Governance Insights 2020 (10th edition)

CHAPTER 02 Risky Business: The Board’s Role in Enterprise Risk Management

7. CONSIDER THE BOARD’S RISK OVERSIGHT COMPETENCY

9. STREAMLINE RISK-RELATED DISCLOSURE

To provide input to senior executives regarding critical risk issues on a timely basis, directors must understand the business and industry, as well as how a changing environment may affect the issuer’s business model. The nominating committee should regularly assess board composition to ensure the board has the requisite skill sets and independence to provide effective risk oversight. In some cases, a director’s personal or business relationships can impair that director’s independence generally or his or her impartiality with respect to the specific issues or risks at play. Independence is not a static concept and should be assessed regularly with regard to the nature of the decision or information being placed before the board to ensure its responsibilities or decisions are not undermined by conflict. 8. PREPARE AND MAINTAIN ACCURATE AND COMPLETE RECORDS Board and committee minutes should be prepared in a timely fashion and be reasonably detailed in respect of the board’s oversight function. All deliberative processes on risk, including the process undertaken, the documents considered, the advice received and the decisions made, should make their way into a board’s or committee’s minutes. Although there is no standard approach to preparing minutes, nor is there a fixed amount of detail for all issuers to include, it is important to maintain an accurate, complete and precise record that contains sufficient detail to identify the key factors that the board (or the committee) considered. The process of producing a record of decision-making and oversight imposes a discipline on directors that arguably drives better preparation, engagement and due consideration.

Boards should take the opportunity to review their risk disclosure practices to ensure that their disclosure provides market participants with clear, concise and insightful information that is entity-specific. As highlighted in several notices by the Canadian Securities Administrators (CSA), 16 including the “ COVID-19: Continuous Disclosure Obligations and Considerations for Issuers Presentation ,” 17 regulators (in addition to investors) are strongly encouraging issuers to avoid lengthy, repetitive, vague or “boilerplate” disclosure in their annual information forms, prospectuses, and forward-looking information disclaimers. Instead, issuers should disclose current and future risks facing the company, how they relate to company strategy and how they may have resulted in adjustments in company objectives. 18 Similarly, strong risk oversight disclosure should explain both the board’s ERM framework and the steps that have been taken to overcome risk oversight challenges. 10. BE A TRENDSETTER – SEEK OUT AND INCORPORATE EXTERNAL ADVICE The ERM landscape is constantly evolving. Staying abreast of new trends, tools, techniques and best practices can add a competitive edge to the board’s ERM program. Boards are advised to avail themselves of the numerous resources available to improve board function. Industry experts can offer new insights and encourage innovation. Boards can and should conduct emergency drills and exercises that emulate a crisis event in the core areas most relevant to their businesses. These exercises can expose weaknesses in a board’s or management’s emergency preparedness or ERM controls.

Davies | dwpv.com