Month: September 2020

12. David R. Koenig: understanding and utilizing risk well is critical to optimizing the success of any business

David R. Koenig has been fascinated by and focused on understanding risk virtually his entire life and is recognized as a global leader on the governance of risk.  He has held executive and board positions, published across multiple media (including 2 books: Governance Reimagined and The Board Members Guide to Risk), founded the DCRO (The Director’s and Chief Risk Officers Group),  co-founded PRMIA (the Professional Risk Managers’ International Association) and advised many companies in a wide variety of industries and sectors, over many years.  If you listen to this episode, you will understand that managing risk, in a comprehensive, forward-looking manner is an essential best practice in running any business.

Thanks for listening!

We love our listeners! Drop us a line or give us guest suggestions here.

Links

http://www.linkedin.com/in/davidrkoenig

https://dcro.org/

https://davidrkoenig.com/the-board-members-guide

Quotes

My father introduced me to the stock market when I think I was 10 or 12 and I was just fascinated by what made stock prices go up and down.  It’s, you know, it’s kind of a sad story, but that was part of what I was raised to understand.

“Any company not doing the type of risk analysis you’ve described is not really looking at its strategic plan in a holistic way. They’re missing an important piece in trying to project what it can really accomplish.”

The reason you put a Risk Committee in place is to understand the impact of let’s say cultural changes.  Once you start piecing those all together and say, “where does this come back and impact us?” it becomes much more clear that it’s akin to understanding your clients better, to understanding market share better, to understanding your competitors better.  You have now a much clearer picture about the things that affect the bottom line of your success and what you might do about them. That’s the forward-looking aspect of risk management and again, culture is but one example.

The really good Chief Risk Officers are the ones who think like businesspeople. They’re not control people. They are people who have the same mindset of an entrepreneur, the same mindset of the head of a business unit.  In fact, the best thing that risk managers can be doing within the business units is advising those businesses on how to take risks well.  Since they think like a businessperson, questions a board might ask are “What opportunities to take risks better do you see?” “Are we competitive in terms of what it’s costing us to get the capital to pursue our objectives? “What aren’t we looking at closely enough?”

Big Ideas/Thoughts

I started by helping organizations to understand the risks that they could or couldn’t control and ways to change that more to their liking.  I worked with airlines, endowments, portfolio managers, banks, all sorts of different entities to help them change their risk profile,

You want to understand as much of it as you can.  You’re never going to understand every part of it. 

Let’s, for example, look at factories that pollute.  In the 1970s, I grew up not far from Gary, Indiana.  We would get some of the steel mill air that would come to our town.  Lake Michigan was polluted, there are places up there that you couldn’t believe people were swimming or eating fish from.  But those companies weren’t being charged for that pollution.  Then the Environmental Protection Agency came along, rules about clean water, clean air came along and now the Southern shore of Lake Michigan in most places is pristine and beautiful.  Those firms a lot of them aren’t there anymore, or if they are they’ve significantly revamped what they were doing, and the problem was that they were not accurately paying for the cost of doing what they did. One of the things that risk management does is give you inputs that you’re generally not seeing now  – which is: what is the cost of pursuing our objectives or in some cases, the cost of not pursuing something else.

I’ve been in this risk management profession for 35 years or so and most companies still don’t have formal risk management departments.

I think the question really is for a board to have a conversation about how well they understand the complexities of all the systems they depend upon for success.  If they feel like they’ve got a handle on that, they can have a really deep discussion, and if they really feel comfortable that they get those complexities and how they interrelate, you may not need a risk committee.  But I find it challenging to think an organization of $100MM in revenue, or maybe even half that size, can’t generate enough positive return through a better understanding of risk to justify some investment in risk infrastructure.

I’ll just talk about a company I talk about in the book what in essence was the equivalent of a Risk Committee at an executive level that was looking at the kinds of things that would threaten their ability to serve their customers.  There’s a good story in Texas Monthly talking to CEO, their senior executives around sustainability and supply chains. They started looking at the possibility of pandemics back, I think, 15 years ago and so they knew what to do.  They had a plan laid out.

Another example, and this is not a formal Risk Committee at the company at that time, but it would be the equivalent of such, saying, “how are we going to make sure we can stay in business?” If something interrupts our normal facilities for operation?

When I worked there in Des Moines, Iowa, which is where the company is based, it was the largest city at the time in the country to lose its entire water supply because of the confluence of two rivers flooding that overwhelmed the 30 foot high banks of their water treatment plant. Suddenly everything in downtown Des Moines was flooded and unusable because there was no fresh water.  The next day I was told to meet at a specific point.  I went to that point.  I was handed a folder.  The folder told me exactly everything I was going to be doing for the next 12 hours and over the next week. We were up and running, managing a multibillion-dollar risk portfolio in about a day and a half.  If they hadn’t been thinking forward within what was the equivalent of their Risk Committee, that would have been never happened and I can’t tell you how many millions we might’ve lost, because we weren’t able to do anything about our exposure

The case for a Chief Risk officer.  Once it gets up to the board, you don’t necessarily want to have business unit specific discussions about whether you’re taking the right risks.  It’s really a question of how is the CEO looking at this and how is the CEO incorporating all these different moving parts?  I would say the Chief Risk Officer is somebody who has that task of taking all these disparate technical skills and technical roles and bringing them into a common risk framework.

Cyber risk has become a massive concern and it’s been there for a while, but the DCRO did a survey recently and there’s a multiple fold increase in the amount of phishing attacks that companies are seeing because they have employees working home.  I’ve seen people who are really smart fall for these because they’re getting really good. 

To the extent that our corporations are more effective risk takers, they’re better employers, they’re better at returning into their community, they’re better at serving their customers, they’re better at serving their suppliers.  All their relationships become better.

If you have a board nominating people to join the board, to replace people who are leaving, they’re almost always going to be more naturally drawn to people who are like them. We see that in our social sorting in all parts of our own lives.  It’s much easier for us to be around people like us, who agree with us in times of threat when an organization’s facing a competitive challenge or crisis, like we’ve got with COVID.  But lack of diversity in board composition creates risk. 

Transcript

Joe: [00:00:00]  Hello and welcome to On Boards: a Deep Look at Driving Business Success.

Hi, I’m Joe Ayoub and I’m here with my co-host Raza Shaikh.

On Boards is about boards of directors and advisors and all aspects of board governance. Twice a month this is the place to learn about one of the most critically important aspects of any company or organization – its board of directors or advisors.

Raza: [00:00:31] Joe and I speak with a wide range of guests and talk about what makes great boards great and makes a board unsuccessful, what it takes to be a valuable member and how to make your board one of the most valuable assets for your company.

Joe: [00:00:47] Our guest today is David Koenig. He spent the first half of his career building firm-wide and portfolio specific risk management programs for multiple companies. His work over the [00:01:00] past 20 years has focused on establishing and implementing global best practices for risk governance at the board level and the general practices of risk management.

He is the author of Governance Re-imagined: Organizational Design, Risk and Value Creation, first published in 2012, as well as The Board Member’s Guide to Risk, published just a couple of months ago in May of 2020.

Raza: [00:01:29] David is the founder of the Directors and Chief Risk Officers Group, the DCRO, which is a global collaborative of C-suite executives and board members focused on risk governance and he is one of the founders of the Professional Risk Managers International Association.

Joe: [00:01:47] Welcome David. It’s great to have you as a guest on On Boards.

David: [00:01:51] Thank you. I appreciate being here. I’ve enjoyed the episodes that you guys have had in the past and hope that we can deliver something as good today.

Joe: [00:01:57] Well, thanks so much. I’m sure this is going to be an [00:02:00] interesting conversation. I know it’s interesting to Raza and to me.

You know, you’ve spent much of your career studying, analyzing and quantifying risk in business. More recently in the context of risk management for boards. But tell us a little bit about the first half of your career creating risk management programs for companies.

What led you to become focused on risk in the business setting?

David: [00:02:24] Well, I did my undergraduate studies in economics, mathematics and statistics, and then got my graduate degree in economics and this was in the mid 1980s   There was a profound interest in markets at that time. The market idea in economics, the dominance of the market, was very prevalent and, in fact, as I mentioned in my first book, my father had introduced me to the stock market when I think I was 10 or 12 and I was just fascinated by what made stock prices go up and down. It’s, you know, it’s kind of a sad story, but that was part of what I was raised to understand.

So coming out in that environment, I felt very fortunate to [00:03:00] get a job with First National Bank of Chicago. It doesn’t exist anymore. It’s part of the JP Morgan Chase conglomerate, but the work we did there, was about helping organizations to understand the risks that they couldn’t control or could control and ways to change that more to their liking.

