The Collapse of FTX and What It Means for Governance & Blockchain – A Primer for Directors

Comment

The Collapse of FTX and What It Means for Governance & Blockchain – A Primer for Directors

Any director reading about the collapse of FTX can see the failings of basic governance.  From a lack of accountability between management and an independent board, conflicts of interest and a lack of arm’s length transactions by the CEO, let alone rudimentary governance principles of following the bylaws, keeping minutes, proper election of directors and appointments of a CEO to related entities, the list of failures goes on. 
 
In the unregulated, burgeoning financial industry of cryptocurrency, it would certainly seem prudent to have had some of these basic governance principles established, but like in the case of Theranos,  high profile people simply looked the other way.  Is this merely because of yet another young, charismatic, CEO who everyone just wanted to believe, including celebrities who offered their endorsement in high priced television ads or is there something more to this?  Will the unverified belief in unicorns continue or will this begin to be the end of exuberant blindness of obvious flaws in a CEO and a business model?  Could it impact the development of blockchain as a technology? 
 
After writing my book Blockchain in the Boardroom in 2018, I cautioned about the importance of governance principles in blockchain initiatives.  Much like the internet needed global governance in the early days to become what it is today, Blockchain and cryptocurrencies need the same thing.  While many call for government regulation, a good starting point would be back to governance basics. 
 
Many in the blockchain industry have expressed concerns that the FTX collapse is already having negative ramifications to blockchain projects and opportunities, which would be unfortunate because blockchain didn’t really have anything to do with the FTX collapse.  Many companies have been developing blockchain initiatives for the last five to ten years often exploring solutions in supply chain, insurance, and other financial transactions beyond just cryptocurrency.  Here’s what you need to know about cryptocurrency, blockchain and the FTX collapse in the boardroom:

FTX was an exchange to buy and sell cryptocurrency.  It was essentially operating like a bank, but not regulated like one.  Blockchain technology has nothing to do with the collapse – it was good old fashioned lack of transparency, oversight and likely fraud.  Don’t conflate blockchain with FTX’s collapse.  Do recognize the importance of good governance in any company.  

Blockchain is a new type of database that has been the foundation for most cryptocurrencies, but not all blockchains are cryptocurrencies.

Most blockchains include some type of smart contract technology that allows for greater efficiencies. 

Blockchain is more efficient because it:

  • Saves time on the transaction because it is authenticated the moment it is entered into the blockchain or database.

  • Removes costs because fewer middlemen are needed to “clear” or authenticate data sets or take steps in the process of entering it in the database and processing it.   

  • Reduces risk from tampering, cybersecurity or fraud by decentralizing the way it is stored (keep in mind FTX was an exchange, it was not itself a blockchain).

  • Increases trust through shared record keeping.

A transaction on a blockchain ledger could represent anything:

  • A credit account that allows you to buy things off of it and replenish that credit.

  •  A piece of property you might sell.

  • Digital rights to a song, photograph, video, etc. that you want to monetize.

  • Access to a secure box that has a piece of jewelry you want to sell.

  • An insurance policy.

  • Information about your health.

  • Or your very identity as a whole – everything about you and the ability to transact whatever business you need in a secure manner.

  • This is what has the potential – it could be used to track anything of value that has an individual owner. 

  • Every time you hear the word blockchain, add the word database or think of an old school ledger and it will all start to make a lot more sense. 

Blockchain does not yet have standards and oversight through governance.  It will need standards and consistency for companies to leverage it.  But, those very standards can also open the door to the same problems we have today.

For blockchain to succeed, governance is essential because governance creates the rule framework by which all of the participants agree how it will operate. 

Blockchain is not a relational or connected database.  It’s maintained separately and connected by many computers – not unlike our current internet infrastructure. 

An important indicator that directors and executives need to understand the impact of this on their business now is that there are thousands of patents publicly posted in the USPTO related to blockchain technology.  The company that figures this out and protects it properly will have a clear competitive edge.  Those that wait may find themselves boxed out or paying hefty licensing fees to use the new blockchain technology. 

In the latter half of the 20th century,  centralization became the key to databases amassing enormous power and potential and creating enormous economies of scale.  In the decades ahead, we will likely see decentralization (a core component of blockchain)  as the emergent form of connectivity to address the problems that have emerged in cybersecurity.  We made a lot of really big targets.  Now we have to unravel that. 

If there's one key takeaway, know that governance will become increasingly important as new technologies like blockchain and cryptocurrency disrupt old rules of business.

