NACD Board Leadership Conference NACD Chapter System NACDonline.org

Our Next Event

Deriving Value from Tax Reform

Wednesday, August 15, 2018

Deriving Value from Tax Reform - The Board's Perspective


Time to Get Uncomfortable in the Boardroom

 

Time to Get Uncomfortable in the Boardroom

NACD Atlanta, February 14, 2018

Moderator Renee Glover, director, Fannie Mae, Enterprise Community Partners, and NACD Atlanta, and panelists Brenda Gaines, director, Tenet Healthcare, Southern Company Gas and NACD, and Rochelle Campbell, manager, Board Recruitment Services, NACD, shared their opinions and perspectives at NACD Atlanta’s recent program, “Time to Get Uncomfortable in the Boardroom”. The discussion touched on sometimes controversial social, environmental and governance issues, and the need for diversity in the boardroom.

According to Ms. Campbell, boards are either fully engaged in discussing these issues or they shy away from them entirely. Ms. Gaines ensures that the boards on which she serves discuss difficult issues, including sexual harassment. She recommends that directors work to determine what is really happening in the company by:

  • Reviewing complaints and their disposition

  • Monitoring hotline metrics

  • Reviewing policy, particularly the code of conduct

  • Ensuring training is taking place

  • Reviewing culture survey results

  • Requesting that management undertake pulse surveys and even focus groups around these issues

Difficult situations can arise if an offender is important to the company’s bottom line. For example, a board may find itself faced with a difficult choice if a superstar CEO is found to have violated the company’s code of conduct, fearing that a dismissal could impact short-term shareholder value. According to Ms. Gaines, superstar status is always irrelevant. She suggests that the board should take action to remove an offending CEO, and then have a separate conversation about revenue and valuation implications. She added that the company must be clear about its culture and key principles, and should have zero tolerance for misconduct, applied to everyone in the company equally. “Board members have to keep each other honest,” she said.

The #MeToo movement will also have an impact on the boardroom, as well as on investor relations, according to Ms. Glover. Indeed, large shareholders are asking about diversity on the board, and they may request sexual harassment policies and pay equity measures. Ms. Gaines emphasized the clear-cut nature of the need for more diverse boards. “Diversity is good business,” she said, “and we are nowhere near where we should be. We need more gender diversity and more people of color on boards. Don’t miss this in the search for skill sets.”

Ms. Campbell says that she encourages boards to have at least two diverse members on their boards, as those boards tend to be more successful. Women and people of color who are new to a board, can play an important role in discussions about sexual harassment and equal pay for equal work. When asked for practical advice for new board members, Ms. Gaines shared the following tips:

  • Get the facts right.

  • Take the emotion away.

  • Look fo an ally on the board.

  • Be persistent.

Ms. Glover summed up the issue: “We can do better. And when we do, we can get on with realizing the deeper value that a diverse board can deliver.”

 


 


 

 

BLOG POST, FEBRUARY 23, 2017, BY NACD THE SOUTHEAST REGIONAL DIRECTOR, KIMBERLY SIMPSON:

Perspectives for Leadership: The New World Order 

February 23, 2017 Published by


Regardless of which party is in the White House, the National Association of Corporate Directors’ (NACD) more than 17,000 members will have a significant impact on both our economy and the country’s social fabric. The importance of strong corporate leadership was one of many topics discussed when the NACD Atlanta Chapter hosted a discussion about the Trump administration’s new world order.

Despite different party allegiances, six-term Vermont Governor Howard Dean and Republican strategist Ron Kaufman shared their optimism about the country and the global economy. Moderator Eric Tanenblatt led an informative and insightful discussion in which each panelist shared his perspective on topics relevant to business leaders.

President Trump's Victory

   

Governor Dean, former chairman of the Democratic National Committee and six term-governor, opined that despite some of the unpleasant overtones of the Trump campaign, President Trump’s victory can at a high level be attributed to discontent with the economy, and specifically to the impacts of automation and the Internet. The perception that jobs have been lost to overseas manufacturing is more likely due to workforce reductions resulting from automation. At the same time, the Internet has changed both how people receive information, and the quality of the information they receive.

As a result, many people voted for Trump because he represented change in a time when the “haves” and the “have nots” are at odds. A similar sentiment has been seen in England with the Brexit vote, and in current political tides elsewhere in Europe.

Mr. Kaufman, a senior advisor to US presidents, governors, and members of congress, concurred that the appetite for change was a significant factor in Trump’s election. He shared that during his work on behalf of candidate Jeb Bush and then candidate Trump, many of the voters he met were attempting to decide between Trump and Senator Bernie Sanders.

 

... CLICK HERE TO READ MORE OF KIMBERLY'S BLOG ARTICLE.