So I worked with airlines, endowments, portfolio managers, banks, all sorts of different entities to help them change their risk profile, to something more to their liking and it was fascinating work. we were really on the cutting edge. This was when Chicago was the hotspot for markets and I would argue in some cases, risk management.

So that’s where it got started and then, as you had mentioned, I moved into doing this work for specific companies and I’m happy to talk more about that too.

Joe: [00:03:48] So, yeah, if you would, that would be great. What work did you do for the companies, for which you created these risk management tools, what was it that you did and what was the goal that they were trying to achieve?

[00:04:00] David: [00:04:00] It was all very new. I mean, you can look the actuaries and they’ve

been doing risk management for a long time, but what I would argue is that modern risk management really came into being in the 1980s, early to mid.  I was fortunate that that was the time that I was starting my career. A lot of organizations, particularly financial institutions and energy companies understood the risks that they faced or understood that they face substantial risks. There was more of an openness to how you might control those things. I went to a company called Principal Financial Group. That was the first one that I did, you know, very active risk management program. It was in their mortgage subsidiary. Mortgages are such an interesting financial instrument. I think most people don’t appreciate the complexity of a mortgage, but this company was originating mortgages, had servicing rights, and they had really complex risks, but they didn’t know that they were taking risks that I think they didn’t quite understand, but there were some smart people there, in fact, the CEO is an actuary. A lot of the people running the [00:05:00] organization were actuaries. I think they understood that there was something more to it.

 I came into that environment and helped them look at risks first on a portfolio basis. So the origination portfolio, servicing portfolio, and then next in what we’ll call a firm wide risk management approach which was what we used as a term back then.

This was probably around 1993. And I’m pretty sure that was the first for my risk management program in the mortgage banking business. The whole idea was to understand the moving parts of a business. What is it that drives your success? What is it internally that you do that might offset some of the changes in those drivers of your success?

What is it you don’t like about that? What is it you can change about that? What can you do internally in terms of your production mechanisms, your communication, to enhance the good stuff and what can you trade off to other people? That really fit well with what I been doing it for Chicago and in some of my other work prior to that.

That was actually one of my favorite jobs and we were really successful. The company grew in market share tremendously in part [00:06:00] because we had this really strong risk function. I think of that one as a big success. I’ll point to another one that I thought was pretty interesting too, which was right before I made this transition, that you talked about the introduction, at Piper Jaffray, which was owned by US Bank Corp.

At the time I worked for them, Piper had not been owned by US Bank Corp, except for the fact that they had a massive loss following the 1994 bond market debacle. 1994 happened to be a year that at Principal Financial Group, we did really well because we understood our risk, but Piper had some exposures to mortgage securities that they didn’t understand and it almost put them out of business.

They were over a hundred years old. The bank took them over, they knew they didn’t want these things to happen. When I went into interview with them, I remember sitting down with the CEO and the chair of the board, and then saying, first thing we want you to do is tell us if there’s anything more like this out there.

 I spent a few months looking at that, but the goal ultimately was to take risk management, which was [00:07:00] new there and frankly it  was viewed by a lot of people with skepticism, turn it into a valuable tool. Over the years that I was there, yeah, I think I was there three to five years, somewhere in that range, we took it from a place where people were very skeptical about it to where understanding risk became part of the business process, the business planning process, whether it was charging for capital or putting it in planning documents, looking at every deal we were doing with this risk lens on it.

And it wasn’t a risk lens saying what can go wrong? It was a risk lens of saying how does this fit in our portfolio? Do we understand the exposures? And are we making anything on this? Given the amount of capital we have to commit to it. I thought also that was a very successful implementation of where risks can be done well.

Joe: [00:07:49] The way you’ve described it, my reaction is that any company not doing the type of risk analysis you’ve described is [00:08:00] not really looking at its strategic plan in a holistic way. They’re missing an important piece in trying to project what it can really accomplish.

David: [00:08:12] I would agree. I’m happy to go deeper into that, but it’s like any aspect of your business, you want to understand as much of it as you can. You’re never going to understand every part of it. 

Let’s say, for example, look at, factories that pollute. In the 1970s, I grew up, not far from Gary Indiana. We would get some of the steel mill air that would come to our town, Lake Michigan was polluted, there are places up there that you couldn’t believe people were swimming or eating fish from.  But those companies weren’t being charged for that pollution. Then the Environmental Protection Agency came along, rules about clean water, clean air came along and now the Southern shore of Lake Michigan in most places is pristine and beautiful.

Those firms a lot of them aren’t there anymore, or if they are they’ve significantly revamped [00:09:00] what they were doing and the problem was that they were not accurately paying for the cost of doing what they do. One of the things that risk management does is give you one of those inputs that you’re generally not seeing now which is what is the cost of pursuing our objectives or in some cases, even the cost of not pursuing something else.

I think the transparency that comes with an enhanced risk program does exactly what you had just said, in terms of fulfilling your ability, especially at the board level, to govern, the risk taking that the organization necessarily does.

Raza: [00:09:32] David, over the past 20 years, you shifted your focus to establishing and implementing global best practices for risk governance at the board level and general practices of risk management. What led you to shift that focus?

David: [00:09:48] I think a lot of it’s always been there, in part of just describing the work that I was doing in the first half of the career, we really were looking at big organizational issues. Sometimes they were small parts of it, [00:10:00] but it was, but it was really how the things come together. When I was at Piper, I had run, chapters in Chicago, in Minneapolis for Professional Association of Risk Managers and that association had some governance issues that collectively several of us who ran chapters around the world tried to fix. We weren’t comfortable with how that had all been fixed.

I had this sort of detour in my career where we started another professional association with a commitment to helping an education high standards of governance. In fact, the model of governance that I talk about in my first book is really what we implemented at this organization with the idea being that if we share with each other still in the infancy,  this is around 2001 or so let’s say 15 years into modern risk management, if we shared with each other, what was working in Poland and Russia and China in Australia, wherever we were, we could make the profession better and we could start moving towards this place where more organizations [00:11:00] were incorporating risks.

That was the first go at that and I spent about seven years now, I guess it was about six years working on that and as I said, it was a career detour, but one that I truly loved when I handed that over to the people who I’d hired, over the years, I looked back at that organization and I saw we were really focused on how the technicians and how the practitioners of risk management can do their job better and then we were looking at how to bring that up to the C suite through a Chief Risk Officer or other means but in my work and my interest in the big picture of an organization the leap or the gap between the C-suite and the board hadn’t yet been addressed.

There were two things in that one leaving the organization I no longer was traveling the world, you know, meeting people in these roles every day I had to think to myself, how am I going to stay in touch with people? and so I started to create, this group, this DCRO that you had mentioned.

The other thing was, how do we then take this to that next level, the C-suite to the board. I’ve looked in [00:12:00] all of these places to say, where is there a need? Where can I be helpful? I’m reasonably good at getting people to collaborate on things. I try to bring people together to share their best practices.

And that’s what we did within Premia and now with the DCRO. honestly, it’s quite fun for me to do this. It’s fun for me to have these connections with people all over the world, in they’re really smart, good people. it’s a pleasure to try and contribute in a positive way to doing this.

Raza: [00:12:27] Well said David.

You recommend that boards create a separate Risk Committee and a number of companies have adopted that practice, but most have not. Why do you recommend a separate Risk Committee? Why can’t the Audit Committee, which is often tasked with this function, handle it? And isn’t it, the case that this depends on really the type of business and the level of risks a company faces? A grocery chain might be very different from high tech company?

David: [00:12:58] I’ve been in this risk management  [00:13:00] profession for 35 years or so and most companies still don’t have formal risk management departments. I’d say I’m patient, but the impact of risk management is significantly greater than it was when I started at this. You can find where there was risk management programs, 30 years ago, they are incredibly more important now. Companies that would have never thought of it before have them now and they’re really helpful. I think this progression is going to take place at the board level too. I joke with some of my colleagues that I’m not sure it’s going to take place to the degree that I’m satisfied during my career, but I have confidence because this is something that has value. If you can demonstrate value to someone and doing something, eventually it’s going to come around because if their competitors start doing it, which again what happened when we were at principal in that mortgage company we grabbed so much market share because we were doing this the right way, you’re going to see that in others, others are going to follow.