If you would like more information or are interested in education sessions on blockchain technology,  disruption, cybersecurity, the future of work or other technology related topics in governance, a strategic and facilitated discussion or a 360 review, contact me at jwolfe@consultwolfe.com or 513.238.4348.


Comment

Is Your Board Ready for Cybersecurity in 2023?

Is Your Board Ready for Cybersecurity in 2023?

As we change the way people work and live using technology in hybrid work environments, new vulnerability points are continuously formed.  Our infrastructure to daily life is more reliant on internet connections, data clouds and wireless nodes, creating opportunities for hackers to target central services like transportation, financial services, and health care. Add to this continued uncertainty about artificial intelligence, blockchain governance, cryptocurrency regulation, scarcity of privacy across platforms and smart-everything there are more points of technology disruption and cybersecurity threats than even just three years ago before the pandemic upended everything.   

Most directors do not have a technology background.   That’s okay.  In fact, it may be a good thing so long as you are informed enough to ask the right questions and strong enough to hold your security team accountable. And, not surprisingly, more boards are looking to beef up credibility of their directors' knowledge of cybersecurity through continued education.  

All this comes at a challenging time for boards, under more pressure to do more with fewer resources.  According to an annual survey by the National Association of Corporate Directors, funding other initiatives more directly tied to growth may supersede cybersecurity, particularly in difficult economic times like the one we are experiencing.    This means boards have difficult decisions when approving budgets and creating incentives for the executive team.  The key issues for board members to consider when allocating budgets and resources to cybersecurity readiness:

  1.  Understand your exposure points.

  2. Understand why someone might attack you.

  3. Get outside perspective, not just internal sources of information.

  4. Learn what questions to ask.

As part of your annual risk assessment,  develop an annual risk appetite and cost-benefit analysis to cyber security so that you make informed decisions when allocating precious resources during challenging times.   Below are a few of the emerging trends in cybersecurity and questions to be asking your executive team.  These are simplified questions to complex issues, but serve as a starting point for understanding your exposure points.  

Privacy Compliance

  • How will our customers react if we compromise their “private” information?  What is our plan to protect our customers' information?

  • What is that worth in cyber security spending?

  • What privacy laws will impact us in the future and how are we preparing to comply with changing privacy standards around the globe??

  • Are we taking the highest standards and working toward that or working toward a lower standard and if so, why?

Open-source Compliance

  • What is our open-source compliance policy?

  • What about the policy of our critical vendors who supply us with code and development?

  • What outside help do we use?

  • What tools do we use?

  • Are devices timely updated?

  • How do we patch and track open-source code?  For that matter, how are you patching all code? 

Readiness for Artificial Intelligence

  • How are we using AI versus just data analysis?

  • What unintended consequences could occur from assumptions made by AI?

  • What is our viewpoint on the corporate responsibility for bias in AI?

Ransomware Preparedness

  • What happens if we are hit with a ransomware attack?

  • What is our viewpoint on paying out money to regain access to our systems?

  • Do we need to have bitcoin or some cryptocurrency on hand if it is needed?  If so, how much?

  • Is there a threshold where we pay out to get our business back on track or keep it out of the press?

  • Does that create a slippery slope and make us a future target?

  • How do we interact with law enforcement?

Malware, phishing, Inside Jobs

  • What is our plan if we are hit with malware?  What steps are taken to slow and stop the spread?

  • Where do we buy our IT support?  Network Infrastructure components?  Are we at risk if a state actor can take control of our systems?

  • How do we ensure that the people working for us are not disgruntled (particularly those in our IT infrastructure functions)?

  • How do we continually train about phishing and monitor to stop phishing?

  • How do we as a board watch for spear phishing on our personal devices?

Crisis Communication Preparedness

  • What is our plan if something catastrophic occurs?

  • How do we convene and what is our approach?  Apologies may not be sufficient, what responsibility do we have to customers, employees?

  • What will we provide to the media?

Internet of Things Lock Down

  • If something happens and our systems are compromised, how do we quickly lock down all devices and vulnerability points?

  • What if that doesn’t happen, how do we get back online?

  • How do we communicate this to the public?

Personal Devices

  • Should board members be issued personal devices and emails used only for board purposes?

  • How do you ensure your personal device is not the target of spear phishing?

Audit, check and check again – trust but verify

  • How do we trust, but verify what we are being told?

  • Do we have the right team in place?

  • Are we at a high enough risk, that we should consider a  third-party audit of our security initiatives?

  • Should we have a technical advisory panel for the board to regularly assist us on cybersecurity initiatives?

