By Adam J. Epstein | NACD Directorship Magazine | January/February 2016
After the Enron-era scandals and the financial crisis, complex legislative acts such as Sarbanes-Oxley and Dodd-Frank were implemented to effect how large, public companies manage risk. In hindsight, it might have been more instructive for large-cap boards to study how smaller public companies manage risk.
The majority of public companies in the United States are small cap. These companies often have frail balance sheets, are beset daily by existential threats, and often have limited corporate governance resources. Shouldn’t every enterprise risk management (ERM) expert be studying how so many small caps thrive despite these long odds?
Setting the Agenda
Board meeting agendas play a vital role in effective risk oversight. At large-cap companies, agendas are often set by the chair and lead independent director, with input from the corporate secretary, corporate governance staff, and various corporate officers. It’s no surprise that agendas are sometimes set without input from all board members.
In small-cap companies, there are often only a handful of board members, there are rarely budgets for any governance staff, and named executive officers are often limited to a CEO and CFO. In other words, small-cap agendas often can’t come to fruition without the measured forethought of everyone in the boardroom.
When every small-cap board member doesn’t commit material time and energy to thinking through what risks require board attention, the company may quickly disappear. The same is true for large-cap companies. Remember Lehman Bros.?
Dialing Down Deference
The principal role of public company boards is to oversee management on behalf of shareholders. That oversight includes hiring the right CEO and then empowering that person to execute the board-approved strategy. Affording CEOs the appropriate amount of deference can be a tricky balance—see, for example, Kenneth Lay (Enron), Angelo Mozilo (Countrywide), and so on.
CEOs of large-cap companies are often business leaders whose success precedes them into boardrooms. It’s understandable that even wily large-cap board members can err on the side of reverence instead of circumspection.
Small-cap companies are riskier to operate than larger public companies, and they often can’t afford lucrative CEO compensation packages. Consequently, it’s not uncommon for small-cap CEOs to be less experienced operating public companies, and also less well known. Small-cap directors, in turn, typically show less deference to CEOs, particularly when it comes to managing existential corporate risks.
U.S. corporate history is replete with examples of what happens when boards are overly accommodating to CEOs. Many large-cap boards would benefit from ratcheting back the deference.
Managing risk at large-cap companies can be complex. Large-cap boards frequently retain nationally regarded consulting firms to assist with all aspects of overseeing enterprise risk. Most small-cap boards would like to hire the same advisors, but they often can’t afford them. Instead, these directors are more likely to rely on each other to identify and oversee critical risks.
Just as board size and extensive governance infrastructure can insulate large-cap directors from governance fundamentals, relying on consultants to help manage risk can unintentionally dilute the extent to which large-cap directors own risk management.
When in doubt, large-cap directors should look to their smallcap peers, who manage risk like their corporate lives depend on it—because they do.