by Meridith Levinson

Corporate Boards: The Risks for CIOs

Jan 15, 200313 mins
IT Governance

The last year and a half will probably go down as one of the most tumultuous periods in the history of corporate America. Enron’s accounting improprieties led to its thunderous collapse 18 months ago. Soon thereafter, problems surfaced at a host of public companies?Adelphia, Global Crossing, Tyco and WorldCom among them. Dubious accounting practices led to bankruptcy or company founders being led off in handcuffs, as was the case with Adelphia’s former CEO John Rigas. Myriad accounting firms and investment banks joined the fray, becoming embroiled in lawsuits and investigations over conflicts of interest. And don’t forget the allegations of insider trading encircling Martha Stewart and ImClone CEO Sam Waksal.

This epidemic of corporate chicanery inspired an uncharacteristically rapid response from the government. To assure the public that the White House was taking seriously the call for corporate reform, President George W. Bush signed the Sarbanes-Oxley Act into law on July 30, 2002, just seven months after Congress passed it. (For more on the accounting reform act, see “What the Sarbanes-Oxley Act Means for Board Members,” Page 90.)

While this stormy corporate climate makes joining a board of directors a seemingly risky proposition, it’s also rife with opportunities for current and former CIOs to shape business history. At a time when big business needs to make big changes to restore investors’ confidence and bring some stability to a sluggish economy, the meticulous nature and analytical mind of CIOs could cast them as the cadre of executive most capable of playing watchdog.

The backdrop of bad business behavior is already changing the boardroom agenda. When the seven members of the Sybase board of directors gathered last July in Half Moon Bay, Calif., for the company’s second quarter meeting, they spent 20 percent of the time discussing the ramifications of Sarbanes-Oxley and the new requirements for financial reporting, says board member Cecilia Claudio. To prepare for the meeting, Claudio spent a lot more time scrutinizing the company’s annual and quarterly financial statements (10-Ks and 10-Qs, respectively) than she had before the corporate scandals.

“There’s a higher level of engagement on the financial side…understanding all the 10-Ks and 10-Qs and making sure everything is done according to the new act,” says Claudio, the senior vice president and CIO of Farmers Insurance Group who has served on Pleasanton, Calif.-based Sybase’s board for three years. “There’s a higher degree of responsibility that each one of us feels.”

Many current and former CIOs serving on boards echo that sentiment. David Weick, the senior vice president and CIO of McDonald’s who sits on the board of Lake Forest, Ill.-based Trustmark Insurance, says the corporate scandals have “redoubled” his understanding of his role in representing the shareholders’ interests. Carl Dill, who served as CIO of McDonald’s and Time Warner before retiring and joining the boards of two technology companies, says board members are required to exercise more oversight and practice better checks and balances. That makes the role much more time-consuming. “There are probably three times as many meetings and reviews on my calendar for 2003 as there were previously,” he says.

Companies having difficulty finding executives willing to assume these added responsibilities are increasingly viewing current and former CIOs as an untapped pool of talent. One notable example is international apparel retailer Gap, rated by BusinessWeek last September as having one of the worst, most clannish boards in America. That same month, Gap tapped onetime Wal-Mart CIO Bob Martin for a seat at its table. In a press release announcing Martin’s appointment, Gap Chairman Donald G. Fisher said, “Bob’s good business judgment, information technology expertise and international retail experience will be an asset to us.”

CIOs and former CIOs such as Martin bring important skills and perspectives to bruised and battered boards. Their expertise in designing and implementing financial systems is a boon to boards struggling to comply with government regulations requiring more frequent?if not real-time?financial reporting. Their experiences with compensation and retention issues can prove invaluable during discussions about motivating the executive team. CIOs have also gleaned knowledge of different aspects of business over the years?from supply chain management and sales to marketing and HR.

State of Denial?

While Weick and his colleagues speak of their increased responsibility and vigilance, they discount the idea that shady dealings are widespread. “There are a few companies that either had fraudulent practices or engaged in some unethical activities, but I think the number of companies is limited,” Weick says.