 You had asked about the difference between risk committees and audit committees. The way in which I’ve [00:14:00] described this to people is that it can be done together but an audit committee’s primary task is to be backward looking and validating. A risk committee as a stand alone, it has the primary task of being forward looking and anticipatory. You could take an Audit and Risk Committee agenda and cognitively somewhere in that conversation they have to make 180 degree shift in their thinking and I think that’s difficult for anybody to do. I think there are certain people who have a mindset that I describe as stochastic and stochastic mindsets don’t look forward and see one path, they don’t look forward and see three or four paths, like a best case, worst case, average case. They see thousands of possibilities and they actually see the steps that happen to get to those, some of the threats to those and some of the things you can do to enhance your success. Those are the kinds of people who serve really well on Risk Committees [00:15:00] and the value of risk committee, you’d mentioned grocery stores and I think high tech companies, there may be people who when they heard you ask that question, so well a grocery store that’s easy, that’s low risk and high tech company you know that’s stuff that maybe is significantly more risky, but grocery stores are like a lot of other businesses and that they operate on incredibly tight margins, they’re commoditized to some extent, they have a lot of competitors, they have high infrastructure, they have perishable inventory and they have a dependency on supply chains and on people being willing to enter their facilities. Now there’s more delivery going on now that in response to COVID, but every organization has complex risks and the complexity of those risks grows based on the number of relationships that you have. If you have third parties doing work for you the complexity of that relationship grows substantially. If you do work outside of one country, the complexity grows [00:16:00] substantially if you’re regulated.  I think every organization, I know some people like to throw out a number and say, if your organizations is this big, you should have a risk committee.

 I think the question really is for a board to have a conversation about how well they understand  the complexities of all the systems they depend upon for success. If they feel like they’ve got a handle on that  and I don’t mean feel like, yeah, I get risk, but they have a really deep discussion, maybe even guided by somebody else on the outside, if they really feel comfortable that they get those complexities and how they interrelate, you may not need a risk committee, but  I find it challenging, even if I throw out a number and say a hundred million in revenue, I find it challenging to think, an organization that size, or maybe even half that size can’t generate enough positive return through a better understanding of risk to justify some investment in risk infrastructure. Probably a longer answer than you wanted, but you know, there’s a reason why I advocate for this so strongly.

Joe: [00:16:58] You said something about [00:17:00] forward-looking and anticipatory is one of the things that distinguishes what a Risk Committee might do versus an Audit Committee, that I understand and that does resonate. Give me an example of something in an actual company where a risk committee looked forward and was anticipating something that made a difference to bring it to, you know, an actual example so that people can really kind of maybe understand a little bit better.

David: [00:17:30] I’ll do is I’ll just talk about a company I talk about in the book and HEB had what in essence was the equivalent of a Risk Committee at an executive level that was looking at the kinds of things that threaten their ability to serve their customers. There’s a good story in Texas Monthly talking to CEO, their senior executives around sustainability and supply chains. They started looking at the possibility of pandemics back, I think, 15 years ago [00:18:00] and so they knew what to do. They had a plan laid out. I’ll go back to Principal Financial Group, and an as example again, and this is not, it, it wouldn’t be a formal Risk Committee at the company at that time, but it would be the equivalent of such, saying, how are we going to make sure we can stay in business? If something interrupts our normal facilities for operation? When I worked there, Des Moines, Iowa, which is where the company is based was the largest city at the time in the country to lose its entire water supply because of the confluence of two rivers flooding that overwhelmed the 30 foot high banks of their water treatment plant. All of a sudden everything in downtown Des Moines was flooded and unusable because there was no fresh water.

The next day I was told to meet at a specific point. I went to that point. I was handed a folder. The folder told me exactly everything I was going to be doing for the next 12 hours and over the next week. [00:19:00] We were up and running, managing a multibillion dollar risk portfolio in about a day and a half. If we hadn’t been thinking forward, if they hadn’t been thinking forward and what was the equivalent of their Risk Committee that would have been ever happened and I can’t tell you how many millions we might’ve lost, because we weren’t able to do anything about our exposures. Those kinds of conversations of the same things that our Risk Committee is having on a much bigger picture about the drivers of an organization.

Some of these drivers are cultural, so I’ll have conversations with individual board members, which I tend to work with individuals as opposed to boards as a whole, but those could be about cultural changes and some of those cultural changes come about because you put a Risk Committee in place.

The reason you put a Risk Committee in place as to understand the impact of those cultural changes. Once you start piecing those all together to say, where does this come back and impact us? It becomes much more clear it’s akin to understanding your clients better, [00:20:00] to understanding market share better, to understanding your competitors better.

You have now a much clearer picture on the things that affect the bottom line of your success and what you might do about them. That’s the forward-looking aspect and again, culture is one example that I think is generic enough that I can mention but we live in a time over the last three years, I would say where cultural issues have exploded for all boards. It’s not just gender, it’s not just race, the cultural issues are changing rapidly with the generations that follow, the ones we’re in and if you don’t identify that as a risk, if you don’t have somebody looking forward and saying, do you understand where this is going, you’re missing out on something substantial.

So I don’t know if those are specific enough for you, Joe, but, but I think the, the idea generally is understand what drives your success, go to the first principles of those and make sure [00:21:00] you understand them and that’s what a Risk Committee tends to be really good at. These are things the whole board should be doing, but the risk committee can refine that to what the board can most effectively spend its time focused on.

Joe: [00:21:10] Yeah, no, that is helpful.

 When I’ve raised this possibility of a Risk Committee, one thing I’ve heard is There’s a danger that the Risk Committee will veer into management role. How do you make sure that the Risk Committee doesn’t do that because obviously that’s an important aspect of all governance. We don’t want the board to be doing management work and vice versa. How do you look at this in a way so that the Risk Committee does not veer into doing management’s work?

David: [00:21:40] I think it’s no different than the board. In the environment we’re in right now where boards and organizations are under threat, there’s substantial pressure towards forming what are called tight cultures. Michelle Gelfand has written a book on tight and loose cultures. Tight cultures are ones that try to set rules and limits and you get tight and tighter [00:22:00] cultures when there’s a threat.

If you’re somebody who is moving towards more tightness at the board level, you want more control. Most of your people on the board are successful people who’ve run businesses. That means they want to or they’re going to be driven towards trying to interfere more with the management of the organization.

 Just because you’re looking at risk , I don’t think it’s any different and your board colleagues are going to do a good job of telling you, Hey, we’re crossing the line into management. I haven’t been on a board yet where somebody didn’t start to ask a management question and somebody else in the room, didn’t say, “Hey, that’s management, not us,” but not always right when they say that, but I think there’s that personal check on each other.

If you’ve got somebody on a Risk Committee who’s had some experience in a risk role and I don’t think that that’s necessary, but if you do, we all understand what that’s like too.  We don’t want somebody coming in and telling us how to manage risks. I’ve had that experience. It’s I don’t enjoy it. Nobody’s in the trench, like a Head of Risk or somebody who’s doing the risk management.  It’s still like [00:23:00] any other board position it’s incumbent upon other board members to make sure you’re not crossing that line. You know how important that is because it’s a breach of trust and there’s a huge, there’s a huge trust element to the board empowering the CEO, to achieve and pursue the goals that the board has set within the boundaries. As soon as you cross that they don’t have accountability anymore. You have to be adamant about maintaining the trust of that handoff or you can no longer hold them, hold them accountable.

The same is true of risk.

Joe: [00:23:31] Yup. That makes sense. Let me ask you just a little bit about the Chief Risk Officer. Traditionally, as I understand it, the Chief Security Officer CSO has been responsible for physical security and safety of employees, assets, facilities, et cetera. While the Chief Information Security Officer has been responsible for protection of data may have, you know, an IT systems or an engineering background.

Why should a company move to a Chief Risk Officer rather than a [00:24:00] CIO or a CISO, you know, what’s the case for that?

David: [00:24:03] And I don’t think it’s a rather. Everybody has specializations. The Chief Risk Officer, one of the things that they’re able to do is to aggregate and bring it all into a common framework. A CISO is going to be concerned or a CIO are going to be concerned more than just about the impact of risk taking on the bottom line of the company. I mean, there’s some very technical issues that they’re involved in the head of risk management say in, an investment portfolio, they have a different set of technical things that they’re working on, but their work, their reporting, their analysis looking forward needs to roll up in some sort of a framework where the organization can look at itself at a big picture.

Once it gets up to the board, you don’t necessarily want to have business unit specific discussions about whether you’re taking the right risks. It’s really a question of how is the CEO looking at this and how is the CEO incorporating all these different moving parts? I would say the Chief Risk Officer is [00:25:00] somebody who has that task of taking all these disparate technical skills and technical roles and bringing them into a common risk framework.

Raza: [00:25:09] So David then, from the board’s perspective or the risk committee’s perspective, what do board members want to hear from  CROs CSOs CISOs what is the kind of information that should be coming up to that function?

