Risky business: Thinking about board oversight

Business is becoming increasingly risky. 

Supply chains that used to be “just in time” now aren’t. A ready supply of labour, particularly skilled labour, is not available. A rules-based international order and stable domestic policy settings are increasingly coming under pressure. Low‑cost financing and price stability are becoming a thing of the past.

And that’s before boards turn their minds to cybersecurity, rapid changes in digital and other technology (notably more accessible artificial intelligence) and a seemingly ongoing series of natural disasters and crises at home and internationally.

Boards have a critical role in understanding and supporting management to respond to this rapidly changing context and the risks associated with it. 

Board oversight is essential if companies and other organisations are to survive through these challenges and thrive over time.

Recently KPMG United States hosted a peer exchange on risk management and board oversight with lead directors of Fortune 100 and other large companies. They shared their views on board structures, committee oversight and director expertise and education.

The main conclusions from that exchange that are relevant to New Zealand board members were:

• The current pace and velocity of change means every board needs to periodically reassess whether its existing oversight structures are still appropriate, including whether current committee charters reflect current priorities and mandates. Further guidance on this is outlined in the recently released guidance on Board structure and capability for climate
• Risk oversight is a shared and collective board responsibility. Boards need to ensure that this oversight doesn’t end up being concentrated in a single risk, or similar, committee and that the scope of risks is regularly reviewed.
• All information about risk and oversight should be shared with all board members, not just in the committee or committees dealing specifically with these issues. Some use a portal (like Diligent Board tools) to give all board members access to this information.
• Boards need to carefully consider the composition and skills required on board committees with risk oversight. It’s important not to make assumptions that the skills and experience typically seen on Audit and Risk Committees are fit for purpose with the range of emerging risks boards are now overseeing. This means looking to expand the range of skills on these, and other, committees and consider bringing on directors from non-traditional backgrounds to support management to effectively navigate an increasingly complex risk landscape.
• Ensure that there is coordination between the work of the committees and committee chairs and good oversight by the board.