Future Students, Alumni & Visitors





Archive for the ‘Governance of Financial Institutions’ Category

A rebuttal to Terence Corcoran’s “OSFI and the bureaucratization of corporate governance”

Terence Corcoran launched a scathing attack against recent regulatory announcements by the Office of Superintendent of Financial Institutions (OSFI) and the Ontario Securities Commission (OSC) on assessing and interviewing directors, and strengthening gender diversity, respectively.

OSFI announced, in a draft advisory, that it intended to ask for curricula vitae of, and interview, certain directors and senior management, who include oversight functions. The Ontario Securities Commission, in a request for comment, has proposed disclosure amendments that include addressing term limits; the representation of women on boards and in executive officer appointments; and internal targets that companies could set to achieve greater gender diversity.

Mr. Corcoran calls OSFI’s announcement a “bureaucratization” of governance; contends that the OSC will “force” women directors onto boards in a “social policy agenda”; and calls an academic study “Junk Science,” while accusing the study’s authors of “manipulating” their data: a very serious charge. All these contentions warrant a counterpoint.

Currently, financial institution and public company directors are self-selected by themselves or, worse yet, management. Shareholders may not propose their choice of, or remove incumbent, directors. They press for this right, otherwise known as “proxy access,” (e.g., shareholders who own 3% of common shares for three years can propose up to 25% of a board’s directors in an uncontested election), but boards resist. Company management has challenged proxy access in court, and has won.

Therefore, there is no third party oversight or validation of director skills, qualifications and selection. This reality enables self-interest, entrenchment, recruitment on the basis of personal relationships, discrimination, and directors who do not possess requisite expertise and background.

My own research and work with boards suggests directors can and often are conflicted through gifts, donations, offices, vacations, jobs for acquaintances, prior friendships, and other perks that management gives them. I have observed and assessed bank directors who tell me they do not understand acronyms that are being discussed. One director, emblematic of many, told me, “we don’t understand derivatives.” I have witnessed directors: arrive unprepared for meetings; fall asleep at meetings; who have “not made a single contribution in years” (according to other directors); and who do not do “any of this” (proper risk management). In one instance, a female director was proposed to a largely male OSFI regulated board, and a male director remarked “she’s attractive … since she likes skiing and sailing, she’ll be a good board member.” In another, a director asked “You want us to appoint a lady to our board?” A board chair once told me “There are only twenty women in Canada who are board ready.” (The qualification to be a director is often minimal: over 18, not bankrupt, and not insane.)

I also regularly conduct reviews of significant companies where directors are lacking in relevant industry and risk expertise. This is not true of all boards.

In short, how directors are selected, and what their qualifications are, are largely shielded from scrutiny. Investors are left to rely on fuzzy short bios, and assertions that a proper recruitment process based solely on merit has occurred.

OSFI enacted significant changes to governance, requiring: boards to have directors with risk and financial industry expertise; an explicit risk appetite framework; and oversight functions (including internal audit) reporting directly to them.

I know of at least one bank, one utility, and one university (and these were the only three organizations I checked) where the Internal Audit function reports to the CEO or CFO, which is wrong.

Corporate governance involves a legacy of “independent” directors, opaque selection, and deficient reporting, assurance and internal controls. Interviews, CV checks, and greater disclosure, which shareholders should be doing, can put the heat on boards to clean much of this up. Regulators have shown internationally that they are prepared to conduct interviews and enact competency matrixes in the absence of shareholder oversight. If boards wish to forestall regulation, the answer is to improve their practices and disclosure consistent with best practice, which now includes diversification.

Indeed, Canada is late to this global board diversity movement. The majority of peer countries around the world have already enacted diversity legislation, in many cases in a much more intrusive approach than the balanced and proportionate approach the OSC is suggesting. Mr. Corcoran states the OSC is going to “force” companies to appoint more women. This in my view is not correct because companies with no or few women on their boards are free to describe why this is the case, and why this should continue.

This is not a bureaucratization of governance, but a prudent assurance of systemically important financial institutions. Interviews are wise because simple questions, such as “To whom do you report?” “How did you come to be selected?” and “What relationships do you have with directors or management?” address what CVs can hide.