David: [00:25:24] Well, the really good Chief Risk Officers are the ones who think like business people. Okay. They’re not control people. There are people who have the same mindset of an entrepreneur, the same mindset of the head of a business unit. In fact, the best thing that risk managers can be doing within the business units is advising those businesses and how to take risks well.

The questions that come back to the board,  Risk Committee or board as a whole are really ones about the whole picture. Let’s take the Chief Risk Officer, put them in a Risk Committee meeting and I think some questions that that Risk Committee might ask of that person on a regular [00:26:00] basis, a couple of examples are: what’s changed in our risk taking since you last talk to us. It’s pretty open question, but that person, if they’re a good Chief Risk Officer, they’re already going to have been thinking about that. They already have things that concern them or things that are interesting to them that they’re going to want to share with you. Since they think like a business person, one of the other questions you might ask is “what opportunities to take risks better do you see? “Are we competitive in terms of what it’s costing us to get the capital to pursue our objectives? That’s a really critical one. “What aren’t we looking at closely enough?” Again, getting to this idea, something more that, that maybe at the board, it hasn’t popped up yet.

I think another really important one, because sometimes there’s a conflict in risk management with the business units is “what can we be doing to support you?” So does the Chief Risk Officer feel like they’re being supported within the organization and by the board or do they need something more?  And then one, I think that’s [00:27:00] really critical is, “is there a free flow of information in the organization? ”

Raza: [00:27:04] If you extend this, then, some people would argue that at the end of the day, isn’t it the case that the CEO of the company is really the Chief Risk Officer?

How does a Chief Risk Officer in a company that doesn’t have any real impact on them if the risks that they’re tasked to manage blow up, is the risk management job, even real without any skin in the game?

David: [00:27:28] An answer to your first question it’s yes, especially from a board perspective, the Chief Executive Officer is the ultimate Risk Officer for the organization

There are some countries in some jurisdictions where Chief Risk Officers are hired by the board where Chief Financial Officers are hired by the board. And I think what we wind up doing at that point then is again, diffusing, accountability. The board has the responsibility to validate what’s being represented to them. That’s different than hiring the Chief Risk Officer.  If I want to ask a question of the [00:28:00] Chief Risk Officer to validate what’s being represented to me by the CEO, that’s not just fine, that’s part of your fiduciary role.

This question about skin in the game: there was a time when risk managers were seen as owning the downside. Well, if risk managers own the downside, then that means the business unit owns the upside. Again, accountability goes away. Because why didn’t my risk manager take care of that?

A few minutes earlier, I was talking about this idea of the risk managers, having this role, where they’re advising, they’re advising on risks that maybe the business unit doesn’t understand well, they’re advising on how they might be able to get the capital to pursue this risk better, they’re advising on possibilities of doing the same thing in a different way. Ultimately, it’s still the head of the business unit or roll it all the way up, it’s the CEO who has to decide what the portfolio of activities is going to be that makes the best use of that capital. Then the risk manager has skin in [00:29:00] the game because the risk manager is compensated when there’s success and they also pay the price when there’s failure. You want them to have an interest in the upside. If a risk manager thinks their career is based on not having loss, guess what they’ll pursue.

There was a time in the 1990s, I don’t know if you guys remember Proctor and Gamble and Gibson Greetings, and a few other places that had massive derivative losses. Well, I had a role during that time as a very short period of time, they had this role where the risk manager was supposed to be the cop. Find everybody who’s doing stuff that’s out of policy and make sure they don’t do it. That’s a horrible relationship. I mean, those relationships just don’t last and they’re not very fun.

 I really advocate for this idea that business lines and businesses own the risk and the risk capital is something that the organization owns. You compete for risk capital. You compete for the capacity to take the risk and pursuit of what you want to do as a business unit. And sometimes times your ideas don’t pass muster and part of the reason they don’t pass muster, just because [00:30:00] you have a good risk management person telling you the cost of taking those risks. Sometimes the risk manager says, Nope, you’re not taking enough, go for it. This is a great risk to take, especially given what we do in other parts of our business.  I think that gives them skin in the game and I think it’s a really good question Raza. You want everybody, everybody who has some business mindset to them, to have skin in the game.

Joe: [00:30:22] What should board members look for in management with respect to risk reporting? What should they see? What are helpful tools? What’s the dialogue like? Can you talk a little bit about that?

David: [00:30:36] Yeah. So again, it’s like that question before. It depends on what the organization’s structure is and the kinds of risks that they face and that’s going to shift throughout time.

You know, cyber risk has become a massive concern and it’s been there for a while, but, one of the things that the DCRO,  we did a survey recently and I want to say, I’ll get the number wrong [00:31:00] here, but let’s just say there’s a multiple fold increase in the amount of phishing attacks that companies are seeing because they have employees working home. I’ve seen people who are really smart fall for these because they’re getting good.  If you’re on your iPad and you click on a link, and you can’t mouse over that link to see what the link takes you to, you’ve just fallen over for that phish. Cyber risk is something  that organizations have to have pushed farther forward now.

Reporting on the human story, what are we doing in terms of understanding our customers different needs in the pandemic and what those needs might be two to three years from now? What is it that we’re seeing financially? Are there changes in the financial flows that we’ve heard based on some outside event or some internal event that gets into more of the data. You’ve heard people talk about heat maps and ways for people to summarize things they should be concerned about by making them red, green, [00:32:00] and yellow. I find those to be shortcuts that take away the value of a discussion of why somebody thinks you should be looking at an issue positive or negative.

I’m not a big fan of these heat maps. Ultimately what we’re trying to get to is this transition from risk is downside or I get risk because I’ve been successful in my business to saying risk is something that costs us money. It’s much harder to see it because it doesn’t necessarily appear on an income statement, but it does cost because either in reputation or financial cost or borrowing, whatever it might be, you need all sorts of forms of capital to pursue whatever your goals are. Ultimately what we’re trying to get at is to say through the reporting back to the board, how do we know that we’re making the most effective use of this really scarce thing we call capital [00:33:00] and human capital, technical capital, IP, financial capital, whatever it might be. How do we know that we’re getting the most use out of that and without crossing that line, that you talked about management, the answers that you’ll get will tell you whether you should have faith in what’s being told to you because the CEO should know this is being allocated and how they’re making those decisions.

 They ought to be able to spell it out, in ways that are clear for the board. I think it’s a dynamic process, just like every board discussion I’m sure you’ve been part of  Joe. The things that are there change each meeting based on the environment that you’re faced with, but I like discussion, I like the qualitative analysis maybe more so than the quantitative analysis.

Raza: [00:33:40] David, we talked about it earlier, you’re the founder of DCRO, can you tell us what led you to create that group?

David: [00:33:47] When I left PRMIA before was to look at that next gap between the Chief Risk Officer and the board and the C-suite and the board.  DCRO stands for Directors and Chief Risk Officers group. [00:34:00] It’s a collaborative, it’s a non-revenue entity. You could call it my hobby but it’s something I really enjoy and we have members now about 120 countries. It’s a couple thousand, maybe 2,500 members, and we collaborate by sharing our best practices.

I have a podcast, similar to what you guys do to talk about specific risk governance issues. We’ve put out best practice documents to help people create board Risk Committees, Compensation Committee, Risk Governance, Cybersecurity,  how you find the right kind of people who have this stochastic mindset that I talked about and our goal there is to raise the practice of Risk Governance at the board level, because if you think about some of the social issues that exist, all of our organizations have relationships that extend way beyond the legal boundary of our company, to extent that our corporations are more effective risk takers, they’re better employers, they’re better at returning into their community, they’re better at serving their [00:35:00] customers, they’re better at serving their suppliers. All of these relationships become better. My wife was a pastor. It was much easier for me to point to the things that she did to make lives better than what I did. But I could thru about three or four different steps go through to the point where what I’m doing today can make people’s lives better. I think a lot of the people we have in the DCRO are smart giving, people who want to see us all do better in whatever it is that we’re pursuing.

Raza: [00:35:27] Talk a little bit more about what DCRO offers its members and how do people get involved and engaged?

David: [00:35:34] Let me talk generically about the DCRO, the whole goal there when I’m working with individual board members and then pushing these documents out to boards as a whole, is to get them to think about what they’re doing differently. Where I come in and work with individual board members, the conversations might be here is the situation I’m facing this week, how do you think I might address this with my board members?  

I’d mentioned cultural issues or we’ve got [00:36:00] this emerging challenge in our subsidiary in Latvia. I don’t have any clients who have subsidiaries in Latvia, so I’m safe, but I can have a perspective that I bring from conversations with these people all around the world, or if I don’t have that perspective, what I’m able to do is to reach out to somebody in the DCRO and say, Hey, do you mind if we have this conversation or even better, I connect those two people and they have the conversation together.

