Trends and Challenges in the Boardroom Hotel d’Angleterre 14th June 2016

AGENDA

8.15am: Arrival and Networking

8.45- 9.15am: Breakfast

9.15- 9.55am: The Nordic Corporate Governance model and the variance

between the countries,

Professor, Dr. Eythor Jonsson, Center of Corporate Governance at University of

Iceland

9.55 – 10.05am: Break

10.05 – 10.45am: Cybersecurity: Is your board leading by example?

Fredrik Wingren, Diligent

10.45 – 11.25am: Enhancing Board Effectiveness through Board Evaluations

Jakob Stengel, Board Network

11.25 – 11.30am – Wrap up

Dr. Eythor Ivar Jonsson - ej.smg@cbs.dk

Copehagen Business School

University of Iceland – Center for Corporate Governance

Why important?

Proximity of Nordic countries

CG Model in Practice

Variations and implications

Further discussions

Social Liberalism

Parliamentary System

Constitutional Monarchy

Denmark, Sweden, Norway

Constitutional Republic

Finland, Iceland

European Union Members:

Denmark, Finland, Sweden

EEA members:

Norway, Iceland

High GDP per Capital ($41 – 67K)

High equality (Gini 22 – 28)

Small nations

Sweden 9,7 m

Denmark 5,6 m

Finland 5,5 m

Norway 5,1 m

Iceland 0,3

State an important participant in the economic system

Nordic social model has the following main features (Alestalo, Hort, & Stein, 2009; Andersen et al., 2007): A large government sector

providing universal access to health care, child care, education etc.

Significant income transfers including pensions and unemployment benefits - High tax rates to finance these expenditures

Strong labor unions

Low economic and social inequality

Focus on technology infrastructures

Focus on high education

Network readiness (WEF)

Finland, Sweden, Norway

Denmark, Iceland

Innovation index

Iceland (4), Finland (7), Sweden (10), Denmark (11), Norway (18)

Nordic countries are similar in terms of three norm systems: statutory regulation in form of company

law and other mandatory rules issued by the government or official authorities.

Civil law – Nordic Civil, German Civil, French Civil and Baltic Civil and Common Law, (Cicon et al., 2010)

Self-regulation defined and enforced by the business sector itself.

Governance Codes - Global Governance Practices (Czech Rep, Greece, Hungary, Norway, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden) Cicon et al. (2010).

Informal norms and practices that influence how corporate governance is carried out in practice.

Business culture

Environmental Performance Index (Yale University)

Finland (1), Iceland (2), Sweden (3), Denmark (4), Norway (17)

Ownership structure in the Nordic countries is concentrated and highly dependent on blockholders. Stock market capitalization to

GDP (WorldBank 2012) Norway 51%, Finland 62%, Denmark 70%, Sweden 103% US / UK 115%

Concentrated ownership

Blockholders

Foundations

Public State

Pension funds

Families

Other institutional investors

0

10

20

30

40

50

60

70

80 Denmark 74%

Finland 60%

Sweden 65%

Norway 75%

France 40%

Germany 25%

Italy 65%

Spain 46%

Netherlands 48%

UK 15%

US 20%

Presence of significant shareholders (> 20%)

among ~20 largest listed companies

Sources: EU countries: European Commission Study

on Proportionality between Ownership and Control,

2007 US, Norway: La Porta, Lopez-de-Silanes &

Shleifer: Corporate Ownership Around the World, 1999

Ownership

level

Oversight and

control level

Executive

level

General Meeting

Chair

&

CEO

One-Tier Model

General Meeting

CEO

General Meeting

Supervisory Board

Management Board

Nordic Model Two-Tier Model

Board

Board Chair

Economies

Size and focus

Ownership

Different type of blockholders

Structure

Employees representatives

Role of board

Supervisory board vs. Strategic focus

Larger Small Sweden?

Iceland?

Innovation driven

Resources drien

Denmark?

Finland?

Norway?

Active Passive

Family

(Wallenberg)

Pension funds

(Iceland)

Directing

Controlling

Independ

ence

Executi

ves

Compa

ny

Busines

s

Relatio

ns

Owners

Executives Non -

Executives

Employee

reps

Stewardship Agency

Stakeholder

Shareholder

Denmark?

Iceland?

One of the key reasons for providing a Nordic perspective on corporate governance is the tidal wave of EU-level regulations on corporate governance (Lekvall, 2014). The harmonisation efforts have made visible the considerable diversity of corporate governance systems in place among the EU member states (Lekvall, 2014). Attempts to harmonize various national corporate

governance models are not recent but a recurrent theme for decades within the EU (Cernan, 2004).

It implies that there is not much change in attempts to harmonize various national corporate governance models, some practices seem to be converging to UK practices while other diverge (Cicon et al., 2010) which implies that the hybrid model and different models still exist in the European context.

