Dottie Schindlinger, Executive Director, Diligent Institute
GRC topics are now the defining challenge for board directors and the C-suite,
The governance, risk and compliance landscape is evolving rapidly to keep pace with accelerating changes in the wider corporate climate. New challenges – from the twin impacts of disruption and digital innovation to changing expectations around social justice and corporate responsibility – are setting the bar higher than ever for the leaders charged with navigating turbulent waters. As we enter a reality where a new normal emerges every 18 months, what are the governance, risk and compliance (GRC) topics dominating discussions and how can today’s boards and C-suite prepare to lead and succeed?
Key topics on the board agenda
A multitude of complex factors are influencing GRC. Many are interconnected, and all have significant impact on the way organisations operate within the corporate and societal ecosystem.
Five dominant themes are:
- Board diversity: boards, businesses and influential stakeholders understand that diversity of perspective, background and skillsets is both a moral imperative and critical to success.
- Environmental, social and governance (ESG): the link between ESG and business performance has been reinforced during the pandemic, when companies demonstrated how resilience and flexibility flow from strong ESG focus. Investors are demanding more rigorous ESG reporting and companies that are behind the curve must close the gap.
- Corporate purpose: related to ESG, there are growing calls for companies to identify and espouse a broader social purpose that goes beyond profit and sets a vision for the company’s role in global society.
- Cyber crime: the rapid shift to remote working prompted exponential growth in cyber crime, targeting vulnerable endpoint devices. Boards and senior teams are now wrestling with cyber risk and data privacy compliance, but the required skills are not always present at the boardroom table.
- Broader GRC: during the pandemic, boards found themselves addressing GRC issues at a more granular level, from issues of supply chain resilience to workforce wellbeing. That focus is set to continue as stakeholders increasingly want to see confident leadership on large-scale systemic risk identification and management.
None of these topics are new. Issues of board composition, ESG and cyber risk management have been waiting in the wings for years, but the pandemic has pushed them centre stage. It has accelerated both the pace of change and the level of expectations that stakeholders – from investors to consumers and the workforce – hold regarding what effective leadership looks like.
Anticipating a ‘great refresh’ of boards and C-suites
GRC is defined by the OCEG as the capability to reliably achieve objectives while addressing uncertainty and acting with integrity. This requires leaders to be equipped with skills and information that allow them to see around the corners to anticipate future threats and opportunities, and increasingly, these lie outside the traditional realms of finance and law.
As awareness grows that diverse risk demands different skillsets, investors are making their feelings known. The 2021 proxy season saw the lowest level of shareholder support to re-elect directors in record history, indicating concern that the current roster does not have the skills required to lead successfully in the emerging ‘next normal’.
Consequently, we should anticipate a ‘great refresh’ of corporate boards and C-suites as cyber security expertise, sustainability experience and workforce management skills, among others, become highly desirable. New leaders with these skills will generally be more diverse, enabling companies to simultaneously accelerate their diversity and inclusion programmes.
Adapting to the demands of modern governance
Boards responding to the pace and complexity of the current environment are changing how they approach their duties. Board meetings are more frequent, and directors collaborate more closely with each other and executive teams. To ensure decisions are informed, directors now seek a wider variety of information from diverse sources.
Diligent’s Beyond The Board Room report found that two-thirds of directors now conduct independent research in addition to the material provided to them by the company. They consult peers, read widely and are huge consumers of information. This is the shape of modern governance, where leaders leverage huge amounts of data and use tools to collaborate and anticipate future scenarios.
Looking forward: GRC in the new normal
As this new generation of leaders takes control, they must embrace the full spectrum of success criteria. Identifying, measuring and monitoring non-financial metrics across ESG and cybersecurity is crucial to the sustainability and longevity of the enterprise.
Directors need to know what the key metrics are and how the company is planning to track and report on them. This will involve building an infrastructure, supported by relevant tools, to which all departments contribute data and that delivers a comprehensive view of corporate performance as a result.
Taking a holistic approach to GRC that ensures information flows to a central location will help pull GRC out of siloes and provide the seamless visibility required to robustly position GRC as a vehicle for corporate integrity, resilience and success.
For more information, visit diligent.com.