KPMG: BOARDS ARE DEEPENING THEIR INVOLVEMENT IN STRATEGY, REFINING OVERSIGHT OF RISK AS GLOBAL VOLATILITY RISES
Ongoing challenges include linking strategy and risk, and addressing growing cyber security risks
Corporate boards are deepening their involvement in company strategy and refining their oversight of the critical risks facing the company, according to a recent global survey from KPMG.
“Local and global volatility that we’re seeing—swings in commodity prices, uncertainty in geopolitical hotspots and currencies, a decelerating China, technology innovation, and disruptive business models—are clearly causing boards to sharpen their focus on strategy and risk,” said Jeyapriya Partiban, KPMG in Bahrain. “The competitive landscape and risk environment demand it, investors increasingly expect it, and bringing value to the boardroom dialogue requires it.”
Fifty-three percent of the directors and executives surveyed globally said their board has increased its involvement in the formulation of strategy alternatives, and 61 percent said the board has sharpened its focus on improving risk-related information. “Rather than an annual decision by management and the board, strategy is becoming an ongoing discussion, with continual assessment, evaluation, and adjustment as conditions change.” Partiban continued.
The survey responses—from more than 1,000 directors and senior executives in 28 countries— suggest that while many boards are deepening their involvement in strategy and risk, significant challenges remain, including linking strategy and risk, and addressing growing cyber security risks.
Among the key findings:
- Boards continue to deepen their involvement in strategy—including execution. Some 80 percent of survey respondents said the board has deepened its involvement over the past 2 to 3 years—in the formulation of strategy and consideration of strategic alternatives, monitoring execution, devoting more time to technology issues (including cyber security), and recalibrating strategy as needed.
- Effectively linking strategy and risk continues to elude many boards. Only half of survey respondents are satisfied that strategy and risk are effectively linked in the boardroom discussions. Risk-related decisions, many said, would be most improved by more closely linking strategy and risk, as well as having a more-clearly defined risk appetite, better assessment of risk culture, and giving greater consideration to the “upside of risk taking” (versus risk avoidance).
- Better risk information and access to expertise are (still) top of mind. Many boards have recently taken steps—or at least discussed ways—to strengthen their oversight of risk, mainly by improving risk-related information flowing to the board, but also by hearing more independent views and refreshing the board/recruiting expertise, coordinating (and reallocating) risk oversight responsibilities among the board’s committees, and/or changing the board’s committee structure.
- Cyber security may require deeper expertise, more attention from the full board, and potentially a new committee. Greater use of third-party expertise and deeper technology expertise on the board would most improve the board’s oversight of cyber security, survey respondents said. Nearly one in three respondents said cyber security needs to have more time on the full board’s agenda, and a quarter said formation of a new committee to address technology/cyber risks would be beneficial.
- Oversight of key strategic and operational risks could be more-effectively communicated among the board and its committees. Nearly half of survey respondents cite room to improve the communication and coordination among the full board and its committees on oversight of the company’s key strategic and operational risks—e.g., strategy, CEO succession, talent, regulatory compliance, cyber security and emerging technologies, and supply chain issues.
KPMG’s Audit Committee Institute (ACI) champions outstanding corporate governance to help drive long-term corporate value and enhance investor confidence. ACI engages with directors and business leaders across 35 countries, delivering actionable thought leadership on risk and strategy, talent and technology, financial reporting and audit quality, and more.
KPMG is a global network of professional firms providing Audit, Tax and Advisory services. We operate in 155 countries and have more than 162,000 people working in member firms around the world. The independent member firms of the KPMG network are affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. Each KPMG firm is a legally distinct and separate entity and describes itself as such.