Shareholders can tell when they meet with a director whether that director is “camera ready,” and OSFI will be able to as well. If a director is camera ready, and possesses all the requisite qualifications to be fit and proper, they should have nothing to worry about. Indeed, good directors should welcome the interview.

Lastly, Mr. Corcoran derides academic studies. This past summer, a primary drafter of guidelines that had a profound effect on governance and director selection in Canada remarked publicly, “We did virtually no research.” This is unfortunate because academics bring something to the table. They adopt an independent, evidence-based approach. I have numerous studies underscoring the positive effects women on boards have. There are studies suggesting CEOs do not make better directors; tenure beyond 9 years diminishes shareholder value; and busy boards with over-boarded directors result in diminished board oversight and performance. People should not be afraid of, or deride, academic studies. On the contrary, they should welcome and learn from them.

Academic studies should be more widely consulted, not less. My own LinkedIn group, Boards and Advisors, has almost 10,000 members, attesting to the benefits of academic, practitioner – and journalist – interaction.

Richard Leblanc is an Associate Professor, Law, Governance & Ethics, at York University. He also teaches corporate governance at Harvard University, and regularly advises boards and regulators. His views are his own. Disclosure: Professor Leblanc has advised, and has been retained by, OSFI and the OSC.

J.P. Morgan post-game analysis

I was interviewed by BNN where I said that what proponents for the split of CEO and Chair at JP Morgan had going against them this week was that the stock was up 50% and that the split would occur to an incumbent CEO, Jamie Dimon, as opposed to a new CEO, where the decision to split the roles by a board is easier.

Shareholders have spoken and the vote was almost a third in favor of having a separate Chair and CEO. However the risk committee directors received less than 60% support for their continued tenure on the board.

What are we to take from this, from a governance and accountability perspective?

First, the directors who received less than 60% should all be replaced. New directors should demonstrably possess solid risk and banking expertise – including a full understanding of complex derivatives – to sit on a board of this type. Management, including the Chairman, should have no say whatsoever as to who these directors are. Indeed the incumbent board should look to shareholders for suggestions.

Second, there is not a single new argument in the lead up to the chair-CEO vote that was not already mentioned in the Canadian context when Canadian banks ten years ago had combined roles, but now have separate chairs. I remember many bank chair-CEOs making impassioned arguments as to why they should keep the chair role, with the “support” of their boards. Shareholders and regulators eventually won this battle.

Share price or a threat to leave by Mr. Dimon is likely what swayed shareholders away from voting more fully for the split.

These are both troubling from a governance perspective. Directors should be free and empowered to take decisions that are best for the company and shareholders in the long term – decisions that may even result in short term share price decline. Share price also reflects multiple inputs, and it’s not certain that splitting the roles for governance purposes would affect share price irreparably.

Second, and more important, a CEO who threatens to leave is a red flag – or should be – for any board. It may signal lack of internal succession planning. No one is irreplaceable and the “leaving” card should be called by more boards – even in pay negotiations – through proper succession planning, that is to say internally ready candidates at all times.

Lastly, the decision of a separate chair vs. a lead director is vulnerable to the narrative that “it depends.” This is impenetrable and can reflect more ego, hubris and board capture. At some point, the decision on chair vs. lead director should be an objective standard, not subjective one. It is the same with standards for director independence.

There is a fundamental difference between a chair role and a lead director role. The chair role is stronger. Regulators should be more prescriptive and say the roles should be split as a matter of good governance and preventing a concentration of power absent accountability. They have done so in Canada and we have fared very well.

Banking Directors Need to be at the Top of Their Game

There’s an old maxim that corporations don’t fail, boards do. And when banks fail, the reason is poor management, which is the fault of a poor board.

Take the case of Lehman Brothers, the financial services firm that collapsed in 2008 and played a big role in the global economic downturn. Stanford University professors David F. Larcker and Brian Tayan noted that Lehman’s board was lacking financial services experience and current business acumen. In fact, the former CEOs on the board were, on average, 12 years into their retirement. “This raises the question of whether the professional experiences of Lehman board members were relevant for understanding the increasing complexity of financial markets,” wrote Larcker and Tayan.