When I try to work with boards, I try to introduce people to each other because, you’ve got a boards that you serve on that there are companies, yes, that would be similar enough, but are not direct competitors that you might find it. Interesting to talk to a board member about it.

If you go to an NACD meeting or the same kind of organization and other countries, one of the most valuable things you’ll do there is meet other board members and you have a one off conversation and that conversation takes you down a path you’d never anticipated, and it might be a relationship you have for years but you get something good about that interaction. We’re really [00:37:00] trying to do that. When I work with individual board members is to say, here’s some resources you may or may not have known of and here’s some things you might want to think of. Here’s some stuff that I’ve done or seen others do and I find that when I work with the individual board member and they bring that to the board themselves, that’s much more effective than having a consultant come in to meet with the board as a whole, because regardless of whether the board is hiring that consultant, that consultant is still an outsider and when the change comes from within when the change it comes from somebody they’ve worked with and the respect, I think it’s much more, more successful. Sometimes these things take two, three years to come to fruition.  I’m like a counselor.  It’s nice because I do have a lot of people I can connect people with and I’ve seen a lot of different ways of doing things and so I’ve generally been pretty good at being able to conne people.

Joe: [00:37:50] David, Raza and I both really enjoyed reading your most recent book: The Board Member’s Guide to Risk. I thought it was comprehensive and accessible [00:38:00] and that’s really what makes it, I think very valuable. Why did you decide to write the book and who is your target audience?

David: [00:38:07] Well, I appreciate those kind words and one of the words, particularly that you use, that I appreciate most is accessible. So it’s easy for people in risk management to start getting into technical speak. And, even if you, if you read my first book, I mean, my first book has some pretty deep ideas in it and you know, my wife made it through maybe the third chapter. I can’t remember. She never finished the whole book. and I told her I wasn’t offended by that, but you know, it’s, there’s, it’s still out there and I still remember that.

But if you can’t get people to a common point of using language or understanding people will resist talking about something. So if I walk into a boardroom and I start rattling off about risk topics that I’ve worked on for 35 years, I guarantee you at least a third, if not two thirds of that board won’t understand much of what I’m talking about [00:39:00] and because they don’t want to sound like they don’t know what they’re talking about, the discussion won’t go any further.

So one of the key objectives of this book was to create something that is small enough, accessible enough to use the word that you had used, nontechnical enough, that you could almost have a book club at the board and say, we’re all gonna read that this book, if you understand risk, you can read this book in an hour and a half, if you don’t understand risk, it’s going to be maybe two and a half hours. So you’re not looking at a huge commitment of time but in the same way that people who are in book clubs come back to a discussion and say, well, what are the key things you took away from this? What are the key ideas we think that resonated with each other that starts a great discussion about risk.

The other thing about it which was really important to me was that we get away from this idea that risk is about loss or uncertainty and in particular, that risk and opportunity are two different things. As soon as you take [00:40:00] risk and put it in the realm of loss only, it becomes a negative, it’s framed negatively, we have all kinds of social psychology studies on how people respond to negative framing of discussions and questions. We’ve got to get past that and we know that organizations have to take risks or they go away. I mean, that’s essential for the long-term survival of any organization, so let’s make sure we take risks smartly.

The first chapter in the book is about that. It’s about coming from where we likely are today, which is risk as loss and getting to a place that’s much more positive learning an essence to embrace risk.

Joe: [00:40:38] One of the things that really struck me was your discussion about risk in the context of group think. Which creates risk, you know, on this show and, and really everywhere in governance we talk about the importance of diversity on a board, and there’s so many reasons for that, but I love the way you put it in talking about the risk [00:41:00] that would you refer to as group thing creates.

Can you talk about, how that again makes the case for the importance of diversity at the board level?

David: [00:41:11] And we talked just a little bit about this earlier. I hinted at it a little bit earlier when we talk about some of the issues of, of boards under threat, but, you know, you had asked in the last question and I don’t think I ever answered it with the target market was for the book. but it’s boards C suite the MBAs, like I had, I’ve mentioned before.

In part, because we need to have this change of mindset about risk, but two things happen at a board that can stimulate this kind of, well, maybe three things that can stimulate this kind of group think. One is that we really like people who are like us. Generally, we do. So if you have a board nominating people to join the board, to replace people who are leaving, they’re almost always going to be more naturally drawn to people who are like them. We see that in our social [00:42:00] sorting in all parts of our own lives. It’s much easier for us to be around people like us, who agree with us in times of threat when an organization’s facing a competitive challenge or crisis, like we’ve got with COVID. I mentioned how we’re pushed towards these sort of tighter controls. We also were pushed then to be more like each other and to not want to do anything that’s different when times are really good though. We have a similar problem in that we stop listening to other people, particularly outside of our group, because we’re so good at what we do. I want to challenge you guys to tell me where the closest Kmart is. Did you guys have Kmarts out there? I’m not sure if you had Kmarts out there

Raza: [00:42:43] We did, the last one, I know where that one was.

David: [00:42:47] Yeah. In the Midwest, they dominated and, They knew what they were doing, right. They lost, they lost perspective that somebody might know what they’re doing better than, than those people did because of their success.

In our trading rooms, we [00:43:00] used to have this expression, the gods first make proud of those they would destroy. It was really helpful to have somebody else in the room, tell you that at the time that you thought the most of yourself, because it was a good reminder that things can go wrong. When you push for and when you demand diversity again, not just gender and race, but experience. When you push for that diversity among a board, you make it far less likely that any of these situations take hold because people come from problems and come to problems with a different set of experiences. So it’s one of the great challenges in our lives, right? One of the great challenges in our lives is to develop an understanding of where somebody else has come from. And to listen and learn from that. That’s one of the reasons why diverse boards are better generally than non diverse boards. And again, it’s diversity across all sorts of measures. It’s because people come to problems with a different set of experiences to [00:44:00] solving problems and since they’re on the board, they’ve probably been sitting successful at solving problems in a different way than the others. So when we have to be nimble, when we have to change, we have to innovate. We have to be able to respond in a competitive environment, or even at nonprofits, honestly, to have these diversities of experience and perspective and incredibly important to have that an openness to hearing those and learning from those, our boards become better.

Joe: [00:44:28] So essentially you’re saying there is an inherent risk and having a board that’s undiverse, because people are thinking of like, they’re going to miss something.

David: [00:44:38] It’s one of the reasons why I don’t like when publicly traded companies try to make it difficult for shareholders to nominate people to the board because the people who the board is bringing, yeah, they may, they may be great for the board and the board may have gone through nom gov and said, we need this talent set. We need this skill set. We need this experience set. But there are [00:45:00] people who have every interest in that organization succeeding the same, if not more interested in that organization succeeding as the existing board does, who may have people, they think it would be even better for the board at this time, because they’re looking at it differently. So yes, it’s critical in order for the organization to achieve its best.

Raza: [00:45:17] David. I have my favorite story from the world of risk, where a Turkey is fed every day, reliably, and every day the Turkey gets food makes the Turkey believe that they will get the next meal, and their belief even stronger in that, of course it goes on until the Wednesday before Thanksgiving and then abruptly there is a catastrophic event of great impact to the Turkey.  From the Turkey standpoint, it is a Black Swan event, but from the butcher’s perspective, it is not. How can boards and then, an enterprise avoid being a Turkey?  What do they need to do to be able to deal with the unknown [00:46:00] unknowns?

David: [00:46:01] Well, you know,  this example or this story that you cite resonates a bit more with me cause, out here in the Midwest, I happen to live near some Turkey farms. So I see turkeys in horrible conditions in cages, on the backs of trucks, going off to discover what the butcher already knew.

 You know, I suppose there’s something in this that really relates to the conversation before about the gods first make proud of those they would destroy. If you’re only focused on how good things are and what you’re doing to get more of what’s good or if the good is just coming through and you don’t seem to be having to do any work for it. Turkeys, at least that I’m aware of, can’t organize and communicate. Maybe they communicate, but probably not at a level that allows them to organize if they could, it’d be a pretty dangerous thing to start putting them on that truck because they would have already thought through this now humans, we, we thankfully have the benefit of the ability to communicate.

So for us, I think the question isn’t why, or the question [00:47:00] isn’t, what’s going to happen tomorrow, but there’s a good question to ask,:”why are we getting this food? “Why is it that our customers are buying our product? Why is it that we have this market position? And then the natural conversation has to go to what could change that.