John Loewenberg has a similar view. “These high-visibility cases would lead you to believe there’s an issue there,” says the former CEO of Aetna Information Technology who sits on the boards of five high-tech firms. “I personally believe you have a few companies where there’s a serious problem.”

Those comments may be an attempt at positive spin and corporate political correctness, or they may indicate an attitude and a lack of assertive oversight that’s part of the disfunction in corporate governance today. “It’s not just a few bad apples,” says Jay Lorsch, the Louis Kirstein professor of human relations at Harvard Business School and author of Pawns or Potentates: The Reality of America’s Corporate Boards. “There are huge problems across the whole spectrum of our corporate governance system. When you see a law like Sarbanes-Oxley signed by the president, there’s a problem. If the CIOs of America don’t see it, then God help ’em. They’re blind.”

Recognizing Conflicts

For CIOs to effectively serve shareholder interests as board members, they must understand the debate around board and CEO compensation and how conflicts of interest arise. For example, it might sound sensible to compensate CIOs and other executives with cash (rather than riskier stock options) to encourage them to serve on boards. Max Hopper, who sits on the boards of Gartner and four other companies, advocates this idea. “People joining boards want to be rewarded for their contribution,” says Hopper, the former CIO of the Bank of America, former senior vice president at AMR and chairman of IT at The Sabre Group. “Over the last two years, there hasn’t been a lot of reward.”

Bad idea, says Charles Elson, the Edgar S. Wooland Jr. professor of corporate governance and director of the University of Delaware’s Center for Corporate Governance. Taking cash at the outset sends a “terrible signal” to shareholders, he says, that board members have so little interest in the company that they want payment up front. “The problem with cash compensation is that it links [board members’] interests with the management’s,” he says. Instead, Elson advocates giving board members an equity stake in the company. “Equity-based compensation for directors links their interests with the company and its shareholders, not with management.”

When other conflicts of interest arise, it’s critical to acknowledge and correct them. Last May, while the U.S. Securities and Exchange Commission was launching numerous investigations into companies’ accounting practices and business relationships, it looked into Ernst & Young and its relationship with PeopleSoft, one of its clients. The SEC alleged that Ernst & Young violated auditor independence rules by jointly developing and marketing software with PeopleSoft while it was auditing the books for the Pleasanton, Calif.-based company from 1994 to 2000. According to the SEC, Ernst & Young agreed to pay PeopleSoft royalties ranging from 15 percent to 30 percent for the sale of each jointly developed product. PeopleSoft was allegedly guaranteed a minimum royalty of $300,000.

Although the investigation was directed at Ernst & Young, analysts were split as to whether the allegations would hurt PeopleSoft’s reputation. After all, it takes two to tango. PeopleSoft board member Frank Fanzilli, the former CIO of Credit Suisse First Boston who also sits on the boards of software companies CoreChange and Interwoven, downplays the business partnership the company had with its auditor and distances himself from the issue, as it preceded his tenure on PeopleSoft’s board. “It amounted to something like $250,000,” he says, adding that the value of the relationship is “a drop in the bucket” for a $2 billion company. The correspondence between Ernst & Young and PeopleSoft “was not engineered to create a conflict of interest,” he adds. “It’d be like me buying you a cup of coffee. It was immaterial.”

Governance watchers counter that a business relationship with one’s auditor is inappropriate, regardless of its value. They agree that in a climate where the public is hypersensitive to any business deal that smells illegitimate, writing off a quarter million dollar partnership isn’t the best way to handle the situation. “The transaction itself is probably close to a drop in the bucket in corporate terms, but that’s no excuse for dismissing it out of hand. Not in today’s environment,” says Ralph Ward, publisher of the Boardroom Insider newsletter and editor of The Corporate Board magazine.

Fanzilli points out the difficulty boards face in trying to uncover every questionable deal and business relationship, especially with the sheer volume of such transactions that occur at large companies like PeopleSoft. “We’d rather not do those things that even look, even smack of some conflict of interest, but the fact is, it’s so small, it’s going to be hard to catch them all,” he says. “[Board members] are not going to see every transaction. We put guidelines, controls and procedures in place to give us an orderly flow [of information]. The board does not operate the firm.”

