'THE DAILY CORPORATE GOVERNANCE REPORT’ (for public company boards, the C-suite and GCs)

         Please see the items below with the related links (NOTE: access to link content may be metered, require a no-charge registration or require a paid digital subscription) 

              (i) *Globe and Mail's '2024 Board Games' released this morning: The Globe and Mail released this morning its always highly anticipated and widely consulted "Board Games", its annual comprehensive rankings of Canada's boards and the corporate governance practices of Canada's largest publicly traded companies, those that comprise the S&P/TSX Composite Index. Here is the rankings chart, "The Globe and Mail’s comprehensive ranking of Canada’s corporate boards for 2024", based on an examination by Global Governance Advisors of "the boards of directors of 225 companies and trusts in the S&P/TSX Composite Index to assess the quality of their governance practices." The methodology used for the rankings, published in January of this year and with significant revisions from 2023, is here (see item (ii) from Jan.29/24). A downloadable spreadsheet with the complete scores is available for purchase here. 

              (ii) * a look at what security/protection companies currently provide for their CEOs and other top executives (in the aftermath of last week's fatal shooting of the CEO of UnitedHealth Group’s UnitedHealthcare insurance arm): Not surprisingly  in the aftermath of the fatal shooting last week of Brian Thomson, the CEO of UnitedHealth Group’s UnitedHealthcare insurance arm, there has been a slew of articles and commentary in the business press on the security and protection that companies are currently providing their CEOs and other top executives. Excerpts from several of them below (including in (d) below some legal disclosure issues):

                    (a) Below is from this FT article last Thursday, "‘Could this happen to us?’: UnitedHealth shooting prompts corporate security rethink":

                          "Large companies rushed to assess whether top employees have sufficient protection after the slaying of a US insurance executive in New York stoked broad concerns about corporate security. Heads of security for groups on both sides of the Atlantic raced in the wake of Wednesday’s shooting to share intelligence and make inquiries with specialist companies on how to shield top executives, industry participants said......

                          "The attack against a high-profile American executive prompted dozens of security officials at major companies in the US and UK to convene a call on Wednesday as they sought to understand what risks they are exposed to and how to mitigate them, said Dave Komendat, a former security executive at Boeing and founder of consultancy DSKomendat Risk Management Services. “Could this happen to us? What are we not doing today that we could be doing? These were the questions chief security officers are being asked by their boards,” Komendat said. 

                         "Brian Stephens, a former top Bank of America security official who now works at consultancy Teneo, added the shooting was “a very difficult wake-up call . . . a lot of security leaders in these organisations are getting attention on things that they were talking about for a while”. Allied Universal, a large security company, received hundreds of calls from prospective and existing clients after Wednesday’s incident, Glen Kucera, the head of the group’s enhanced protection services, said.....However, personal security is adopted as default by executives in “controversial business”, such as social media, or by those with a major public profile “like Jamie Dimon from JPMorgan Chase”, he (Kucera) said. He added: “An event like this certainly will make companies reconsider what they do to protect their executives.”........."

                    (b) Some data on what companies are spending today on security for their top executives in last Thursday's Fortune CHRO Daily Newsletter, "‘Targeted attack’ on UnitedHealthcare CEO ushers in a grim new era for executive safety fears":

                         "......Companies have increasingly been spending money on security for their top leaders over the past few years. Home security perquisites for CEOs of S&P 500 companies rose from 12.6% in 2020, to 15.7% in 2023, according to a review of CEO perks from ISS-Corporate, an advisory firm. And while only 13.2% of CEOs had home security benefits in 2018, around 17.9% had them in 2024, according to according to data from Esgauge.

                         "Some of America’s most prominent CEOs also cost millions of dollars every year for their companies to protect. Alphabet CEO Sundar Pichai’s personal security costs are around $6.8 million annually. And Meta Platforms spent around $14 million to protect Mark Zuckerberg, according to public documents released last year. While the world’s biggest companies may have no problem shelling for the security of their top person, however, it’s a different scenario for smaller enterprises. 

