October 6, 2020

Director Survey: Room for Improvement with Board Refreshment

PwC issued its annual survey of nearly 700 U.S. directors. The survey covers a lot of ground and identifies several areas of opportunity for boards, including those relating to crisis management and board refreshment. Despite identifying problem areas, the survey’s introduction says the pandemic offers an opportunity for boards to leverage the crisis to create change in terms of board practices, diversity & inclusion efforts and company strategies and priorities. Here’s the key findings:

– Even though directors gave management high marks on Covid-19 response, including supply chain interruptions, only 37% of directors say their board fully understands the company’s crisis management plan – PwC suggests boards leverage their companies’ experiences to date in 2020 to look back and evaluate what worked, what didn’t and what needs to improve so they’re prepared for the next chapter

– 84% of directors agree that companies should be doing more to promote gender and racial diversity in the workplace but only 39% support including D&I goals in company pay plans

– 67% of directors say issues like climate change should be considered when developing company strategy – up from 54% last year – but only 38% say ESG issues have a financial impact on the company

In terms of board refreshment, directors support it but also say boards aren’t doing a good job with it:

– 49% of directors say at least one board member should be replaced

– Only 49% say a board succession plan is shared with the full board

– 10% say their board doesn’t have a succession plan at all

– Directors cited board leadership’s unwillingness to have difficult conversations with underperforming directors and an ineffective process for director assessments most frequently as potential barriers to board refreshment

As more investors signal increased focus on board composition this coming proxy season, check out our “Board & Director Evaluations” Practice Area for checklists and current sample disclosures. Board succession is a frequent blog topic – here’s an entry outlining steps for better board succession and Liz recently blogged on “The Mentor Blog” about emerging trends for board evaluations.

CCPA Data Breach Lawsuits Underway

Many have been warning of a potential coming wave of litigation resulting from California’s Consumer Privacy Act because the CCPA gives data breach victims a right to bring a lawsuit against a company as a result of the breach and the company’s failure to implement “reasonable security measures.” A Mintz blog from earlier this summer also warns companies of potential trouble spots ahead while reporting of a CCPA class action lawsuit brought against an online stationery and craft company for a data breach. The company disclosed the data breach in May and the lawsuit alleges that the company failed to implement “reasonable security measures” to protect certain personal information. The blog says that over 73 million records were apparently stolen in the breach, which included passwords, names and other information. Given the volume of records that were breached, the blog notes potential severe penalties for the company:

The CCPA applies to many companies doing business in California, if they meet certain thresholds. If the company subject to the CCPA fails to implement “reasonable security measures,” and a data breach subsequently results, the victims of the data breach that are California residents can file a class action and seek significant statutory penalties, ranging from $100 to $750 per every single violation. In a breach involving 73.2 million records, these penalties quickly escalate to “bet the company” damages, if a large percentage of the putative class plaintiffs reside in California and can claim CCPA penalties.

The blog says we should anticipate a steady increase in the number of CCPA data breach class actions in the coming year – this Compliance Week article reports of a similar case involving Walmart. For the latest memos to help understand the final CCPA regulations and compliance requirements, check out our “Cybersecurity” Practice Area.

September-October Issue of “The Corporate Counsel”

The September-October issue of “The Corporate Counsel” print newsletter was just posted – and also sent to the printer (try a no-risk trial). The topics include:

– SEC Engages in a Flurry of Rulemaking

– Regulation FD Turns 20: Our Take

– Something to Look Forward to in 2021: Less Non-Issuer Financial Information

– Lynn Jokela