How do boards get a better handle on risk? Triggered in part by the Wells Fargo fiasco, which featured incentivizing sales goals that lead to fraudulent employee behavior, there has been in the governance literature a reexamination of enterprise risk management.

A couple of themes have developed. The first is that boards need to do more, which means requiring more detailed reports from management and greater involvement.

A second theme is establishing more aggressive claw-back clauses, which typically have economically penalized senior management if there are financial statement revisions based upon misconduct, or indeed based upon any reason; these agreements can be written to also penalize breaches of executive risk judgment as evidenced by economic performance in the future.

Discussion also has centered around establishing a well-managed, conservative and risk adverse “tone at the top,” a seemingly vague term which encompasses elements of conservative management and centralized control. One outgrowth of this latter focus, as noted in the always informative Ernst & Young “Board Matters Quarterly” (April 2017) is that ERM, traditionally the bailiwick of the audit committee or of a separate risk management committee, now in some companies is in part becoming the responsibility of the Nominating and Governance Committee, at least as to dictating the design and structure of the company’s ERM function.

Finally, recent literature suggests that, contrary to expectation, the presence of independent directors does not militate against fraud and high risk activity. Seemingly, independent directors are not only unsuccessful in a preventative role but, in some instances, have been participant in corporate fraud. Independence does not seem to be, necessarily, a guarantee of perspicacity, diligence or non-corruptibility.