                          "The median value of security for CEOs in 2023 was around $50,000, according to WTW, an insurance broker and risk management company......There’s also the fact that many companies don’t provide security for executives who are not CEOs......"

                         See also this Fortune companion article last Thursday, "The killing of UnitedHealthcare’s CEO follows years of mounting fear about executive safety'; this Fortune one, "Protecting a billionaire CEO costs millions. Here’s how the world’s biggest companies measure up", which discloses what each of the following companies pays to protect their CEOs: Meta, Alphabet, Nvidia, Apple and Tesla; and these four Fortune articles last Friday: "Security companies are getting slammed with calls after the killing of UnitedHealthcare’s CEO ", "Here’s how the killing of the UnitedHealthcare CEO will change executive security moving forward", "Killing of UnitedHealthcare CEO has security teams at Apple, Meta and others on alert for stalkers who threaten their CEO", and "Retail giant Boohoo’s ex-CEO reportedly quit after being stalked and spied on, underscoring growing fears over executives’ security."

                       (c) Below is from this Barron's article last Thursday, "UnitedHealth Killing Puts Focus on Corporate Security":

                           ".....Most corporations have an extensive global security team and under that, an executive protection program that supports the CEO and other C-suite executives, Joe Russo, special advisor to the president of T&M USA, a New York-based security firm, said in an interview with Barron’s. Executive protection typically includes in-house security and armed drivers. When executives travel, Fortune 500 companies often hire an outside firm such as T&M to provide additional security on-site, said Russo, a former Secret Service officer who served as Special Agent responsible for security arrangements for former President Bill Clinton and former U.S. Sen. Hillary Clinton.

                          "Protocols each company follows can vary significantly. Some large tech companies, including Meta Platforms, Nvidia, Amazon.com and Tesla pay for extra security for people in the C-suite. Meta paid $24.4 million in 2023 for personal security protection for Mark Zuckerberg, while Nvidia provided $2.2 million in residential protection for Jensen Huang in the year through January.....

                          "Executive protection typically includes a program to pick up intelligence on internal threats from disgruntled employees or shareholders, and to scour social media—including the dark web—for threats against the company or specific executives, Mathew Dumpert, head of enterprise security risk management at Kroll, told Barron’s. Threat-intelligence services also analyze open-source news for shifts in the marketplace or in public sentiment that could affect a company’s brand or its executives, Dumpert said. That provides a mechanism for employees to inform security personnel about risks or threats they received in an email or via social media, for instance, he said. “As intelligence is received and assessed, then and only then can security and protection decisions be made with eyes wide open,” he said.

                           "One advantage of having an executive protection team is it makes a potential target such as a CEO appear more difficult to attack, so an adversary may decide “this isn’t the time or place,” Dumpert said. “You’ve disrupted a plan and then you pick up on a breadcrumb,” which could lead to deterring a future situation. Thompson’s killing is likely to spur more companies to take a look at the security measures they have in place. In fact, T&M received several calls in the aftermath of the news, Russo said."

                       (d) Below is from this WSJ article last Thursday, "UnitedHealth Shooting Is a Wake-Up Call on Corporate Security":

                            "The killing of Brian Thompson, CEO of UnitedHealth’s insurance arm, outside of an investor meeting at a Hilton hotel in Midtown Manhattan prompted an immediate re-evaluation of longstanding security practices across corporate America. Dozens of security chiefs from large U.S. companies met on a call Wednesday to discuss security protocols. One security adviser, Global Guardian CEO Dale Buckner, said he fielded calls from companies looking to send armed guards to accompany executives attending conferences in New York and other U.S. cities this week.

                           "Those who advise companies on security issues say threats against executives are rising, fueled by social media, a fraught political environment and broader resentment toward corporate America and big business. “The environment is explosive right now,” said former Boston Police Commissioner Ed Davis, who now consults with large companies on how to mitigate security risks. “The threats are evolving and getting more violent.” "The challenge of executive protection and executive security has become much more complex and much more challenging,” said Brian Stephens, a former chief security officer at Bank of America......