And, and so, you know, maybe your outside consultant is the butcher. And if, turkeys could organize and talk, somebody might say, you know, I’ve heard of this thing called a butcher. Why don’t we have him come in and talk to us about, you know, his job and if, and if it did, you’d have a much smarter set of turkeys.

So, so there’s, you know, maybe I’m, maybe I’m taking this analogy too far, but the idea is that that as long as we’re getting different perspectives, and as long as we’re always questioning what it is that we do well and why it is we’re being paid for what we do. I think we can avoid that fate for the most part, when you respond, let’s say they they’d also have this resiliency. They also had this problem response mindset. If the [00:48:00] truck showed up, that’s when they would organize and do something.

Joe: [00:48:02] The best answer to the Turkey question that I’ve heard yet.

David: [00:48:07] I’m glad to hear that. Thank you.

Joe: [00:48:09] No, but it makes perfect sense to me. That’s why that is the answer. Actually, you need to think beyond why is this, you know, it’s good now you really need to think about the future and asked questions about what is going into making today good and what could disrupt that? And to the extent you’re not doing that, you’re not doing your company, your business, or whatever, endeavor in which you’re involved you’re not doing any favors.

David: [00:48:36] and I think that’s part of how boards are evolving, Joe. It’s becoming more of a job. and I think that limits the number of boards people can be on now in ways that it didn’t before. So it wasn’t all that uncommon 15 years ago to find people on five, six boards of large companies, it’s pretty hard to be on more than two or three right now. And to do the role as you just described it. And I think that’s a good [00:49:00] change.

Joe: [00:49:01] Excellent.

David. It’s been great speaking with you today. Thanks for joining us. I hope you and your son and your daughter will continue to be well and stay safe, and thank you all for listening today. To onboard with our special guests, David Koenig.

Please stay safe. Take care of yourselves, your families, and your communities as best you can.

Raza, please take care. I hope you and your family continue to be well, and that you are staying safe also.

Raza: [00:49:30] Yes, Joe, we’re all staying safe. Thank you. And I hope you and your family as well.

David: [00:49:34] And thank you both. I really enjoyed this conversation.

Joe: [00:49:37] Thanks David. Thanks Raza.

11. David Rosen on the importance of boards in private companies

David Rosen has been a CEO, served in other C-suite capacities has served as a board member and is a life-long entrepreneur – and has developed a passion about the importance of boards in private companies.  As a result, helped found the Boston Chapter of The Private Directors Association (PDA), a national organization whose focus is to support the owners, board directors, investors, and C -suite executives to improve their board caliber as well as the governance practices for private companies.

Thanks for listening!

We love our listeners! Drop us a line or give us guest suggestions here.

Links

http://www.linkedin.com/in/davidarosen

PDA Boston

Quotes

“I won’t start a company without creating a board almost from the beginning.”

Big Ideas/Thoughts

There are a lot of governance needs is on the private company side, which is why I believe the PDA is so important. 

There is more money on the balance sheets now, as of 2019, in private companies, then there is in public companies, while the number of publicly traded companies since the .com bubble is almost half for what it is today.

The private capital formation into companies has been a tremendous driver of activity and wealth not only in this country, but worldwide

I advise my clients from the beginning that they should think about board governance- after they’ve learned cashflow balance sheets and cost of goods sold it is time to start focus on governance issues

It really behooves a board to understand the skill sets that are required for the current and long-term future of a business, which may be different from what it was three-five years ago.

Transcript

Joe: [00:00:00] Hello and welcome to On Boards: a Deep Look at Driving Business Success. Hi, I’m Joe Ayoub and I’m here with my co-host Raza Shaikh. On Boards is about boards of directors and advisors and all aspects of board governance. Twice a month, this is the place to learn about one of the most critically important aspects of any company or organization its board of directors or advisors.

Raza: [00:00:26] Joe and I speak with a wide range of guests and talk about what makes a board great and makes a board unsuccessful, what it takes to be a valuable member and how to make your board one of the most valuable assets for your company.

Joe: [00:00:42] Our guest today is David Rosen.

Raza: [00:00:45] David has been a CEO, a board director a C-suite executive and entrepreneur, and an investor in private companies. He is the founder of the Acrelic Group, which works with companies on revenue, growth, strategic [00:01:00] initiatives, organizational alignments, and managing risk. He is also a founder of the Boston Chapter of Private Directors Association.

 Joe: [00:01:11] Welcome David. It’s great to have you as a guest on On Boards

David: [00:01:15] Thank you. I’m really glad to be here. And, I really think you’re talking about a very important topic here, so whatever I can do to help, Joe and Raza, I’m glad to be here.

Joe: [00:01:26] Great. So, David, you’re one of the founders of the Boston Chapter of the Private Directors Association. Can you tell us a little bit about what the PDA does?

David: [00:01:37] Sure. The Private Director’s Association or PDA, it’s a national organization that was founded in 2014 in Chicago, and really got ramped up in 2015. Its focus is to support the owners, board directors, investors, and C -suite executives to improve their board caliber as [00:02:00] well as the governance practices for private companies.

Now  five years later, it has 900 members across 17 chapters in the US and it serves its member goals and aspirations in four areas: First,  in identifying and positioning for their first or additional board director, employment or other business opportunities. It helps them in expanding their network of peers and smart business and board directors along with supporting thought leaders, academics and practicing service providers.

The third goal that our members typically have is learning and educating themselves about private company governance, best practices and challenges as well as up-leveling their skillset in board governance.

And finally, the last goal that most of our members have is that they want to get involved in a pay it forward and have an effective community where they [00:03:00] can pursue opportunities where they can speak, moderate, provide thought leadership. They want to often test their, skills or perspectives before they put it into practice or they want to collaborate in actionable committees.

Joe: [00:03:15] That’s great. Was there anything prior to the PDA that was focused exclusively on private companies, as far as you know?

David: [00:03:26] You know, that’s a good question. I’ve been a member for a little more than two years now. And I don’t know what was here before that, but, I think we distinguish ourselves as the primary organization and member-driven nonprofit towards private company issues.

Joe: [00:03:45] I gotta say it is interesting to me, you know, most of my work, in fact, exclusivel my work is with the private sector, that it is so recent that the PDA came into existence, but I suppose that does underscore the growing importance of [00:04:00] private company boards.

David: [00:04:02] Right. You know, it’s interesting, Joe, when I joined the PDA a couple of years ago, I didn’t think about private company governance versus public company governance. When I’ve done M&A work, and I’ve developed strategies to get into new businesses and markets I’ve never segmented the market by private versus public.

But what was interesting is that I found all these factoids and when I see these factoids happening at a macroeconomic level, you know that things are happening or bubbling up and things are changing in the current industry.

One factoid is that there’s more money on the balance sheets now, as of 2019,  in private companies, then there is a public company.

Another factoid that kind of blew me away to give me a sense of the, of the momentous size of private companies and their impact to our GDP, was just the fact that there’s more money being spent in [00:05:00] private family offices, not necessarily the businesses, but just family offices that invest multigenerational wealth, than there is in the total worldwide hedge fund market.

Joe: [00:05:12] Right. You know, Raza and I have talked a little about this in the past and it really is pretty stunning to think about. I don’t think it’s commonly recognized the extent to which the money and the private business world has grown so much.

Raza: [00:05:28] The private capital formation into companies has been a big, tremendous driver of, activity and wealth not only in this country, but worldwide. We also talked about it earlier in our podcast episodes that the number of  publicly traded companies since the .com bubble is almost half for what it is today. And so that also tells you the state of the public markets. So both of those dynamics combined really does mean that a lot of [00:06:00] governance need is on the private company side.

Joe: [00:06:04] I’m curious, David, what brought you to the PDA to begin with? I think you joined the chapter in Chicago. You said?

David: [00:06:09] I was invited to a speaker panel program in Chicago by a neighbor and friend of mine and the program itself and the way the PDA conducted its program, and the happy hour beforehand of networking was strikingly interesting to me. So not only was it a great program of content around board governance and private companies, but the networking portion where there was good cocktails and food before the presentation, I remember meeting at least six people who had amazing experience across the spectrum of family businesses or founder-led businesses and had great stories and they were smart people and they were friendly. One thing that attracted me was the culture of this association.

I’ve been a member of [00:07:00] NACD. I’ve been a member of the Planning Forum. I’ve been a member of the ACG, Association for Corporate Growth and I was also as a CEO of my own companies. I’ve been a member of Vistage off and on based upon what my needs were but I really liked the culture that I found here and the fact that it really it’s a culture that I’m not sure was basically a Midwestern culture or whether it was the principles that were driven by the founders. What I now know is it was really a combination of both, where they really pay attention to the members and the networking value, and the fact that most of our members want to expand their network when they joined the PDA.