Well, the job of a bank board isn’t getting any easier. Following the financial downturn, banks have been placed under greater scrutiny and new regulations, both in Canada and abroad.

That’s why, more than ever, banking board directors need to be at the top of their game.

Last week, I spoke to bank directors in Dallas, Texas, about banking governance best practices as a result of a review that I had conducted for the Office of the Superintendent of Financial Institutions. (The OFSI is Canada’s banking regulator.) Specifically, I looked at Canada’s governance guidelines and board assessment criteria and compared them with international financial regulatory practices and recent developments. I provided the OFSI with suggestions for revisions.

Some proposed board reforms to Canada’s deposit-taking institutions and insurance companies sectors under the new guidelines include:

  • Having directors who possess risk management and relevant industry experience;
  • A risk committee that oversees enterprise risks, and a chief risk officer who reports directly to this committee and the board;
  • Board approval of the internal control framework to mitigate all material risks to the financial institution, and board monitoring of internal control effectiveness;
  • Expert third party reviews of the board’s effectiveness, risk management effectiveness, and effectiveness of oversight functions (such as internal audit), with results reported to the board;
  • Enhanced director orientation and training, self assessment and external reviews;
  • A board-approved risk management statement that translates into cascading limits and thresholds for all material business risks (e.g., credit limits, loan losses, capital levels);
  • The internal audit function should report directly to the audit committee; and
  • The audit committee, not management, should approve the scope of the external auditor’s engagement and fees.

When I asked for a show of hands as to how many banking directors adopted at least some of the above best practices, about half the hands went up.

However, it’s apparent that many boards aren’t prepared for a new era of banking regulations.

Remember the JPMorgan board of directors that oversaw the derivative failure that cost the bank several billion dollars? Well, here is the current board. Last I checked, not a single director other than the CEO had banking experience. This is wrong.

In 2009 and 2010, there were a total of 297 bank failures in the U.S., according to the Federal Deposit and Insurance Corporation. In the second quarter of this year, the FDIC identified 732 “problem” banks which are at risk of failing.

At the event in Dallas, one of the speakers brought up a good point. “Don’t get involved in something you don’t understand,” said Charles G. Cooper, commissioner of the Texas Department of Banking. He added: “The duties haven’t changed, but the topic is harder.”

And he’s right. That’s why it’s vital that banking boards are well-equipped with qualified directors for this increasingly complex environment.

 


New financial services governance guidelines for Canada: Analysis & summary

The proposed OSFI corporate governance guidelines have been criticized for blurring the line between the board and management and for adopting a ‘one sized fits all’ approach. This is hardly surprising, and is the criticism to many governance regulations over the last twenty years, along with cost, as boards have become more active.

The OSFI guidelines have not changed in almost 10 years. In full disclosure, I was asked by OSFI to a) conduct a review and assessment of OSFI’s 2003 Corporate Governance Guideline and the Board Assessment Criteria against other international financial regulatory practices and recent developments or recommendations, and b) provide suggestions for future revisions after taking into consideration current global governance developments, including those related to financial institutions.

I reviewed 57 codes in total for OSFI, carefully tracking developments globally since the financial crisis. There are four major changes (among others) since the 2003 guidelines as follows:

1.         Boards of federally-regulated financial institutions (FRFIs) will need to have risk and relevant financial industry expertise represented in their board. This is entirely reasonable and codifies what good boards already do in their competency matrix approach that I recommended to the OSC in 2005. The notion that a board such as JPMorgan should have no independent directors with banking experience, for example, can have dire consequences when approving complex products and risks that directors do not understand for want of expertise. OSFI is not being overly prescriptive, only saying it desires “reasonable representation” of risk and financial industry expertise, leaving it to FRFIs to define and determine. It is not unreasonable to have risk and industry expertise on the board of a financial institution.

2.         Second, independent third parties should be retained to assess the board, risk management and oversight functions. This does not mean the board is “managing,” but rather the board gets to see an objective view other than from management. Management is conflicted in assuring its own work and the board should not be beholden to this. The board should be free at any time to commission an independent review of any material risks or internal controls. This puts the heat on management, as a third party will be reviewing at some point. If management is doing its job, it should welcome this input. This proposal can be criticized for “offloading” oversight to outsiders, but with 100s of FRFIs that carry deposits and insurance of Canadians, independent reviews from time to time are a fail safe.