 
These are just a few of the questions to be considering when cybersecurity is on the agenda.  Cybersecurity attacks continue, even if you don't hear about it in the media.  It's the quiet ones you don't know about that should be of greater concern.   It's never a check the box and you're done project, it's a constantly evolving threat to every organization, large and small and will only continue as our use of technology accelerates. 

If you would like more information or are interested in education sessions on technology disruption, cybersecurity, the future of work or other technology related topics in governance, a strategic and facilitated discussion or a 360 review, contact me at jwolfe@consultwolfe.com or 513.238.4348.

Quiet Quitting Is Not Just a Millennial and Gen Z Problem

Quiet Quitting Is Not Just a Millennial and Gen Z Problem

In the post-pandemic environment, are some board members “phoning it in”?

The term quiet quitting has been coined by culture experts to define what we as Gen Xers and Baby Boomers used to call “phoning it in.”  Meaning, someone who wasn’t quite putting in the full effort or showing up in person unless absolutely required to keep their job.  This new phenomenon not surprisingly comes on the heels of a two-year work-from-home forced experiment in corporate and professional America. 

As many companies face serious backlash from efforts to get employees back in the office even just a few days a week, some are caving to the pressure, while others are pushing for a return to some type of normal productivity in the office.  It’s not surprising that these younger generations, used to connecting via devices and networks and platforms found the convenience of no commute and working in leisurewear attractive. 

It's easy for we Gen Xers and Baby Boomers to tout the importance of working hard, being in the office, face time and networking as the secrets to getting ahead despite personal sacrifices because that’s what we had to do and what we know worked.  But it may not necessarily be true for this next generation and that’s what is causing a lot of disruption to the discussion about the future of work and new models of incentives, compensation, work-life balance and benefits that no longer fit the old school mode. 

I could spend hours writing about and discussing this topic.  But, what I find equally interesting and worth noting is the “quiet quitting’ that may be occurring in the boardroom.  The average age of a corporate director is 62 with many serving into their 70s.  Some directors are still in a full-time operating role, but most are retired from their prior c-suite operating roles and now functioning as a director of one or more boards and developing a portfolio of work for multiple companies.  In the last couple of years, most boards functioned primarily over zoom or other platforms and did not have in-person meetings.  This derailed the momentum and rhythm for many directors in their travel schedule and management of their portfolio of work.  It allowed them to experience semi-retirement as they retreated to second homes in resort-like locations. 

While some have joyously embraced the return to the hustle and bustle of travel and in-person interactions, others have quietly begun to say, they are re-evaluating their priorities and what’s really worth it for them.  Commercial air travel has become increasingly less convenient and more difficult changing the experience of the director.  The TSA pre-check line is often longer than the regular security line.  American Airlines announced it is discontinuing first class service on some flights, and Delta now limits the amount of time you can spend in their lounge. This is all occurring while airports dramatically cut flights from their schedule, delays and cancellations become more frequent and the non-business traveler becomes more and more brazen and rude.  Even if some companies can budget for private travel, increasing scrutiny on carbon footprints may make that a non-starter to fly directors all over the country multiple times a year from multiple locations.  The reality of business travel in the future is that it may not be as attractive or quite frankly, as fun, as it had been. 

At the same time, the requirements of directors have increased dramatically including understanding more and more complex topics such as cybersecurity, technology and disruption, as well as a cultural shifts in what is valued by employees alongside increasing regulatory and liability pressures.  This means directors may find the amount of time required to be prepared more demanding than in prior years. 

It’s not surprising that as a massive paradigm shift is occurring in the rank and file employees that some paradigm shift would occur in the boardroom at the same time. 

Board refreshment has been increasingly top of mind awareness to seek out skills that are needed in areas such as cybersecurity, technology, and human resources, as well as to meet increasing demands for diversity, but now may be a more important time than ever to really ask directors if they are committed to the needs of the organization and the role of the board.  It’s important to remember, the role of the board is oversight of the leadership team and to protect the interest of shareholders and other stakeholders.  It requires continuous education, continuous questioning of the status quo, and diligent preparation for robust conversations.

If you are the chair of your nominating and governance committee, consider these questions and steps:

·       Have you conducted a thorough 360 review now that things are somewhat returning to “normal” to evaluate if board members remain committed to the work that is needed in the future and not the past?

o   Do you have a current skills gap analysis of your board?

o   Have you considered mandatory retirement or term limits?

·       Are there some directors who continuously have trouble with either effectively participating remotely or traveling to attend meetings?