Joe: [00:07:40] Yeah, well, it’s interesting because a lot of organizations offer networking, but it’s variable to say the least, sometimes it works, sometimes it doesn’t sometimes it’s just almost useless. So it’s interesting that that is one of the things you think is a real strength of the PDA.

I guess the mid-Western roots could [00:08:00] explain it and maybe, I mean, is it possible that it just, that the people, because it’s a relatively new organization, more likely to have more in common to begin with? Is that possible? I mean, I’m just trying to figure out what makes a group better at networking, more valuable to those members for networking purposes.

David: [00:08:20] Well, I can give you an example. So one of the things that was apparent to me after my second or third meeting was that no one was standing alone for too long and if I’d see someone standing alone, I’d see another member walk over to that person, introduce themselves, start a conversation, and then immediately move them over to somebody else that they could introduce them to that was probably in line with what was on their mind at the time and that culture, I think is principled and proactively demonstrated, but also [00:09:00] it may come from the Midwest.

I’m very visual person and you know, when I think of public companies, when I’ve looked at them in the past, I see them in their lanes and there’s a lot of conformity across public companies and how they govered.

You’ve got your FINRA lane, you’ve got your SEC lane, you’ve got your Sarbanes Oxley lane and you’ve got your IRS lane and all those lanes force you to manage and govern consistently across company to company. So when I think of public companies, I think that they’re managed and as long as you get the ball down the middle, keep it out of the gutters you’re going to hit the pins at the end.

I never realized until I joined the PDA that while I was learning more at a macro level, and I’ve looked at thousands of companies that were mainly private for acquisition by my clients, that when I look at the governance styles of private companies and even the leadership styles [00:10:00] there’s very little conformity. With my visual mind, what I think of as a miniature putt golf course, and so your first hole, you’re starting out where your cup’s 180 degrees behind you, and you’ve got to go through a windmill and a river to get there.  No two companies are ever alike because they’re no two miniature putt golf courses are alike.

Joe: [00:10:21] I just want to ask you though in terms of the companies that are involved in the PDA, is it everything from startup to major family businesses? Is it private equity and venture businesses? Is it all of that or does it focus on one area of private?

David: [00:10:39] Our members on a national basis come from almost all sectors of private companies and that includes family offices or businesses owner ,founder led companies, PE/VC backed companies, even employee owned ESOP’s -we have a number of people who are [00:11:00] on boards or are fiduciaries for ESOPs.

I’ve been in Boston for nine months now. We started the PDA in January, February timeframe and what I’ve noticed is that there’s a much more heavily, PE/VC backed focus here than there is in Chicago. I think that makes sense with all the tech companies here, the biotech companies here, there’s a lot of patterns, but at the same time there’s construction companies in Boston, there’s construction companies in Chicago and there’s construction companies in Tampa and all the other locations of the PDA.

I think that we’re going to develop our own flavor around technology, but we’ve got chapters in San Francisco, in LA that have commonalities with us and so we’re starting to bring our chapters together for social so that we can meet other chapters as well.

Joe: [00:11:53] Does it encompass both fiduciary and advisory boards? Is it all kinds of governance or is it more in the, the [00:12:00] roles of directors of fiduciary boards?

David: [00:12:03] We actually encompass both. We’re focusing on experienced board members because we believe that that if you get experienced board members, you’ll attract the aspiring and emerging ones,  but we, we really are very member-centric. So we pay attention to the various demographics of our members and the various goals of our members so that we can pay attention to their needs.

So we have fiduciaries. We have a deal makers. We have a lot of service providers. I think somewhere about 25% of our membership are service providers, but interestingly enough, part of the Chicago culture again, is that everyone knows that when they’re at an event for the PDA, it’s really a pay it forward, share your intellectual property and knowledge in a solicitation-free zone. So there’s no real solicitation going on. It’s okay if you go outside [00:13:00] and say, “Hey, can we meet another time or something else?” but we really are looking for people who want to give back and pay it forward. 

Joe: [00:13:07] Can you talk a little bit about some of the programs that offers that you think are particularly effective?

David: [00:13:12] We offer some amazing programs for our members and again, it’s focused on the needs and goals of our members, including ourselves. One of our most attractive programs is our directors development program: that’s a hands on program where an experienced board member who has typically been involved in recruiting, more board members for their boards will be a mentor to a PDA member that gets assigned to them.

And what that mentor does is that they help them one review and improve their board CV.  If they have one, they’ll help them improve it. If they don’t have one, they’ll help them create their first board CV, which is really important if you want to get selected out of those two or 300 [00:14:00] candidates to get down to the top 10 that are going to be interviewed, you need to have a board resume that speaks to your board experience or your potential for a board experience.

The second thing they do is they walk the mentee through a 70 plus page compendium document that’s been created from the founding of the PDA back in 2015. It’s a document that spans all the challenges and governance practices across the various forms of private company models.  Family business issues, where you have a fiduciary board, you’ve got a family board and then you’ve got somebody wearing their matriarch cap on or wearing their grandchild hat on, and how do you distinguish what they’re asking and how do you keep things in order, to, you know, the various forms of ESOP models and what the issues are CUT . If an ESOP gets an offer for a dollar above their current market share [00:15:00] price, what do they have to do? Do they have to sell an ESOP company? Those are real tough issues that have to be resolved.

I didn’t finish your other question, which was other services that we offer to them as a part of what we talked to them about. One of them is we offer a free board listing service and that board listing service goes to board directors or board chairs or owners of companies. And in fact, their recruiters actually use our pre-board listing service, where they recognize that they can reach out to the 900 plus PDA membership and they can find a real fertile ground for their candidates to be found. In 2019, we had 52, assignments put through the PDA membership.

Joe: [00:15:47] The resource you have for  listing people available for board positions is particularly interesting to me.  I help companies build boards, and the  the more [00:16:00] diverse areas I can go to find those board members is really, really attractive. I think that’s a terrific resource, particularly if it, if it actually works and it sounds like it really does. I mean, I know there are others that I’ve counted that don’t they say they’re doing it, but I don’t think it’s really working that well, this sounds like an excellent function really

David: [00:16:19] Yeah. the real distinction is that my understanding is that other associations and organizations actually charge fees for a service like this.  So  I can’t speak to those other programs, but by having a free board listing service with very qualified people, it’s a big connection.

The other thing that we offer our members is that we have, very early on, the PDA has been putting on about three zoom presentations a week since the pandemic started. And they.

Joe: [00:16:50] Thats a lot  zoom!

David: [00:16:53] It really is, and I believe that they stepped up to the plate a while other associations were [00:17:00] clueless on how to continue programming during a global pandemic. You see all these conference companies and in-person conference event companies that are still maybe only put on one or two events.

Ours set out with a goal of putting on two a week and have consistently put on three or more a week and all about private company governance issues and dealing with, avoiding insolvency during a pandemic, or how does the board govern itself during pandemics to, dealing with, shifting roles of boards in a crisis and how do you support your C-suite team without violating some of the typical tenants of board governance, roles and responsibilities. I’ve been very happy with how PDA stepped up to the plate in that area.

Joe: [00:17:50] I think you make a compelling case. I can see why you’d be a very effective leader in the PDA because it really does sound good so let me just ask you [00:18:00] this next one to three years what are the goals at least, for the local chapter? What would you like to accomplish?

David: [00:18:08] I’m a growth person. I’ve been very happy with the growth I’ve received from my own companies and my client companies and we looked at the marketplace , we think that our targets are middle market companies that are considering their first boards or have already placed a board and those companies are likely to be in the 10 to half a billion dollar size range.  What we found is that there’s 15,800 companies just in Massachusetts alone that are between 10 million and a billion. And so, there are only about 13,000 companies that are between 10 million and a half a billion.

So either way you slice that market segment, that’s just for Massachusetts. We believe that we should easily be able to grow [00:19:00] into a thousand members or 2000 members in the new England region as a whole.

We’re also starting to figure out, should we call ourselves Boston or do we call ourselves Boston and New England? Or do we just go by New England? I want people to be clear that we are centered in Boston, not in Springfield or not in, you know, where the Philharmonic plays in the summer, but that were centered in Boston.

Joe: [00:19:27] You got to figure this out. You’re going to live here. Tanglewood. You got to know Tanglewood

David: [00:19:32] Okay. Tanglewood. Right, right. only been back.

Joe: [00:19:37] Chicago is behind you now.

David: [00:19:38] Yeah, no, I got that. I’m very happy to be here, but the idea is that there’s a significant population here and because of the fact that there’s very little commonality, there’s a great need to better understand what could become common, what could be best practices around board governance in private companies.