                              "Companies’ level of executive protection runs the spectrum. Some executives have bodyguards with them all day. Others only during the workday. Some none at all......A number of executives employ an advance staffer who walks ahead of the executive, checking a scene for any possible risks or suspicious people. Other executives are chauffeured by armed drivers. Corporate security officials and their advisers typically closely monitor social media for threats against top leaders. But well-publicized public events, such as investor meetings, can pose a particular security challenge, especially if an executive must enter the venue from only a few locations. “It’s fairly easy for a suspect to figure out where you’re going to go,” Davis said. “There’s usually only one or two entrances to a building.”

                                "Just over a quarter of S&P 500 companies provided personal security services beyond working hours and locations as a perk to top executives in 2023, the latest year available, according to data from Equilar. About 13% provide security services to executives other than the CEO.......For security reasons, many boards require CEOs and some top executives to travel on corporate jets for business, and some even for personal trips.....

                               “It’s jolting,” said Dave Komendat, a longtime Boeing security chief who is now a consultant and participated in the call with dozens of security chiefs on Wednesday. 'It’s very clear that many boards and CEOs across the U.S. today are asking their chief security officers for reviews of the current state of their executive-protection programs.'....."

                   (d) Below is from this Corporate Counsel blog post last Thursday, "Fatal Shooting of CEO Sets Off Scramble to Reassess Executive Security":

                        "Fewer than one-quarter of Fortune 500 companies provide personal security services to senior executives, a percentage that legal and security executives predict will spike in the wake of UnitedHealthcare CEO  Brian Thompson’s fatal shooting in front of a Manhattan hotel Wednesday.

                         "The U.S. Securities and Exchange Commission requires companies to disclose any personal security costs for a senior executive exceeding $10,000 in a given year.....Whether to provide personal security to executives is a difficult call for boards, the consultancy Compensia noted in a briefing on the topic. That’s largely because SEC rules categorize personal security as a perk that companies must disclose in the “all other compensation” portion of an annual proxy statement.

                        "That opens up the expenditures to intense scrutiny by Institutional Shareholder Services and other proxy advisory firms that grade companies on governance, dinging those that they believe have gone overboard. “Companies should be aware that Institutional Shareholder Services … has singled out personal security arrangements for criticism,” the Compensia briefing says. “Specifically, on multiple occasions, as part of its qualitative evaluation of an executive compensation program, ISS has questioned the costs of such arrangements, deeming them ‘excessive.'"

                      "Companies widely disagree with the SEC’s characterization of personal security as a perk, but must comply with its rules nonetheless....The Compensia briefing noted the “tensions between a company’s belief that security arrangements have become a necessary and integral component for the performance of an executive's job, the views of the major proxy advisory firms, and the SEC’s position.”

                      "An April analysis from the risk management consultancy WTW found that 24% of the Fortune 500 provide personal security to their CEO, while 16% provide security to other senior executives. In the wake of Thompson's fatal shooting, companies should revisit policies and practices surrounding executive protection, with the general counsel serving as a key player in those discussions, said Rob Chesnut, a former senior vice president of trust and safety at eBay who later was general counsel and chief ethics officer at Airbnb......

                     "Chesnut noted that companies have their own corporate security teams, which they often "keep very low-key,” performing such tasks analyzing potentially threatening emails.....One of the attendees, Dave Komendat, a former chief security officer of Boeing who now runs a risk-management consultancy, told the New York Times that all the security chiefs on the call had fielded requests from their C-suites to make a presentation on the state of their security programs. "Many of my colleagues today are sitting down with their executive protection team leaders, their security leadership teams, and reevaluating what they are doing and not doing,” he said.

