The importance of risk management in corporate governance
June 20, 2023
Risk management is an important part of corporate governance because it helps organisations identify, assess and mitigate risks that can impact their ability to achieve their objectives and goals. It helps protect stakeholder interests, encourages better decision-making, preserve value and compliance and identify any emerging risks.
When considering risk management in executive remuneration, boards should take into account several factors. We focus on a few in this article.
Executive remuneration structures should establish a balance between risk and reward. Boards should consider the potential risks associated with specific remuneration elements, such as short-term or long-term incentives and ensure that they do not encourage excessive risk-taking from executives or create misaligned incentives and bonus schemes.
Within this, boards should carefully select performance metrics that reflect a balanced and comprehensive assessment of executive performance. These metrics should include both financial and non-financial aspects, potentially including strategic objectives, operational performance, risk management, and ESG (environmental, social and governance).
In order to mitigate excessive risk-taking and misconduct, boards should incorporate clawback provisions in executive short-term and long-term incentive schemes. These provisions allow the company to recover bonuses or other incentives in the event of poor performance, ethical breaches, misconduct or material misstatements. Various regulations and corporate governance guidelines, such as those issued by the Financial Reporting Council (FRC) and the Investment Association, encourage the adoption of such provisions to promote good governance practices.
Lastly, cyber security is becoming an important consideration for boards when thinking about risk management in executive remuneration. Cyber security risks have become increasingly important. Executives are responsible for safeguarding sensitive corporate and customer data. Breaches can result in financial loss, regulatory penalties and damage to the company’s reputation. Cyber security risks also pose a threat to a company’s operations and financial performance.
Boards should consider incorporating cyber risk mitigation measures into executive remuneration packages, such as linking pay to the effectiveness of cyber security strategies, incident response capabilities, and adherence to regulatory requirements. By doing this, they ensure that cyber risks are addressed, and executives are incentivised to effectively manage cyber security across the organisation.
The considerations outlined above are just some of the elements required to provide a basis for boards in the UK to effectively manage the risks associated with executive remuneration, promote good governance and align pay structures with long-term value creation.
Should you wish to discuss anything related to this article, please contact Yolanda Roach.