[00:20:00] And so, I think there’s a great need and I we’re in a good position to fill that need.

Joe: [00:20:05] Perfect.

Raza: [00:20:06] Well, David, thank you so much for giving us a very wonderful introduction to the Boston chapter of, PDA.

I want to shift and talk a little bit about your work with the Acrelic Group.

David: [00:20:20] Thanks for asking Raza. The Acrelic group is really a holding company that itself is a strategic advisory of experienced business, operational and strategy executives and we focus on delivering high impact efforts for boards, owners, and C-suite executives of, middle market and larger companies or divisions of large companies.

We focus on four things, identifying, defining, and approaching new profitable sources of revenue. We focus around creating rapid operational improvements  [00:21:00] like the lean manufacturing levels that have occurred, we actually believe in lean strategies and lean operational tactics to make things done faster and to be more competitive on a global basis which many of our companies are.

We also believe that you need to couple your strategies and actions to the organization. In some cases you might have a culture that needs change and needs modification and in my experience of changing five, six, 10,000 person organizations, it’s not always getting them to do new, interesting things,  but sometimes it’s the difficulty of getting them to stop doing the things that they’ve always been doing and the results they’ve been getting and stopped doing that, which might be counter strategic or counter-cultural to the new business heading that they’re leaning towards. Making sure that there’s organizational alignment with the strategy and direction, [00:22:00] is very important.

And then finally, we also focus around  managing risk and longevity to the business, as well as any ESG or sustainability issues that may be important to the stakeholders of a company as well.

Raza: [00:22:18] David, what culture have you seen, for private boards that still makes them distinct?

David: [00:22:23] I would classify private boards in a couple of ways. it often spans the gamut of I have a board because they have great brand recognition in the industry and often I’ve talked to the owner of that company and I said, Oh, well, you know, you’ve got Wozniak on your board, when was the last time you talked to him? Oh, I haven’t talked to him for a year. I said, but my sense is he doesn’t invest in things that he’s not interested in and why aren’t you engaging him? He goes, well, I don’t [00:23:00] need them right now and so, but he considers him a board member. He’s an investor in the business and I look at that and I think, Oh my God, what waste of talent and what waste of, of connections that, that Wazniak could provide. I never understand how people have these boards and they just put up these brand names. It looks like eye candy on their website and they never speak to them and talk to them.

Raza: [00:23:25] David, this is what this whole podcast is about: how to turn your board into the most effective tool for you even though the CEO serves at the pleasure of the board, but really it’s the job of  management and the company to use their board as a resource and to really leverage it out.

Joe: [00:23:45] And I want to say, I think boards could be a significant driver of enterprise value. I mean, that’s what you just said.  I think people miss that. Boards are really when well composed, when well-built [00:24:00] can be a huge help in creating and growing enterprise value for a company.

David: [00:24:06] Yeah. Thank you.

Raza: [00:24:08] David, as you’ve invested in these companies, have you become part of their board and  is that also how you’ve seen, the investor adding value to the company?

David: [00:24:18] I have taken board seats in a couple of companies that I’ve invested in and the more I’ve learned about private companies and how they operate and the more I’ve learned and looked at it from a macro view, which I’ve been doing over the past couple of years. I won’t start another company without creating a board almost from the beginning, especially if I know that I’m going to take on outside investors.

One of the ideal values is, and the reason why I’ve joined the boards of a couple of my companies, that I know that when they go to take on outside capital, that that outside capital comes with a request for one or two board [00:25:00] seats.  So, if you start with two founders and you have an investor coming in with two board seats, that’s a board of four, therefore you really need a, an odd number board. You would typically say, okay, let’s bring on an independent board director.

Well, if you wait for those VCs or PE firms, they have plenty of people who they can bring in as a quote, independent board director, unquote and suggest that this person come on because they’ve got great experience and yada yada and the founders will typically, agree to that.

The reality  is that in many times, those independent board directors, quote, unquote, are typically investors in the funds that are investing in the new company and therefore have a significant concern about  what the issues are around that VC firm that might trump those of the business that they’re [00:26:00] investing in. The second thing is they might have a series of interim assignments that have been given to them by their PE or VC firm to go work in their portfolio companies and they might be getting significant six figure salaries from those either their portfolio of companies directly or the PE firm themselves.

Are they truly independent directors or are they really an extension of the investor? And so if you start with three board members, two founders and an independent, you’re  going to be in a much stronger negotiating position when you’re taking on outside capital to ensure that you have one, an odd number board too, that you truly have independent directors that you’ve selected, that might be unbiased and, and maybe more biased towards the longevity of your business.

Raza: [00:26:53] David, are you saying that, as you invest in these companies, not only you joined the board, but you also bring with you an [00:27:00] independent member that the founders can agree on?

David: [00:27:04] I advise them from the beginning now that they should think about board governance after they’ve learned cashflow and after they’ve learned about the balance sheets and after they learn about what their cost of goods sold is then I think it’s time to start introducing issues about governance.

Raza: [00:27:22] David, in this  world of private boards what challenges issues that you have, observed related to boards, some war stories or some other areas where it has been contentional, maybe because it is private?

David: [00:27:39] What I’ve seen that distinguishes strong boards in the boards that I’ve been involved with and I, I was lucky to be on an executive board of the largest ESOP in the world at the time a company called SAIC and  I got to see how they operate and function, and what I always thought was important for effectiveness was the strong [00:28:00] preparedness that you have for getting ready for a board meeting.

You’re not reading through the stuff real time. You should have read it and you should be able to talk about the issues so that you can come to action or decision in that meeting when you’re together with your peers on the board. A good friend of mine was on the board of Fidelity and he used to talk about, he’d get five binders of six inch sent to his home and it would take them about two weeks to prepare of full time time before he’d go to the board meetings and this was an amazingly smart guy. He was the head of DARPA at one point and just brilliant man and for him he takes half the time that anybody else takes to prepare for something cause he’s that smart. But I think open dialogue and discourse is really critical that  you not only dialogue about things but you have discourse and debate about them so that you’re not biased towards any one issue and making [00:29:00] decisions quickly for brevity sake, that you’re actually looking at all the issues in an unbiased way and making decisions based upon what, what makes the most sense to the ongoing strategy and direction and policies of the business?

Knowing when to ask the right questions and at the right time is a critical component of effectiveness of a board. The board paradigm of having your nose in and your hands out is really key and I think that’s the driver of knowing when to ask the right questions. You’re there to be inquisitive, but you’re not there to operate the business and you’re not there to take action.

It’s the CEO and the leadership team that have to take action, but you have to have the open dialogue too and very clear reporting that you’re seeing especially times like during COVID where you need to look at a lot of different data and you don’t know what the validity or the assumptions are [00:30:00] and you need to really get down to the bottom of what you’re seeing to know if there’s faint signals in there that you could take action on and are being ignored.

The other thing  is effective matching of the company’s needs in appropriate board director skills. There’s a lot of conversation I haven’t experienced as much because I focus a lot on high tech companies, but there’s a lot of conversation about people are over boarded. They have too many boards, or they’ve been on a board for 25 years or they’re really adding value and I think it really behooves a board to understand the skill sets that are required for the current and long-term future of the business, which may be different from what it was five years ago.

Joe: [00:30:42] Yeah, I think there’s no question that the crisis that has been created by this pandemic has caused a lot of companies to look at their board composition and really think about it.  It’s easy to be a board member or to be serve on a board when everything’s going great [00:31:00] but it’s true for both senior management and for the board that when there’s a crisis, you really get it.

You really understand where they the right. People in the board, wasn’t the right senior management, the CEO, whatever it may be. So I agree with you. I think there’s likely to be a fair amount of disruption, more disruption than normal in boards in the next year or two years, because companies that need help, and maybe didn’t have the right help during this crisis.

There are more crises to come. This isn’t the last one, but this might be a chance for boards to do what they should have been doing all along, which is to look at their composition and always be aware of what the skill sets are needed to drive it to the future.

David, it’s been great to have you with us today. Thanks for joining us as our guest on Onboards.

David: [00:31:50] Thank you. I really enjoyed being here and, I’m looking forward to listening and seeing more programs from you guys.

Joe: [00:31:56] Excellent! That we like to hear !

And thank you all for listening to [00:32:00] On Boards with our guest, David Rosen.

Please stay safe. Take care of yourselves, your families and your communities as best you can. Take care Raza.

Raza: [00:32:11] You too, Joe.

Joe: [00:32:12] Thanks.

© 2022 On Boards Podcast. All Rights Reserved.