                    "Those programs tend to focus on CEOs, because their demise would be the most catastrophic to the enterprise, said Michael Julian, CEO of MPS Security and Protection, whose clients include Fortune 100 companies. That cutoff would have missed Thompson, who runs UnitedHealthcare Group’s largest division—health insurance—but reported to UnitedHealthcare Group CEO Andrew Witty......Chesnut said that if key executives in the wake of Wednesday's shooting are dismissive of security concerns, general counsel need to intervene with, 'Look, I need to have this conversation with you. It's not just your life now. It's the livelihood of the company.'....."

                    (f) Below is from the headnote summary of this HBR post on Friday by Paul Kolbe who "previously led BP’s Global Intelligence team supporting threat warning, risk mitigation, and crisis response", "What Companies Should Be Asking Their Security Teams Right Now":

                         "Summary: ......How does a company strike the right approach in preventing the low likelihood, but very high consequence of an attack on a CEO? One effective assessment tool for execs and chief security officers alike is to examine three simple factors of risk: threat, vulnerability, and consequence. By looking closely at each component, companies can assess the nature, degree, and seriousness of virtually any risk. Most importantly, this assessment can guide the all-important decisions about which resources to employ to reduce it."

                        Below are further excerpts from the post itself:

                        "The shocking killing of United Healthcare CEO Brian Thompson in midtown Manhattan on December 4 has corporate boards and executives asking hard questions of their security teams.....“C-suite executives of every Fortune 1,000 company are valuable assets that need to be protected,” says Dale Buckner, CEO of the security firm Global Guardian. “In an age of increasing political and social division, where so much information is available through the internet and social media platforms, anyone with the potential to commit violence has an alarming level of access to the location of residences and the whereabouts of your personnel when traveling or participating in corporate events. This gives those with the inclination to commit violence a much easier path to follow through.”

                         "Given this, what framework might C-suites and boards use to balance competing interests of need, efficacy, and cost to ensure executive protection? How does a company strike the right approach in preventing the low likelihood, but very high consequence of an attack on a CEO? One common and effective assessment tool used in military, law enforcement, and corporate security circles is to examine three simple factors of risk: threat, vulnerability, and consequence. By looking closely at each component, companies can assess the nature, degree, and seriousness of virtually any risk. Most importantly, this assessment can guide the all-important decisions about which resources to employ to reduce it......."

                    (f) Finally, note also from last Friday the NY Times DealBook Newsletter, "The Growing Cost of Making C.E.O.s Safe" and the NY Times article, "The ‘Chilling’ Fatal Shooting of a C.E.O. Has Business Leaders on Edge", and this CNBC article last Friday, "This was preventable’: Corporate world shudders at new risks after slaying of UnitedHealthcare CEO"

                 (iii) director equity compensation at Intel/precedent of the day (Intel's standard form of directors' indemnification agreement): Intel Corporation announced last Friday in this press release the appointment to its board of two new directors with significant semiconductor manufacturing experience, as follows:

                   "Intel Corporation today announced that Eric Meurice, former president, chief executive officer and chairman of ASML Holding N.V., and Steve Sanghi, chairman and interim chief executive officer of Microchip Technology Inc., have been appointed to Intel’s board of directors, effective immediately. Both will serve as independent directors......"

                    Equity compensation for the two directors is disclosed in the related Current Report filed with the SEC, as follows:

                    "Mr. Meurice and Mr. Sanghi will receive the standard compensation payable to non-employee directors of the Board. Pursuant to these arrangements, they will each be paid the standard annual cash retainer (in addition to any committee fees), which will be pro-rated for the first year of service. In addition, in the first quarter of 2025, they will each be granted an award of non-employee director time-based restricted stock units with a value on the grant date of approximately $104,167, which is pro-rated from the value of the annual award granted to Intel’s non-employee directors in May 2024. The awards will vest on the earlier of May 7, 2025 and the date of Intel’s 2025 Annual Stockholders’ Meeting, the same schedule as the annual award granted to Intel’s other non-employee directors in May 2024, subject to their continued service on the Board.

