Tips for Conducting Exec Pay Risk Assessment: Start Now

If they haven't already, companies, boards of directors and compensation committees ought to put a process in place for assessing the risk of their executive and employee compensation programs, partners in the law firm Winston & Strawn advise.

A pending Securities and Exchange Commission proposal would require all public companies to evaluate whether any of its compensation plans and practices include risk-taking incentives that may have a material effect on the company and to disclose the results of that evaluation and any steps taken to manage or mitigate those risk-taking incentives.

Companies would be wise to get started sooner rather than later.

"The SEC is expected to issues final rules this year, and it is a best practice, even if the SEC doesn't issue final rules this year," Michael Melbinger, chair of the firm's employee benefits and executive compensation practice tells Compliance Week.

Failure to conduct a risk-assessment process in the thorough and intensive manner required by the proposal could put a company at a disadvantage if and when the SEC rules are finalized, Melbinger and Partner Erik Lundgren note in a recent memo.

One of the first decisions companies must make is who should be involved in conducting the assessment and who should oversee it. To make that determination, Melbinger says companies must consider what their audit committee, compensation committee, and internal risk-management personnel have done in the past.

"All three of these parties should have some role, with audit committee having the smallest," he says. The senior risk manager or comp committee should oversee the process, and financial, human resources, outside counsel, and independent compensation consultants should also be involved.

The memo notes that, because every company of every size in every industry has a different risk profile, there can be no "one size fits all" program for conducting the required risk assessment.

Among the steps companies should take are:

1. Collecting and reviewing the company's existing polices and programs (including corporate governance guidelines and committee charters) on risk management.2. Organizing the team and the risk-assessment process: Selecting the involved parties, creating a timeline, including compliance dates, and a list of all executive and employee plans to be reviewed.3. Conducting the assessment: Identifying for the compensation committee the risks that could threaten the company's value or have a material impact on it, and identifying the features of the executive and employee compensation programs that could induce executives and employees to take those risks.4. Analyzing the results and deliberating how to manage any risks, and/or revising any compensation and incentive programs with material risks.5. Implementing changes to executive and employee compensation programs to manage incentives for risk taking (and eliminate inappropriate incentives).6. Recording the results in meeting minutes and reporting them in the proxy and/or Form 10-K, as required.7. During or at the conclusion of the assessment process, developing written policies and guiding principles for proposing, establishing, and monitoring compensation and incentive plans that can be applied company-wide in the future.

According to the memo, examples of compensation program features that could provide too much incentive for executives to take risk or otherwise manipulate financial results include:

• An annual (or long-term) bonus plan that provides for a payout equal to 100 percent of base salary if the company achieves a specified earnings per share target—and no payout if the company fails to achieve that target.

Since executives are already under pressure to achieve announced or expected EPS figures, Melbinger and Lundgren say an "all-or-nothing approach" exacerbates the problem. Instead, they say companies should consider bonus payouts at 90 percent of base salary for achieving EPS that's barely below the target and straight-line interpolation downward for other, lesser performance targets.

• Equity incentive compensation solely in the form of stock options. Since many options are underwater, executives need to hit a "grand slam home run" in terms of performance to see any return on their stock options.

Ideally, companies should provide part of their equity compensation in restricted stock or RSUs so executives receive some benefit for navigating through difficult times, the alert notes.

• An employee compensation program that provides cash incentive pay based on the number of transactions the employee makes, without a qualitative requirement (e.g., did the transactions create profit for the company and, if so, at what risk?).