Internationale rapporter og tendenser

Sådan opbygger selskaber deres omdømme efter hackerangreb: I en artikel “Hacking corporate reputations” beskrives det, hvordan selskaber opbygger omdømme efter et hackerangreb. Eksempelvis med Netcompany som et konkret eksempel på en case: ”How do firms respond to the destruction of intangible capital? Recent research has highlighted the importance of intangible capital in the economy, but there is little work on how firms respond to the destruction of intangible capital. Indeed, in The Oxford Handbook on Reputation Jonathan Karpoff lists “how and when do firms rebuild damaged reputations?” as one of six questions deserving further research attention, writing “other than … anecdotes, we do not know whether firms tend to reinvest in reputation following a reputational loss, under what conditions they do so, and whether the reinvestment is successful.” Our research aims to fill this gap in the literature. We ask three different questions related to the loss and potential repair of corporate reputations. First, which stakeholders respond to events that impair a firm’s reputation? Second, which actions might a firm take to repair its reputation? Third, do firms tailor their responses in particular situations or to cater to stakeholders that are particularly important?”

Tre årsager til, at Musks 56 mio. USD store bonus blev afvist af domstolen, som danske selskaber kan lære af: I en gennemgang af hovedpunkterne i domstolens begrundelser for at afvise Musks bonus, oplyses følgende: ”*Document the Process. The Court was very focused on the rushed, casual decision-making of Tesla’s Compensation Committee. In their testimony, several Board members said they couldn’t remember meetings where important elements of the Grant were discussed. If considering a significant award, boards and compensation committees would be better served by undertaking a thorough analysis, including rigorous benchmarking, and documenting that process through e-mails, detailed meeting minutes, formalized presentations, and other written records.

*Awards Should Have Clear Rationales. Musk’s award had no mechanism for actually keeping his attention focused on Tesla, as opposed to his other business interests. While the extent of Musk’s outside interests may be a distinguishing factor, compensation committees going forward should be mindful of the concerns the Court expressed around that issue and consider whether and how to ensure that significant awards to executives are clearly and closely aligned to the Company’s business objectives. Performance conditions for such awards will also be analyzed in retrospect so boards should be sure to pressure test the rigor of those goals and contemporaneously document why goals were determined to be challenging.

* Expect Extra Scrutiny of Independent Directors. The Court was particularly disturbed by the close personal and business relationships of Tesla’s Compensation Committee members with Musk, such that they viewed awarding the Grant as a collaborative process with Musk, rather than an arm’s length negotiation. Expect, when considering significant compensation awards, that all elements of an independent director’s connections with the executive-grantee—including length of board service—to be closely examined for indicia of objectivity.”

Investorer og kapitalforvaltere stiller øgede krav til selskabers cyber-relateret Governance: “Large investors and their stewardship teams, as well as proxy advisors, are rapidly evolving their expectations for Boards and management teams to demonstrate robust cybersecurity programs are in place: Glass Lewis’ 2024 Policy Updates included a new approach to cyber risk oversight which can lead to recommended votes against directors where a company has been impacted by a cyberattack; ISS ESG introduced a Cyber Risk Score for companies, which scores companies on cyber risk oversight on management disclosures, to “help investors predict portfolio companies’ relative exposure to cyber breaches within the next 12 months”; BlackRock provided specific commentary on its approach to data privacy and security topics, including how the stewardship team views cybersecurity as a material risk and its approach to engaging with boards and management teams on the topic; Vanguard’s Stewardship Annual Report provided direct reference to productive engagements it had with a handful of companies directly on cybersecurity risks; and State Street’s Asset Stewardship Report identified cyberattacks as its first emerging systemic risk for markets and global economies – ahead of geopolitical risks and the possibility of a recession.” Læs hele gennemgangen her.

Morten W. Langer