Adaptive Governance: Board Oversight of Disruptive Risks
March 6, 2019 I Seattle, WA
Speakers: Nora Denzel, Independent Director, Ericsson, AMD, and Talend; and Alex Wittenburg, Executive Director, Marsh & McLennan (MMC) Insights
Submitted by: Liane Pelletier, NACDNW Board Member and Program Captain
The gap between the importance of and confidence in identifying and overseeing disruptive risk has made the topic a high profile one for boards of all sorts.
Agreeing on the definition of disruptive risk was task #1 for the BRC, and discussing that definition is highly recommended as an exercise for all boards. Second, understanding how and why disruptive risks typically are not addressed by conventional ERM is also an important exercise, though conventional ERM is valuable to the board’s work so continuing to mature conventional ERM processes should not be sidelined. Third, once a commitment is made to oversee disruptive risk, the board should do a check-up on its governance practices. The BRC helped to put a spotlight on a few governance practices that strengthen a board’s abilities in this work.
- culture: be frank in assessing if the board has the comfort with and courage to challenge itself and management on the range of disruptive tasks – including black swans, grey rhinos and white elephants; some helpful ‘red flags’ were identified that can frame the board’s discussion.
- skills: the gap discussed above suggests a need to boost skills of both management and the board, and there are a number of ways to accomplish that: for example, committing to the time to educate oneself, seeking outside advisors, tapping a wide range of info sources, and seeking ideas outside conventional industry lines.
- processes: no two boards are alike, but a healthy discussion of how to get started is important: the strongest recommendation was to make this a full board activity, tied to continuous strategy dialogs; a second program insight suggested tasking different management teams to address short term and long term risks so that a solid set of scenarios could be explored by the board.
In summary, the point was made that an organization cannot shield itself fully from being ‘hit’ by a disruptive risk – coming from within or outside the organization – but it can improve its chances of surviving one – by testing its resiliency – in all aspects of culture, strategy and operations.