LONDON – The increasing weight of corporate governance, more stringent regulatory processes and outdated Board structures are preventing Boards from adequately engaging in and setting appropriate risk management cultures within their organizations, according to a new survey by Thomson Reuters.

As regulators demand greater risk oversight, the survey found a quarter of Boards are not actively engaged in this process – often hampered by time constraints and the significant pressures associated with reviewing an increasing number of Board materials.

The Thomson Reuters survey covered more than 125 general counsel and company secretaries across a wide-ranging cross-section of industries and geographies globally. It builds on a survey of similar respondents conducted in September 2011 so presents year-on-year trends and developments. Key findings from the latest report include:

• On average organizations prepare 92 board books annually; each an average of 116 pages. This amounts to over 10,000 pages per year, representing a 50% uplift from the average of 5,940 pages reported the prior year.
• Several organizations surveyed prepare more than 300 board books per year, close to six board books per week.
• An increased expectation of good governance drives Board members to seek additional outside sources of strategic context and financial insights. Over 70% of respondents reported a need for competitor insights, financial analytics and industry information. These are sought outside of traditional board materials.
• Risk oversight by Boards varies substantially and there is a wide range of behaviors. Nearly 25% of respondents state that their Boards don't actively engage in risk oversight.  This stands in stark contrast to the 55% of Boards that actively set a risk culture and cascade its policy to management
• Almost half of the respondents indicated that they never encrypt their Board materials, and eighteen percent indicated that they only occasionally encrypt their information
• Only thirty percent of respondents were confident that Board members destroy all copies of Board-related emails and documents in accordance with document retention policies
• Over half of the respondents indicated that they had been in a situation where Board members had left sensitive documents in public places or had heard of instances of sensitive Board materials being left in public places

"Corporate governance is becoming ever more complex due to the fluctuating economy, increased regulatory requirements and greater regulatory scrutiny," said Mark Schlageter, managing director, Governance, Risk & Compliance, Thomson Reuters. "This is placing increased responsibility on the Board of Directors and greater demands on accountability and transparency. It is therefore essential that Boards have all the strategic business and industry intelligence they need at their fingertips to ensure they understand the entire picture when making decisions and to have better risk oversight across their organization."

Greater volume of Board materials
Increased focus on board governance appears driving the volume of board materials to new heights and is presenting a real challenge for Directors and Company Secretaries alike. The challenge of producing and reviewing board books is growing. On average, among respondents, 92 board books are created annually, each with an average of 116 pages. This means that Company Secretaries prepare and distribute an average of over 10,000 pages of confidential material to their Boards every year. This number is more than 50% higher than the previous year's survey.

An increased expectation of good governance drives Board members to seek additional sources of strategic context and financial insights. Over 70% of Directors reported a need for competitor insights, financial analytics and industry information – all of which are sought outside of traditional Board materials.

Need for better risk mitigation
Most major corporations surveyed were found to have significant security gaps leaving sensitive board-level information open to information theft and hacking. In particular, it was found that the majority of respondents are regularly sending confidential board material to their members via courier or through unsecure, noncommercial email addresses. In addition, the percentage of respondents reporting board members' loss of computing devices or mobile devices to misplacement or theft grew by nearly 100%. Two-thirds of board documents and communications were also reported to be distributed through a variety of devices and servers, up sharply from the corresponding 2011 survey.

Another vulnerable area is in risk oversight and regulation with a quarter of respondents stating that their boards don't actively engage in risk oversight. In addition, while over three quarters of respondents acknowledge that their board seeks to remain up to speed on major areas of regulation, only thirty two percent point to the board's adoption of policies, some of which were referred to as "gold-plated".

Board security more critical
Board members are expected to deal with a wide range of issues at both a local and global level and their responsibility for cross-border issues continues to grow. As a result, the majority of board documents and communications are likely contained across a variety of devices and servers (sixty eight percent this year), up from fifty two percent in the 2011 survey. Board materials are also put at risk by a common Board member practice of printing and carrying documents originally sent electronically, further exposing an organization to risk of theft or loss of commercially sensitive documents.

The results also suggest that Directors are using an increased number of mobile devices to access board materials and that most organizations are not tracking all the various computing devices that Board members are using to retrieve and save board documents. Private mobile devices dominate the use of mobile technology by Boards. Over seventy percent of respondents indicated a BYOD (Bring Your Own Device) reality at the board level, as organizations did not supply Board members with mobile devices specifically for the purpose of board communications. This is an area of considerable risk for Company Secretaries who are not only charged with the creation but also the destruction of confidential board materials.

Thomson Reuters

Thomson Reuters is the world's leading source of intelligent information for businesses and professionals. We combine industry expertise with innovative technology to deliver critical information to leading decision makers in the financial and risk, legal, tax and accounting, intellectual property and science and media markets, powered by the world's most trusted news organization. With headquarters in New York and major operations in London and Eagan, Minnesota, Thomson Reuters employs approximately 60,000 people and operates in over 100 countries. Thomson Reuters shares are listed on the Toronto and New York Stock Exchanges. For more information, go to: http://thomsonreuters.com