Risky Business

If a board member’s company becomes mired in controversy, that person’s reputation is at stake. Worse yet, board members could face litigation if they’re not perceived as performing adequate oversight. Barry Lynn, the former CIO of Wells Fargo and president of Wells Fargo Technology Services who sits on the boards of three technology companies, best sums up the risks for board members these days when he says, “Ignorance is no excuse for the law.” Doing one’s own due diligence can pay off. Barbara Carlini, CIO of Diageo, a Stamford, Conn.-based company that imports Guinness and other liquors, consulted an attorney to determine the extent of her risks when she was considering an offer from Green Mountain Coffee Roasters to join its board last spring. “If I’m on the board of directors of a company where something goes wrong, that’s going to reflect on me personally and professionally,” she says.

If a company engages in unethical practices?whether the board is aware of them or not?board members’ names could appear on a lawsuit as defendants. If the company goes bankrupt as a result of the board’s lack of oversight or even perceived lack of oversight, members may be liable for paying employees’ salaries, says Hopper.

To mitigate those risks, Fanzilli suggests asking the CEO point-blank about the company’s revenue recognition policies and levels of deferred sales before deciding whether to join its board. He says those answers should err on the conservative side. Fanzilli also advises speaking with other board members and executives. If the company has had problems in the past, don’t be scared off, he adds. “There is plenty of room for ex-CIOs to go into companies that have had a problem and help them get things right.”

Tough Calls

CIOs who brave the risks and accept the responsibility will find themselves making some tough calls. Former Aetna IT head Loewenberg came face-to-face with the same situation that sank Dennis Kozlowski, the embattled former CEO of Tyco. Loewenberg didn’t end up in the same position because he exercised good judgment.

One of the executives for whom Loewenberg serves as a board member (he declined to name the company) asked the board for a company loan to pay off another loan. Loewenberg and his colleagues didn’t want to see this person’s financial problems distract him from effectively running the company, he says, so their first instinct was to give him the money. While this type of transaction takes place “more than you’d think,” Loewenberg says, he and his board decided against it.

“It didn’t make sense [to give the officer the loan],” he says. He and his colleagues recognized this was a personal problem and that shareholders’ money was not the appropriate means with which to solve it.

At another company, Loewenberg and his board members had to make a similar call when an officer wanted a loan to purchase company stock. In that case, the board voted favorably for three reasons, he says. First, the loan was collateralized by the stock, so if the officer didn’t pay off the loan on time and in full, he would lose it. Second, the officer was obligated to repay the loan quickly. Most important, the stock purchase made him an investor and tied his financial interests to company performance.

Right for the Job

Despite the difficulty of serving on a board in 2003, CIOs have the right stuff for the job, say CEOs and governance experts. Grover Thomas, chairman, president and CEO of Trustmark Insurance, whose board includes McDonald’s CIO Weick, says IT executives contribute crucial perspectives to audit committees as they review financial reports. “Good corporate governance includes a strong audit function. Our board has a strong audit committee, on which Dave [Weick] serves,” he says. “We believe an IT executive has a lot of experience in the development of financial systems and is able to help us make certain we have the right controls in place.”

University of Delaware’s Elson agrees CIOs are often uniquely suited for the task. “The knowledge of company operations you get from being a CIO is an excellent starting point for being an effective monitor.” He stresses the importance of individual consideration as prospective board members. “Are they curious? Are they willing to take tough positions? Are they willing to dig deep into a problem they discover?” he says.

While CIOs make good candidates to serve on boards, boards themselves may never be a perfect oversight mechanism. “The board is a weak, little, old, quaint structure that goes back to the 1800s. It’s not the best tool for dealing with [the problems of] the 21st century corporation,” says Boardroom Insider’s Ward. Stricter controls might not be the answer either. “If you have an inadequate machine for doing a job, demanding that the machine do twice as heavy a job is not going to solve the problem.” Until something better comes along though, boards are all we’ve got. The right CIOs can make a difference.