Support our nonpartisan, nonprofit research and insights which help leaders address societal challenges.Donate
17 Apr. 2017 | Comments (0)
By Frederick D. Lipman, Esq
In 2012, I wrote a Director Notes publication for The Conference Board entitled “From Enron to Lehman Brothers: Lessons for Boards from Recent Corporate Governance Failures.” It included a review of independent investigative reports, books and articles on various financial disasters, including Enron, AIG and Lehman Brothers and noted the presence of actual and potential whistleblowers who might have warned the audit committee or other independent directors of the impending calamity. However, the information never reached the independent directors. The article advanced the proposition that in order for boards to fulfill their oversight obligations, the organizations they serve must have established robust whistleblower and compliance policies and programs to encourage reporting that can help identify risk exposures, fraud, or other illegal activity. The corollary of that proposition is that the current practices of audit committees and other independent directors are not sufficient to protect shareholders from unpleasant surprises.
Since 2012, the march of corporate governance failures has continued unabated. Financial disasters have occurred in the automotive, banking, and medical products industries. In the case of General Motors, there was in 2014 yet another publicly released investigative report by Anton Valukas which recited that the GM board of directors and its audit committee had complied with all currently considered good corporate governance practices and, nevertheless, never knew of the impending major enterprise risk resulting from faulty ignition switches on the Chevrolet Cobalt and other vehicles.
Independent directors who rely on employee hotlines or ethics lines for information about enterprise risks should consider the fact that most employees will not risk becoming whistleblowers. According to the 2016 Global Business Ethics Survey, more than 59 percent of employees chose not to report known corporate misconduct, citing fear of retaliation as a reason for their decision. More than one-third of employees who actually reported corporate misconduct said they suffered retaliation for their efforts. It is very easy for a supervisor to provide a poor performance report on an employee whistleblower and it is very difficult for an employee to challenge that report as retaliation.
Few, if any, public companies provide meaningful monetary rewards to employees who provide valuable information to the board of directors. Therefore, most employees will not use a hotline for important enterprise risk information. Many public company shareholders have been unpleasantly surprised by major accounting charges resulting from previously undisclosed enterprise risks.
These charges typically come without warning in prior audited financial statements. Public shareholders have a right to wonder why they have not received warnings of these risks in prior audited financial statements and question the effectiveness of the board of directors in performing its oversight role.
Public company audit and risk committee members who believe that they use current good practices in their deliberations may be equally surprised that they were not informed of these enterprise risks long before they were realized. These directors may believe that the company’s hotline or ethics line, together with the information they receive from top management and the independent auditors, should have warned them of these previously unknown enterprise risks, thereby permitting liability accruals in prior audited financial statements.
Unfortunately, most directors do not appreciate the deficiencies of each of these information sources to provide warnings of forthcoming financial disasters. Independent directors who rely on independent auditors to disclose unasserted claims arising out of enterprise risks should be aware of the very limited duties of independent auditors in investigating such risks. Typically this issue is handled by the independent auditors by having top management of the company represent in writing to the independent auditor that they are not aware of unasserted material contingent liabilities and having the company’s counsel agree to advise management of any such contingent liabilities. However, top management may not themselves be aware of such unasserted enterprise risks because of silos within the organization (as in GM’s case) or because of the reluctance of employees to use hotlines.
Even if management knows of possible contingent liabilities they might incorrectly determine that these liabilities are immaterial. Independent auditors currently are not required to check on the effectiveness of these employee hotlines or the employee culture, including the willingness of employees to use hotlines to report enterprise risk.
The Valukas report on GM provides ample evidence of how corporate governance can fail despite the use by a board of directors of current good corporate governance practices. That report concluded that the GM board of directors was not informed of any problem caused by the Chevrolet Cobalt ignition switch until February 2014 even though there was internal knowledge of these defects for more than 7 years among GM employees. (p. 244) As of 2015, GM was allegedly responsible for 124 deaths and 274 injuries because of faulty ignition switches in their vehicles which prevented the deployment of airbags.
The report indicated that the audit committee of the GM board had general oversight responsible for risk management. According to the report, the audit committee met regularly with the GM CRO (p. 243). With one minor exception, “no specific vehicle safety was brought to the audit committee’s attention.” (p. 244) In 2002, a GM whistleblower named Courtland Kelley allegedly warned GM about other safety problems and he was allegedly pushed out of his job as quality manager by GM for threatening to take his concerns to the National Highway Traffic Safety Administration (NHTSA). According to the report, as early as 2005 Steven Oakley, Kelley’s successor, was “reluctant to push hard on safety issues” concerning the Chevrolet Cobalt because of his perception that Kelley “had been pushed out of his job from doing just that,” and in part because of assurances he received from certain GM engineers. (p. 93)
The report also indicated that in 2010 GM’s outside counsel warned of potential “punitive damages” resulting from a “sensing anomaly” in Chevrolet Cobalt vehicles which prevented deployment of airbags. (pp. 140, 142) According to the Valukas report, in 2007 a Wisconsin State Trooper published an accident reconstruction report on a Chevrolet Colbalt fatality in which the airbags did not deploy. The trooper pointed out:
- That the ignition switch appeared to be in the accessory position;
- That GM had issued a bulletin to dealers warning that low torque could lead to inadvertent turning of the ignition switch, which bulletin he found on the NHTSA website; and
- That airbags would not deploy when the ignition switch was turned to the Accessory position.
According to the Valukas report, no GM employee ever brought this report to the attention of the GM board due in part to silos within the organization and the company’s culture, which did not encourage whistleblowers.
During the first calendar quarter of 2014, GM informed NHTSA of the vehicle defects and recorded charges of approximately $1.3 billion (exclusive of legal costs) to its operating income to reflect an operating loss of $535 million for the first quarter of 2014. The stock price fell 17 percent during the first quarter of 2014.
Audited financial statements issued during 2013 and prior periods were not adjusted even though these contingent liabilities were arguably known for many years and should have reflected an accrual for these known contingent liabilities in prior financial statements.
Most directors of public companies focus on the tone at the top of the organization. However, these same directors do not necessarily know whether that “tone” reaches throughout the organization and may fail to assess the culture of the organization. Independent directors cannot adequately perform their oversight role without receiving enterprise risk information from lower-level employees. This requires the independent directors to fully understand the culture of the organization and the impediments to a free flow of information to them.
Lower level employees will typically not be willing to risk retaliation for supplying that information to the board unless there is some meaningful monetary company reward, and possibly recognition, for assuming the retaliation risk. Until public companies create incentives to bring legitimate employee whistleblower complaints directly to the attention of the independent directors, corporate governance will continue to fail and public shareholders will continue to wonder whether independent directors are performing adequate management oversight.
The views presented on the Governance Center Blog are not the official views of The Conference Board or the Governance Center and are not necessarily endorsed by all members, sponsors, advisors, contributors, staff members, or others associated with The Conference Board or the Governance Center.