Mats Isaksson, OECD head of corporate affairs, runs through the risk management lessons from the financial crisis
An interview with Mats Isaksson, OECD head of corporate affairs, where he talks about corporate governance failures thrown up by the financial crisis in areas like executive pay and risk management and what needs to be done. It was first published on the OECD website.
What are the key corporate governance lessons from the financial crisis?
The most obvious lesson is that corporate governance matters. Company executives, policy makers, regulators and shareholders need to pay more attention to corporate governance. When times were good, it seems that many took their eye off the ball and now we see the consequences. A firm’s rising share price is not necessarily a sign of good corporate governance. History tells us that it could actually be the opposite.
What issues need the most urgent attention?
There are four key areas: corporate risk management, pay and bonuses, the performance of board directors, and the need for shareholders to be more proactive in their role as owners.
Let’s start with remuneration. There’s a lot of public anger over executive pay in many countries. Is this a sign of poor corporate governance within firms? How can corporate governance principles help?
“The most obvious lesson is that corporate governance matters.
I am not surprised by the public outcry. And when there is a very weak link between pay and performance it is obviously a case of poor governance. Recent surveys have shown that four out of five financiers believe that compensation practices played a role in promoting the accumulation of risk that led to the crisis. There are clearly big problems with the “pay for performance” system.
But to get it right we need to look at pay structures across whole companies, not just at their high-profile CEOs. Our work has shown that it is equally important to come to grips with how bonuses are designed and paid among traders and portfolio managers throughout the company. We have seen too many examples of employees being given short term incentives that are not in line with the long term sustainability of the company. This contributed to the build-up of unmanageable risks that eventually brought the companies down. Corporate governance principles can be of great help by providing a structure for deciding on remuneration. Here the board will play an important role. When looking at various models for compensation, boards should explicitly ask themselves if the company’s compensation model is aligned with prudent risk taking and the long term objectives of the company.
If pay for performance doesn’t work, what will?
Pay for performance does work but need to be better managed and more transparent. The governance of remuneration systems has often failed because decisions and negotiations are not carried out at arm’s length. Managers and other insiders often have had too much influence over the level and conditions for performance-based pay with the board unable or incapable of exercising objective, independent judgment. In many cases it is even hard to establish the link between performance and remuneration in such schemes. For example, companies have often used general measures of stock price rather than the relative performance of an individual firm. Often, the pay schemes are also described in a way that makes it hard for shareholders and others to understand their implications in terms of risk, cost, etc. Hard to value pensions schemes is a good example.
The crisis has thrown up some massive failures in risk management. While many companies had internal controls on financial reporting, it’s clear that their executives did not fully grasp or communicate the financial risks of many of the instruments they were betting on. Can the OECD’s principles address this issue?
Yes. Our message is that risk management must be seen in a corporate wide perspective where the risk management system is continuously adjusted to corporate strategy and risk appetite. We also need to improve the exposure to risk management among board members and make sure that they get all the necessary information to make informed decisions. We have therefore suggested that corporations have a special risk officer. We believe that this person should report directly to the Board of Directors and not via the CEO. Surveys of audit committee members have shown that they are not too satisfied with the current state of reporting. Only four out of ten said that the risk reporting reports they received were very good.
“We need to improve the exposure to risk management among board members.
What about the boards? After all, these are charged with overseeing the risk management systems of firms. Is this their failure too and what must be done?
As I said, they have not always received high quality information. But the question is also if they actually demand high quality information? And if they received it, would they be able to understand and interpret it in any meaningful way? Being a board member in a large complex organization is extremely demanding. And it would not be realistic to expect all board members to have detailed knowledge of all aspects of the business. But particularly in financial firms, a good understanding of risk management is vital. This is why the OECD has suggested that the “fit and proper person” test (deleted could) be expanded to include also their technical and professional competence in areas like risk management. It might also be worth looking at strengthening the legal duties of board members – and enforcement of those duties.
Is there a case for turning the OECD Principles of Corporate Governance into laws?
The OECD Priniples are focused on achieving certain outcomes in terms of performance, transparency, etc. How you do this can vary between countries and companies but in many many cases they have chosen to implement the OECD Principles through regulation and legislation. Considering the desire to ensure a level playing field this is sometimes the preferred route also for companies who may otherwise find it hard to “take the first step”. So together with private sector initiatives the formal framework of rules and regulations is fairly solid in most OECD countries. But what we need to do better is to monitor implementation. Starting soon, the OECD will set up a mechanism for peer reviews of how countries and companies actually live up to agreed corporate governance standards. This will not only be a way to increase awareness. I hope it will also help to generate ideas for improvement by pointing at good examples.
Have you seen any sign that the private sector is taking greater interest in improving their corporate governance since the crisis?
Yes. I think this is on everybody’s mind right now. And large parts of the private sector realize that they need to re-gain credibility. We believe private sector initiatives to improve corporate governance are very important and encouraging and we have therefore established a standing forum for dialogue and exchange of experiences with the private sector and other stakeholders. Earlier this year we also launched a global consultation on the internet where people with different background and expertise provided input and suggestions to our report on corporate governance and the financial crisis (The Corporate Governance Lessons from the Financial Crisis).