s radar screen and offering their counsel on how to mitigate and eliminate risks long before they get out of hand.

How can boards keep pace? Do we need to rethink how boards are currently structured, including matters of on-board expertise, tenure, and the risk of over-boarding?

When directors are elected to a board, they should receive a job description. I think you will find that the vast majority of board members never did.

It should address expectations for tenure, time commitment, number of meetings, and preparation for meetings. It should include a description of why they were elected to the board and what their unique skillsets are that the company hopes to call upon.

Right out of the box it should be made clear to a board member that this is not a lifetime appointment. This is not the Supreme Court. You are appointed as a director for as long as we, after analyzing our composition, skill sets, strategy and risk profile, determine that your background fits within our needs. 

We are teaching our boards to manage expectations right up front, so there won’t be a need to deploy artificial mechanisms like age limits and term limits. The board’s and nominating and governance committees should be proactive in maintaining an active skill sets matrix that is constantly reviewed, so the board can assess themselves how they are performing. Then, in the re-nomination process, hard questions need to be asked about whether we still have the right people, the right team, and the right skill sets.

Just like a professional sports franchise is continually looking for bits and pieces as their strategies change, it is critical, especially from a compliance point of view, that the board constantly be assessing its composition.

What recommendations are there for identifying, as the report notes, “what a board needs to do to establish a set of continuous-improvement processes that will enable it to adapt over time as the organization’s competitive environment evolves?”

I’m working with a client right now who is asking us to lay out a calendar for continuous improvement. We do that on a routine basis. We think the legal department and the corporate secretary and other folks charged with working with the board should build an education calendar for them.

Continuous improvement includes board self-assessment, peer review, and allowing management to give the board feedback on how they are working together to identify gaps and align strategy and risk.

Boards should continually be seeking out, and have access to, their own experts just as activist shareholders and other analysts have access to their experts who write white papers on companies, look at what the competition is doing, and how the company is performing against its peer groups.