Nordic

Corporate

Governance

Model

Political

Economical

Social

Technological

Legal

Environmental

S&P-500 = 80% owned by institutional investors

Blackrock $4.600 billions

Horizontal ownership

7 largest owned 60% in UA 2013 - 2015 owned also 27,5% in Delta, 27,3% in JetBlue and 23,3% in Southwest.

Less competition

Higher prices

Icelandic Pension funds = 40% of listed companies

Insurance market – 20 largest = 43,7% in TM, 34,3% in Sjová, 39,1% VIS (Magnusson, 2016)

Real estate market – 20 largest = 47,7% in Reitir, 37,4% in Regin and 39,4% Eik (Mangusson, 2016)

Purpose & Role

Structure

Tasks

Directors

Processes

Dr. Eythor Ivar Jonsson - ej.smg@cbs.dk

Copehagen Business School

University of Iceland – Center for Corporate Governance

General Meeting

CEO

Nordic

Model

Board Non-executive

directors

General Meeting

Non-executive

directors

Executive

directors

UK/US

Model

Board

CEO and other

senior mgmt

Auditor Auditor

Need for Audit Committe to protect integrity of the board

No need for Audit Committe to protect integrity of the board - rather a matter of effective organisation of the board’s work

Cybersecurity: Is your board leading by example? Fredrik Wingren 14th June 2016

Fredrik Wingren Sales & Business Development Director

Nordics

AGENDA

Diligent Boards Security Features The Four Myths Cyber Threat Landscape

Our board of directors

understands the security risks to the

organisation

Source: Defining the Gap: The Cybersecurity Governance Study, Ponemon Institute, June 2015

100%

90%

80%

70%

60%

50%

40%

30%

20%

10%

0%

ITS BOD

Agree

Strongly Agree

32%

38%

21%

22%

Or do they?

30% 57% Disagree

Why cybersecurity governance is not on the board’s agenda

Source: Defining the Gap: The Cybersecurity Governance Study, Ponemon Institute, June 2015

Security governance is best handled by the company’s management

Concerns about director liability

Lack of directors’ expertise and knowledge about cybersecurity

Lack of resources

Not considered a priority issue

Other

0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%

79%

51%

25%

15%

13%

3%

But we disagree!

Why does it even matter?

Last year 90% of large Nordic

Companies had a data

breach

Cybersecurity in the News

39

40

The real-time picture

Source – NORSE ATTACK MAP

http://map.norsecorp.com/

The biggest security threat?

US!

People account for

nearly 90% of all security incidents

Myth No.1vs FACT

My work email

account is a quick,

easy and secure way

to share materials.

FACT

You lose control of email once its sent

No ability to pull it back or delete it

You cannot stop someone sending it on once it’s received

Myth No.2 vs FACT

Password protected

PDFs adequately

secure my sensitive

materials Quick search on google >2m web links on how to unlock an Adobe PDF that has been password protected

2,380,000 results

Myth No.3 vs FACT

I provide an

electronic copy. This

means it’s always an

electronic copy.

FACT

Once you have sent a document electronically, you lose control of what people do with it.

300 page board packs can be printed and shared.

Printed documents can easily be lost or stolen

People still LOVE paper!

Myth No.4 vs FACT

Data needs to always

be stored in-house to

be secure

FACT

Employees remain the most cited source of compromise (63%) *

Third party cloud security providers have the expertise, facilities, resources, analytics, real time monitoring, testing processes, advanced authentication, access, control and archive management

Third party providers can provide the 24/7 support needed by execs and teams to service clients, respond to incidents, threats and issues quickly, efficiently and effectively

49

What does a secure process look like?

50

51

Diligent Boards Security Features

Secure Sign-In

Touch ID

Security Questions

Device Authorisation

Controlling User Roles and Access

Hiding Documents from Certain Users

User access by Date

Preventing Further Distribution

Control access to data

How Diligent Boards Can Help

Data encrypted in transit and on all devices

Does not track Director’s electronic footprint

Regular, repeated third-party audits and penetration testing

Local redundancy, data back-up and recovery

********

Diligent by the numbers

62

Founded in

2001 12

Offices word-wide: HQ in NYC

5 International data centers in Germany, United States

and Canada

Over

4000 companies

62

Client retention rate

97%

Over

120,000 Board members, executive

and administrator users

72+ Countries

QUESTIONS?

Fredrik Wingren Sales & Business Development Director, Nordics

fwingren@diligent.com

THE FUTURE OF BOARD LEADERSHIP

BOARD EVALUATION When Good is the Enemy of Great

TRENDS AND CHALLENGES IN THE BOARDROOM Copenhagen, June 14th, 2016

JAKOB STENGEL Global Head of Board Practice, Case Rose / InterSearch

Founder & Chairman, Board Network – The Danish Professional Directors Association

Jakob Stengel

• Founder & Chairman of Board Network – The Danish Professional Directors Association

• Managing Partner of Case Rose / InterSearch since 2012. Global Practice Leader of InterSearch’s Board Practice Group

• InterSearch is a global top 10 Executive Search firm with 95 office in 50 countries

• Previously 5 years with 3 other major global Executive Search firms

• Earlier career includes 10 years in senior management positions in international financial services

• Serving as Non-Executive Chairman on 3 different Boards of Directors in Danish companies

• External lecturer at CBS’ MBA-program and INSEAD’s board program for more than 3 years

• Editor-in-chief of Board Perspectives, and co-author of a number of management books

• Master of Law

It is the #1 most effective means to articulate and address the Board’s inter-dynamics

AND

Hence the most effective tool to enhance board effectiveness

Board Evaluations – why?

