Annual meeting season gets underway soon, and that means boards of directors meeting with powerful shareholder groups. This year’s season promises to be a bit different, as those investor groups ask pointed questions to boards about corporate culture and whistleblower retaliation. Ethics and compliance officers might want to consider the role they can play here.
For an example, look no further than BlackRock, the investment fund with $6.3 trillion in assets under management. BlackRock’s CEO already fired off a letter to Corporate America’s CEOs in January warning that this year the firm’s analysts would ask tough questions about how companies tie long-term value creation to sustainable development. His letter mentioned diversity, environmental stewardship, the pace of technological change — you know, all those difficult issues boards would rather ignore as they repurchase shares and churn out another good-looking 10-Q.
Well, last week BlackRock followed up with a list of what those questions are, and they have ethics and compliance concerns all over them. I’ve excerpted the ones most relevant to ethics and compliance officers below.
When engaging boards on human capital management (HCM), BlackRock is likely to discuss:
- Oversight of policies meant to protect employees (e.g., whistleblowing, codes of conduct, EEO policies) and the level of reporting the board receives from management to assess their implementation;
- Process to oversee that the many components of a company’s HCM strategy align themselves to create a healthy culture and prevent unwanted behaviors;
- Board member visits to establishments or factories to independently assess the culture and operations of the company.
When engaging management teams, the topics BlackRock may cover include:
- Process for ensuring employee health and safety and complying with occupational health and safety policies;
- Voluntary and involuntary turnover on various dimensions (for example, seniority of roles, tenure, gender, and ethnicity);
- Statistics on gender and other diversity characteristics, as well as promotion rates for and compensation gaps across different employee demographics;
- Systems to oversee matters related to the supply chain (including contingent workers, contractors and subcontractors).
Concern No. 1: Workforce Data
Employee turnover, workforce diversity, promotion rates, compensation schedules — that’s a lot of data BlackRock wants to see. Companies will need some reliable way to generate it.
The data is similar to what employers were supposed to start filing last year under an expanded Form EEO-1 with the Equal Employment Opportunity Commission. That came from a rule proposed under the Obama Administration, which the Trump Administration then killed last summer.
The rule itself may have had its shortcomings, but as I argued at the time — a risk doesn’t care whether it’s regulated or not. In this particular instance, a looming regulatory compliance risk (an expanded Form EEO-1) has transformed into an investor relations and public perception risk (pointed questions from BlackRock). Companies still need a way to address it.
In this instance, that might mean compliance officers working closely with the HR department to ensure you have the right procedures to generate useful data. Large organizations may even want the internal audit team to ensure those procedures work as expected.
“Completeness and accuracy of reports” is already a vital concern for financial data during the annual audit. We are rapidly approaching a world where we’ll say the same about compensation and promotion data as a defense against litigation or reputation harm. So compliance officers should ponder how to craft policies and procedures to extract all that data and put it in a useful format for the board before BlackRock or any other large investor group knocks on the door.
Concern No. 2: Escalation Procedures
BlackRock also cites oversight of whistleblower protocols, worker safety under OSHA rules, supply chain issues, and the like. The key word, however, is oversight — meaning, BlackRock wants assurances that the board and senior executives actually know what’s going on within the organization. At many businesses that can be a big assumption to make.
What BlackRock really wants to see are effective escalation procedures. For example, Wells Fargo’s board clearly didn’t grasp the breadth of misconduct among employees falsifying customer data to hit performance goals in the first half of the 2010s. The problem was pervasive and long term. The multiple ongoing investigations into its sales practices continue to encompass more and more of the bank’s operating units. If federal banking regulators hadn’t already sacked one-third of Wells Fargo’s board, I suspect BlackRock would be pushing for the same right now.
Investors want assurance that boards know a potentially significant problem before it metastasizes into a genuinely significant problem. So what are the processes the organization establishes to triage misconduct allegations? How has the board defined what allegations it wants to know about immediately? How has the board created whistleblower protocols to let employees with serious concerns jump the queue and bring their issues directly to someone empowered to consider them? Who is that person, anyway? (Clue: look in the mirror.) Does he or she have the independence to work with the board and investigate?
Concern No. 3: Executive Misconduct
Read between the lines of BlackRock’s questions above, and you can see another concern: senior executives suddenly dismissed over sexual misconduct or similar allegations. It lies at the intersection of BlackRock’s first point (“policies meant to protect employees”) and the second (“create a healthy culture and prevent unwanted behaviors”).
I’m sure BlackRock doesn’t want abusive executives in the first place, but the sudden loss of a senior executive or other superstar employee makes matters even worse. Our most recent example comes from Nike, which just sacked two senior executives last week amid behavior “inconsistent with Nike’s core values and against our code of conduct.” One, brand president Trevor Edwards, was seen as a potential successor to current CEO Mike Parker.
I’ve written previously about the three hallmarks of a bad culture: unchecked senior executives, flawed whistleblower mechanisms, and a culture of protection rather than a culture of accountability. We don’t need to rehash them here. But a compliance officer would do well to prod the board to think about those hallmarks and how to prevent them — before BlackRock or some other investment firm starts asking those questions instead.