                  "Mr. Meurice and Mr. Sanghi will also enter into Intel’s standard form of directors’ indemnification agreement with Intel, pursuant to which Intel agrees to indemnify its directors to the fullest extent permitted by applicable law and subject to certain conditions to advance expenses in connection with proceedings as described in the indemnification agreement."

              (iv) press releases of the day:

                     (a) NYSE-listed, information-technology-services and consulting firm Unisys Corporation announced last Friday in this press release the promotion of its chief operating officer to the position of CEO, with the current Chair and CEO to continue as Chair, as follows:

                           "The Unisys Board of Directors announced today that it unanimously elected Mike Thomson, current President and Chief Operating Officer at Unisys, to succeed Peter Altabef as the company's CEO, effective April 1, 2025. Also, effective April 1, Thomson will join the company's Board and will retain his current title as President. Altabef, currently Chair and CEO, will continue as Chair of the Board......

                           "Thomson joined Unisys in 2015 as the Corporate Controller and Principal Accounting Officer, advanced to Chief Financial Officer in 2019, and was named President and COO in 2021, responsible for overseeing the company's commercial organization and its business units, among other functions....."The selection of the CEO and ensuring a smooth and successful transition is one of the Board's most important responsibilities," said Nate Davis, Lead Independent Director of the Board.....Altabef has served as CEO since January 2015, and as Board Chair since April 2018......"

                          As disclosed in the related Current Report filed with the SEC, the new CEO and the company entered into an Employment Offer Letter, and the outgoing CEO and the company entered into a Transition Agreement and General Release, the terms of both of which are summarized in the said Current Report.

                      (b) The Bank of New York Mellon Corporation (which this June announced in this news release that it was "rebranding" itself as "BNY"), announced last Thursday in this press release a Chief Risk Officer transition, as follows:

                           "The Bank of New York Mellon Corporation, a global financial services company, today announced the appointment of Rajashree Datta as Deputy Chief Risk Officer. Ms. Datta will join the company on December 15 and be a member of BNY's Executive Committee. She will succeed Senthil Kumar as BNY's Chief Risk Officer in 2025 following a transition......Ms. Datta joins BNY from Goldman Sachs where she most recently served as a Partner and Global Head of Finance Risk, responsible for overseeing Liquidity, Capital and Accrual Rate Risks......";

                      (c) Nasdaq-listed Etsy, Inc. announced last Thursday in this press release several executive changes, including the appointment of a new CFO from outside the company, a new Chief Marketing Officer, a new Chief Growth Officer, and the departure of the Chief Technology Officer, as follows:

                        "Etsy, Inc., which operates two-sided online marketplaces that connect millions of passionate and creative buyers and sellers around the world, today announced several Executive Team changes.....All changes are effective the first week of January 2025......

                         "Kruti Patel Goyal to become President and Chief Growth Officer: ......

                         "Lanny Baker appointed Chief Financial Officer: Lanny Baker, currently Chief Operating Officer and previously Chief Financial Officer of Eventbrite, a global events marketplace, will join Etsy as Chief Financial Officer. Baker will succeed Rachel Glaser, who announced her decision to retire in July. As previously announced, Glaser will remain with Etsy as an advisor through June 30, 2025 to ensure a smooth transition. Baker will assume all of Glaser's prior responsibilities, including oversight of Strategic Finance, Analytics, Accounting, Internal Audit, Investor Relations, Tax, Treasury, Strategic Sourcing, and Corporate Development.

                           "Brad Minor appointed Chief Marketing Officer; Raina Moskowitz to depart Etsy: .......

                           "Departure of Rachana Kumar, Chief Technology Officer: Chief Technology Officer Rachana Kumar will depart Etsy to pursue new opportunities. Kumar has agreed to remain with Etsy in an advisory capacity over the coming months. Etsy will initiate a search for her successor, with interim leadership provided by two current vice presidents of engineering......"

                             The new CFO and the company entered into an Employment Letter Agreement, as summarized in the related Current Report filed with the SEC.

              ----------------------------------------------------- 

Please contact me if you would like to be on the distribution list and receive every issue of this newsletter directly in your inbox.