3.         Third, the board may need to have a dedicated risk committee and reporting function (e.g., CRO); and should approve a risk appetite framework (RAF) with cascading tolerance limits and implementation. This puts the heat on boards to know and understand the risks of their institution, and on management to translate that into thresholds complied with throughout the organization. OSFI set out at pages 19-20 of the draft guideline guidance on what the RAF should contain with areas and examples of best practices. It is not unreasonable for the board to approve risk, but with examples of what this actually entails. The OSC 2005 guideline (NP 58-201) is now out of date because risk is only a few lines: namely that the board should identify the principal risks and ensure implementation of appropriate systems to manage these risks – which is vague at best and wholly inadequate at worst.

4.         Lastly, the CFO, head of internal audit and appointed actuary (for insurance companies) should have a direct reporting line to the audit committee; and the audit committee should approve the external audit fees and scope. Not only is this best practice, internationally, but I would also add, as OSFI similarly goes on to write, that the audit committee should have private sessions with the internal audit, external audit and appointed actuary at every audit committee meeting. The audit committee should also approve the internal audit work plan, budget, independence, person and compensation.

Overall the draft OSFI guidelines are proportionate, pragmatic and reflect leading practices (e.g., G30, Walker and OECD reports and Basel principles). Canada has a very well regulated financial services sector, that some say is the envy of the world. These new corporate governance guidelines will help ensure that this fiscal prudence and stewardship continues.

OSFI moves banking governance forward in Canada

Canada’s federal bank regulator came out this week with proposed changes to its governance guidelines, moving Canada forward in important ways. Disclosure: I advised OSFI on how the current guideline might be improved.

See the new draft guideline here. Some important changes include that OSFI is stating that there should be reasonable representation of risk and relevant financial industry expertise on the board and committees. This is an excellent idea, as we know that director independence in and of itself will not guarantee governance quality nor predict shareholder value. OSFI-regulated companies (which exceed 400) would be wise to use a competency matrix recommended by Canadian securities commissions and disclose which directors possess risk and financial industry expertise. Of course this expertise should be defined as well.

Second, OSFI is recommending third party reviews to assess the effectiveness of board and committee practices. This is also an important development, as we know that proxy advisory firms, and even boards themselves, often measure the wrong things, simply because of availability or ignorance. A self-review has a tendency to be soft, which boards often delegate to management to administer. The UK now recommends similar third party reviews for all FTSE companies.

Third, OSFI strengthens the role of the CRO and reporting to the risk committee, and requires that the board approve an explicit risk appetite for the institution. This is another welcome development. As part of the risk appetite and control framework, boards and relevant committees should approve (and be able to recognize and direct when necessary) the internal controls of all material business risks – financial as well as non-financial – and ensure combined assurance and reporting for the controls to mitigate risks. OSFI also recommends third party reviews to assess risk systems and oversight functions, and strengthens audit committee oversight of external and internal auditors. Very leading edge.

OSFI also codifies the separation of chair and CEO, a recommended practice in Canada since 1994. We know that independence of the chair per se will not guarantee effectiveness, so OSFI goes on to provide guidance on leadership, commitment and other attributes and actions necessary to chair an effective financial services board. Boards here should select the chair and the CEO should not have undue influence. The chair should have a position description and be assessed on it. The governance committee should be charged with chair succession planning to person proof the position.

Lastly OSFI also incorporates by reference compensation and risk-aligned compensation embedded in the Financial Stability Board’s Principles for Sound Compensation.

Overall the draft guidelines are concise, flexible, pragmatic and reflect leading practices (e.g., G30, Walker and OECD reports and Basel principles). Some provisions go beyond US and UK counterparts. Canada has a very well regulated banking sector. We avoided a bailout of a financial institution pre 2008 and banks also avoided many of the complex derivative meltdowns to date. These new guidelines will help ensure that that fiscal prudence and stewardship continues.