 

 New World Order 2 2017

From Left: Eric McCarthey, NACD Atlanta Chapter chair; Governor Howard Dean; Renee Glover, NACD Atlanta Chapter board member and event organizer; Ron Kaufman; and Eric Tanenblatt

 

 

 

_______________________________________________________

 

blog

... CLICK HERE TO READ MORE OF KIMBERLY'S BLOG ARTICLE.

 

 

 

Caution: GDPR is Big, and It’s Almost Here

Caution: GDPR is Big, and It’s Almost Here

April 11, 2018 Published by Kimberly Simpson

 

Michael Walter 2 19 2018

 Michael Walter

 The European Union’s (EU) General Data Protection Regulation (GDPR) is causing a seismic shift in the digital information space, and, whether your company has a presence in Europe or not, the sweeping regulation likely applies. As a director in the era of bet-the-farm digital transformation, familiarity with the basics of GDPR is a must. To that end, Michael Walter and Joel Wuesthoff, experts from Protiviti and Robert Half Legal, respectively, recently presented the ins and outs of the regulation at an NACD Atlanta Chapter program.

 

Does GDPR even apply to my company?

 

Joel Wuesthoff, Esq.

 Joel Wuesthoff

 Effective May 25, 2018, it probably does. The regulation is borderless and applies to all organizations—regardless of size and regardless of whether they have a physical European location—that collect and process personal data of data subjects in the EU. An EU data subject is anyone from whom personal data is collected while in the EU (i.e. data subject is not limited to someone with EU “citizenship”). For example, a skier from Colorado who buys a snowboard online while in the EU may subject the product seller to the GDPR. The rules apply to both data controllers and data processors. The range of information that is protected is quite broad, ranging from vehicle identification numbers to photos to employment information to IP addresses.

 

If GDPR applies, what’s the big deal?

In the U.S., personal information is often collected as a matter of course, with only an “opt out” offered to consumers. By contrast, GDPR requires that in order to collect information from EU data subjects, an affirmative “opt in” consent must be obtained that clearly specifies how the data will be used. Privacy policies must match. Then, once information is obtained, the EU data subject has the right to request that his or her data be deleted; that is, to invoke the right “to be forgotten.” Incorrect information must be corrected upon request. These rights may seem simple enough, but when data is held in multiple locations, developing a process to handle such requests may be quite difficult.

The burdens of GDPR cannot be outsourced, as companies have joint and several liability with third-party vendors. Due diligence requirements for vendors therefore will be heightened, and all in scope data processors will need to be GDPR compliant.

 

What if my company has a data breach or fails to comply?

In the event of a data breach involving an EU subject, the breached company has 72 hours to notify regulators and must notify EU data subjects without undue delay under certain conditions.

Fines for failure to comply with GDPR can be up to 20M Euros or four percent of an organization’s annual global turnover, whichever is higher. Further, data subjects can claim compensation for damages from breaches of their personal data.

 

GDPR won’t be enforced right away, will it?

The expectation is that GDPR likely will be enforced right away against global organizations that collect large volumes of personal data. However, beware. EU countries continue to hire people for enforcement of the GDPR. Also, since individuals have a right of action, it is unclear whether GDPR will be used as a manner of protest against companies that are unpopular with EU data subjects.

 

What should I be asking management?

The path to compliance with GDPR will require a multi-functional task force, including information technology, legal, human resources, privacy, and other functions. Directors may consider asking about the key phases of compliance:

  • Discovery and inventory: Have we identified high risk areas to ensure a focused approach?

  • Gap analysis: Have we determined exposure and prioritized compliance activities?

  • Compliance remediation: Are we implementing changes to achieve compliance?

  • Ongoing compliance: Are we prepared to provide evidence of accountability and compliance?

Boards may also want to discuss the appointment of—and ramifications of having—a data protection officer (DPO), required under GDPR for companies processing large scale data; however, bear in mind that the DPO is a unique intermediary between the regulators, the organization and the data subjects who is required to be an independent actor within the organization reporting up to the highest levels of the organization. Care must be taken prior to appointing a DPO as significant obligations attach once this decision is made.

In short, GDPR’s long reach and substantial requirements merit fulsome discussions in the boardroom, even of U.S. companies. Is your company ready?

 

Looking to learn more about how your board will be impacted by GDPR? Stay tuned. NACD will release an FAQ brief in May.

Kimberly Simpson is an NACD regional director, providing strategic support to NACD chapters in the Capital Area, Atlanta, Florida, the Carolinas, North Texas and the Research Triangle. Simpson, a former general counsel, was a U.S. Marshall Memorial Fellow to Europe in 2005. 

NACD® Technology Symposium

NACD® Technology Symposium July 2018

Find a Chapter Near You