Is it Time for Boards to Have Technology Committees?

Technology has become such an important factor in the strategic direction of any enterprise today that increasingly it is becoming a subject for discussion around the boardroom table rather than just in the executive suite. For some non-IT organizations – including OMERS AC, officially the Ontario Municipal Employees Retirement System Administration Corp. – technology has become so critical that it now merits its own board committee.

Boards use committees for a variety of purposes, including making the best use of the time and talents of directors. At the same time, they need to strike the right balance between informed corporate oversight and letting managers manage.

After the debacles at Enron and WorldCom, followed in 2008 by the credit crisis, policy makers and regulators recognized that weak auditing, accounting and governance practices, along with perverse compensation incentives, were jointly responsible for much of the damage to the economy and to public and investor confidence. In the debates leading up to the U.S. Dodd-Frank Wall Street Reform and Consumer Protection Act in 2010, people rightly wanted to know why boards had failed to root out problems with audits and corporate governance or rein in excessive executive compensation.

Partly as a result, corporate board “good governance” best practice now routinely produces some variant of three board committees: governance, audit (often with finance), and human resources (or compensation). Beyond that troika, there may or may not be a business-specific committee or two. Biomedical and high-tech companies, for example, may have a research or technology committee. But overall, boards have been quite properly reluctant to adopt any committee structure that inevitably tempts board directors with directly related management expertise to play a management role.

That thinking about committee structure is beginning to shift when it comes to the matter of information technology, which has emerged, in every business and organization, as an increasingly important topic of discussion at the board table. Information technology can drive increased business value; technological innovation can improve an organization’s performance and market valuation. But technology failures and misjudgments in mission-critical systems can also leave in their wake large avoidable costs, reputational damage, lost shareholder value, and shaken confidence in management. For other areas of board focus, like finance, personnel, investments and business strategy, boards often have expertise and experience among their members. Technology issues and risks, however, can be difficult for board directors to evaluate and remediate, even if they have some experience in this complex and rapidly evolving field.

There may also be a tendency to see technology issues as management’s responsibility, arguing that board
directors should not be “looking under the hood.” In a world of cybersecurity threats, however, and with growing dependency on information technology and digital communications for operational success and business continuity, board directors know that technology is a matter of strategic importance to most corporations and governmental entities.

These issues were on the minds of OMERS AC’s board directors when they considered creating an additional standing committee of the board to deal with technology issues. As a pension fund with $77-billion in net assets, with nearly a half-million members and contributors across almost 1,000 local government employers, OMERS knew that it relied heavily on information technology in both its investment and pension administration businesses.

OMERS’ foundational pension administration system had outlived its useful life by many years. The challenges of replacing it with a contemporary system had resulted in the board striking a time-limited special committee to oversee costly and complex system-development and implementation efforts. In doing so, however, it was made clear that the special committee would be positioned as an oversight function of the board, not as an approval body. Technology planning and solutions rest with management, and management should be held accountable for them.

While board-level responsibility for information technology had formerly been included in a long list of responsibilities of another OMERS board committee, there was consensus that information technology was simply not receiving the attention that it merited. As a result, the special committee was converted to a standing committee of the board, and given the name technology committee. The committee’s board-approved mandate was crafted with an eye to retaining the appropriate balance between management responsibility and board responsibility. As the proposed committee mandate was discussed, pent-up demands for attention to other strategic technology issues emerged. As a result, the committee was also asked to assume responsibility for reviewing management’s technology strategic plan, as well as to ensure appropriate precautions were in place to deal with cybersecurity and business continuity threats.

Although still at an early stage, it appears that both the board of directors and management at OMERS now find the technology committee a useful forum. They appreciate the committee’s perspective in discussions ranging from corporation-wide risk evaluation and mitigation to forestalling threats from hacking, privacy breaches, corporate espionage and ransom attacks – risks all large organizations must now face. Any concerns that the technology committee’s mandate would impinge on the mandates of other board committees, or on managementcs prerogatives, seem to have dissipated.

One thing is clear: Once a board decides that it needs to have technology issues vetted at the board table, whether through a technology committee or otherwise, it is equally important to have some tech expertise on the board itself. The matrix that identifies the competencies sought in board directors should now include expertise – some specific and some general – in information technology and digital communications. Fortunately, the OMERS AC board has directors with that background. But the directorappointment process will need to keep that requirement in mind for the future. Interestingly, in a January 2017 survey of the chairs and vice-chairs of 39 pension fund boards in Australia, having “tech-savvy” directors was cited as the top priority, even surpassing investment expertise. The degree of specific technology knowledge required would presumably be tied to the nature of the technological issues facing the board and the enterprise.

This is not to suggest that all boards should adopt the technology committee model, but for organizations dealing with technological change issues, creating a technology committee of the board appears to be a value-added contribution to contemporary good governance.

Michael Fenn serves on the OMERS AC board of directors, where he chairs the technology committee and is a member of the governance committee. He also serves on the board of Toronto Lands Corp. He is a management consultant specializing in the public sector and health care, and has served as an Ontario deputy minister under three premiers. He holds the chartered director designation from the Directors College.

Source: Director Journal (March/April 2017)

Want to read more?