I can’t think of a single work group whose performance gets assessed less rigorously than corporate boards. This lack of feedback is self-destructive… people and organizations cannot learn without feedback. No matter how good a board is, it's bound to get better if reviewed intelligently.

Jeffrey Sonnenfeld, Senior Associate Dean, Yale School of Management, 2003

2003 Annual reviews required (Higgs Report)

Similar provisions across Europe (Tabaksblat, Cromme, Bouton)

- Denmark was actually one of the first movers (Nørby) in 2002

Similar provisions across all Nordic countries incl. Iceland (ref. 2.9 in the Code)

2009 UK: External reviews recommended at least every three years

- expected in the 2017 revision of the Danish Code

UK is – as usual – a leader in CG

• Growing use of external facilitation

• Highly fragmented marketplace

• Impact of / satisfaction with evaluations is mixed

Board Evaluations – some

observations

• How many? 47%

– 77% every year

– 15% every other year

– 8% every three years or less

• How?

– 50% as a self-evaluation

– 10% by external consultants

– 15% as a combination of the two

– 14% varies between the three

– 11% are unsure

Board Evaluations – some of the latest

data

Source: Global Board Survey 2015 by InterSearch and Board Network

Wrong intent

Wrong approach Wrong facilitation

Wrong focus

Why Evaluations might fail to add

value

• A focus on enhancing the Board’s added value

• A tailored approach, reflecting client needs

• Anchored in the right fundamental questions – quantitative AND qualitative

• Centred around individual structured interviews

• Independent judgements, robustly expressed

• Providing a solid basis for increased inter-Board dialogue

• Resulting in specific actions with clear follow-up

Key features for best practice for

board evaluations

Stage Details

1. Preparation • Explore context and objectives with Chairman, a.o.

• Agree scope, approach and timetable

2. Assessment • Complete initial questionnaires as desired

• Conduct individual confidential interviews

• Attend Board meeting if appropriate

• Complete targeted analysis as required

3. Recommendations • Synthesise key insights and recommendations

• Pre-syndicate with Chairman

• Present conclusions to full Board

• Share individual feedback as appropriate

4. Action • Agree concrete action plan

• Review progress at appropriate intervals

The process

How to ask the right questions?

Quantitative Deteriorating Improving 1. Is the company’s health improving or declining... a. compared to the last two years? 1 2 3 4 5 6 7 b. compared to the competition? 1 2 3 4 5 6 7 c. compared to the external environment? 1 2 3 4 5 6 7 Definitely not Definitely yes 2. Is the company fully capturing potential opportunities? 1 2 3 4 5 6 7 3. In your assessment, does the board as a whole expect the company to perform well... a. this year? 1 2 3 4 5 6 7 b. over the next three years? 1 2 3 4 5 6 7 4. Do you yourself expect the company to perform well... a. this year? 1 2 3 4 5 6 7 b. over the next three years? 1 2 3 4 5 6 7 5. In your view, does the board as a whole concur with the company strategy? 1 2 3 4 5 6 7 6. Do you yourself concur with the company strategy? 1 2 3 4 5 6 7 7. In your view, does the board as a whole believe the company has the right balance between short-term and long-term goals? 1 2 3 4 5 6 7 8. Do you yourself believe the company has the right balance between short-term and long-term goals? 1 2 3 4 5 6 7

How to ask the right questions?

Qualitative

• Please describe the company’s strategy in your own words • What are the 3 major risks facing the company? • What was the 3 most significant decisions the board made in the

past year? • What do you see as the board’s 3 most important priorities in the

coming year? • If the company was going to add one new board member, what

background/skill set should that person bring? • If you could change one thing about the company’s board, what

would it be? And why?

Competency mapping in an

Evaluation

Competency mapping in an

Evaluation

Examples from companies which subsequently changed things: Desired, but lacking competencies Female, consumer behaviour (FMCG) Growth plan targetted at BRICS (service) IT / Technology / E-commerce (financial services) Supply-chain (retail) International experience from the industry (industrial) Experience from procument in public sector (technology)

When Good is the Enemy of Great

Because too often, Boards become complacent with their own performance and effectiveness - and thus set an invisible bar for how

much the company will be able to grow.

Will your shareholders thank you for that?

Board Evaluations – why the headline?

Contact details

Jakob Stengel

BOARD NETWORK

The Danish Professional Directors Association

Grønningen 25

DK-1270 Copenhagen K

www.boardnetwork.dk

jsh@boardnetwork.dk

+45 21 28 28 82

Thank you!