We can safely defer the discussion about whether artificial intelligence will eventually take over board functions. We cannot, however, defer the discussion about how boards will oversee AI — a discussion that’s relevant whether organizations are developing AI systems or buying AI-powered software. With the technology in increasingly widespread use, it’s time for every board to develop a proactive approach for overseeing how AI operates within the context of an organization’s overall mission and risk management.
As boards become more engaged with issues of ESG--environmental, social, governance--what does it mean to have effective oversight of these areas?
Cybersecurity oversight is a key fiduciary responsibility for a board of directors and was a significant concern for companies even before the COVID-19 pandemic forced so many organizations to suddenly shift to remote work. Data breaches and other cyber threats pose significant competitive, reputational, and litigation risks and require increasingly costly investments to prevent, detect, and respond to. Changes in the environment as a result of the pandemic have created new risks that need to be managed with board oversight.
"Very remote." That is how John Hitchins, a nonexecutive director at two U.K. companies, summed up what many corporate boards thought not so long ago of the likelihood of a pandemic suddenly disrupting countless businesses around the world. Then COVID-19 arrived in the early months of 2020.
School may be out for the summer, but close board oversight of corporate operations most certainly is not. After helping management address the implications of the initial Covid-19 wave this spring, directors could be excused if they thought the virus-related heavy lifting was over. That they could throttle back a bit, and concentrate their oversight on business resilience, rather than on crisis management. But the sudden and dramatic surge in Covid-19 infections across the country, and its resulting impact on business, may have changed all that. Not quite the Fourth of July message that corporate directors were expecting.
Corporations have been taking a hard look at the diversity within their ranks, facing pressure from customers, their employees and shareholders. Goldman Sachs is starting a new policy Wednesday: It won’t help a company with its initial public offering unless the company’s board has at least one diverse member. Next year, it will require at least two.
COVID-19 has pressed associations to build boards with people who are flexible and eager to lead, and who bring new perspectives to the table. Diversity initiatives offer a path to get there.
The U.S. Navy’s final U.S.S. Theodore Roosevelt investigative report, which effectively ends Capt. Brett Crozier’s career, reflects an organizational culture that emphasizes the need for leaders to ‘get the job done, no matter what.’ It also underscores the significant personal price to be paid for calling attention to organizational problems outside the direct chain of command.
The number and aggressiveness of cyber threats have been steadily growing, particularly during the COVID-19 crisis. Prior to the pandemic, the World Economic Forum identified cyber attacks as the most concerning technological risk, and the last EY CEO Imperative Study revealed that cybersecurity is the No. 1 global concern for CEOs. Now, more than ever, private and public companies need to sharpen the focus on cybersecurity and address the potential for expanding threats due to the abrupt shift to a remote workforce.
Corporate boards, both private and public, need to address cyber threats and protect against attacks. Melissa Krasnow, VLP Law Group partner, discusses findings from two recent National Association of Corporate Directors surveys that can be useful to boards to benchmark their companies’ cyber-risk oversight practices.