·       Are you surveying members to determine what may work best for in-person meetings in terms of both location, travel logistics and timing?

·       Have you considered planning a board retreat or offsite to strategically discuss how your board will work into the future and how “quiet quitting” may be impacting your organization from top to bottom?

·       Is your CEO and leadership team getting what they need from the whole board or just a few members?

·       Are you concerned about some directors being over-boarded or over-committed in an increasingly complex environment?

If you would like help in evaluating these issues, conducting a 360 review or planning an off-site retreat, please contact me at jwolfe@consultwolfe.com or 513.238.4348.  If you’d like a free guide to planning an effective board retreat, I’d be happy to send one to you.   I am also available for education sessions either in-person or remotely to meet your scheduling needs. 

It's Time for a Board Retreat

It's Time for a Board Retreat

It’s been more than two years since our lives were fully disrupted, without notice. We adapted and persevered, but now we are trying navigate how we bridge the gap from fully virtual to back in person. It’s time for a board retreat to reconnect, build trust and relationships and robustly discuss important issues to navigate the uncertainty that lies ahead.

ESG in  2021:  How To Understand Your Stakeholders

ESG in 2021: How To Understand Your Stakeholders

Stakeholder governance principles, often referred to as ESG, have been on the rise over the last few years While some have politicized this concept, it’s really a natural evolution of the role of the board to consider the impact of decisions it makes on all stakeholders. This is not new. And, most successful CEOs and business leaders would agree that understanding and engaging with your stakeholders is simply good business practice.

New Year’s Resolution:    “Be Curious, Not Judgmental”

New Year’s Resolution: “Be Curious, Not Judgmental”

In the last year we have all been forced to rethink everything about our personal and professional lives. In the boardroom that was no different. As you reflect on 2020 and begin to look ahead, I encourage board members to embrace a philosophy of curiosity to question and consider new possibilities. In the words of Walt Whitman: “Be curious, not judgmental.”

Do You Have the Right People in the Boardroom?

Do You Have the Right People in the Boardroom?

An article in Forbes early into 2020 (pre-pandemic) highlighted that “corporate governance is going to have to change.”  It cited the Blue-Ribbon Commission report from the National Association of Corporate Directors (“Fit for the Future:  An Urgent Imperative for Board Leadership”), the 2019 Spencer Stuart Board Index and a New York City Comptroller’s Boardroom Accountability Project report.  All shared a common thread of calling for board refreshment to meet looming business challenges and that traditional views on board qualifications may need to be re-considered. 

In a 2016 Stanford Director’s College study, the average director believed at least one director should be removed from their board as ineffective, more than a quarter believed directors do not give each other effective feedback, and half believed that their board does not allow expression of honest opinions with only a few dominating discussion and decision making.  Coupled with the most recent annual NACD survey that shows only 56% of directors believe that the information they receive from management is sufficient to support informed decision making and oversight, it is clear that the time for change in the boardroom is now.    The same study shows that boards are largely hearing primarily from their CEO, CFO or General Counsel versus subject matter experts in areas of information security, human resources, stakeholder concerns, technology, risk and strategy. Additionally, Delaware courts, which set the standard for corporate law,  continue to shift their opinions on director risk oversight liability, which means directors could be exposed to more liability for non-financial risks from which they were previously sheltered. 

Back in 2015, the NACD annual survey reported the top priorities of board members: 

  • Strategic planning and oversight

  • Corporate performance and valuation

  • Corporate growth/restructure

  • CEO succession

  • Executive talent management and leadership development

Notice that these are primarily company-centric, growth oriented priorities priorities.   But, by the end of 2019, directors were most concerned about:

  • Growing business model disruptions

  • Slowing global economy

  • Increased competition for talent

  • Changing cybersecurity threats

  • Accelerating speed of advances in technology

Notice these are external risk-based factors versus company focused growth. Consider for a moment how drastically the top issues changed in just a four-year span, let alone what has happened this year.  After the 2020 coronavirus pandemic and social unrest;  health pandemics, new work environments, workplace culture, stakeholder values  and uncertainty will be added to the list of top concerns by directors.  The traditional five-year strategic plan on which boards typically rely for decision making is now obsolete when things change much faster than years ago. 

Equally important is who you have in the room.  The average age of a corporate board member is 63.1.  Of directors added, 37% are current CEOs of another company – that’s more than one-third of board members out there currently serving as a CEO of their own company.  A majority of new directors were previously a CEO or CFO, making top leadership and financial expertise still the most sought-after resume.  This is understandable when you consider the history of boards and that the biggest reforms of the last twenty years dealt specifically with financial transparency and accounting.

But this is changing and the need of the board to understand disruptive business models, new technologies, a changing society and workforce along with cybersecurity means that same pattern of recruitment will not work anymore.   In 2019, only 2% of new board members had expertise in cybersecurity, 2% were entrepreneurial and 3% were human capital or talent development experts.  These are the three areas noted as top areas of concern for all boards as having the biggest impact on the boardroom of the future and yet only 7% of board seats were filled with these skill sets. 

This is completely out of synch with the changing needs and demands of the boardroom.    If everyone in the room has essentially the same resume, that doesn’t really make sense, does it?  If one-third of board members are also still a current CEO of a similarly sized company, can the board dedicate the time and attention needed to understand stakeholder needs and new risks? You wouldn’t build out your senior management team with all the same skill set.  You would want different skills to address different matters.  It begs the question, does the board need to reflect the subject expertise of the c-suite?    For example, security, technology, and human resources may be needed to help create the culture of the future. And, how much time will be necessary for directors to dedicate to their role in the future?

If you want to read more and learn how to add diversity of thought to your boardroom, check out my latest book: Disruption in the Boardroom. If you like the book, I always appreciate positive reviews! Let me know what you think: email me at JWolfe@consultwolfe.com.

Disruption in the Boardroom

Disruption in the Boardroom

No boardroom in any industry is safe from new market threats in this time of rapid technological growth and workplace disruption. We’ve all heard the stories of corruption by CEOs at WeWork and Theranos and witnessed whistleblowers revealing crises at Wells Fargo and Uber. The board’s responsibility in this time shifts from protecting not just shareholders, but all stakeholders. Disruption in the Boardroom delves into the details of modern corporations and how governance and oversight can lead us into an evolving digital future.

Remote Work Is on Trend to Be Permanent

Remote Work Is on Trend to Be Permanent

I recently spoke with the CEO of a technology company and when asked how he and his team were doing he said they had never been more productive. . . This has many implications in the boardroom.

First, the organization will change forever. This forced experiment should be analyzed carefully for the potential longer-term impact on the organization. If a large part of the work force is not only more productive, but happier working remotely, can it change the economics? Consider some of the key questions. ..

Is Your Privacy Alarm Ringing Yet?

Is Your Privacy Alarm Ringing Yet?

Pay Close Attention to What’s Happening on the Path Back To “Normal”

We are all carefully watching our government leaders decide when to re-open non-essential businesses and build a path back to some sense of “normal life.” But some of the transition solutions being tossed around should be sounding your privacy alarm. I am, in all transparency, a privacy nut, particularly in the digital transformation era.

The Covid-19 Outbreak took Leaders by Surprise

The Covid-19 Outbreak took Leaders by Surprise

In times of extreme disruption, we need leaders in the boardroom to offer sage advice and provide guidance to senior executives, customers and the workforce on what to expect and how to react responsibly.

The Roaring Twenty-Twenties Have Begun

The Roaring Twenty-Twenties Have Begun

One -hundred years ago the good times were starting to roll. Women finally were granted the right to vote and with the rise of urban areas, clerical jobs gave women economic freedom from a life destined to be handed off from father to husband. Technological booms such as the assembly line meant people could now purchase modern day appliances like automobiles, new refrigerators, and radios to connect to the world beyond. The economy was booming and everyone across economic classes saw their lives improve, until it fell apart in 1929. Today, we are poised for a decade of setting the stage for what will come. Not unlike 1920, many of the technologies being developed will require significant infrastructure and capital investment to bring to life the true potential benefits for humanity. Here are the trends I am watching . . .

Will the Streaming Wars Break the Internet?

Will the Streaming Wars Break the Internet?

In the last few weeks, widely anticipated new streaming services like Apple Plus and Disney Plus launched joining the established players Netflix, Hulu, Amazon Prime, HBO and others. But, will all this streaming across devices slow down the internet? If we can’t get our shows when we want them, who do we blame: Apple, Disney, Verizon, ATT, Spectrum, or is it our neighbors?

The Long Last Mile Ahead for Emerging Technologies

The Long Last Mile Ahead for Emerging Technologies

Artificial intelligence, the internet of things, robots, driverless cars, drones, 5 G, smart homes and smart offices are all some of the things people think are about to change our lives for the better. Everywhere you turn there are optimistic articles and Ted Talks of how these technologies will fully transform our world just short of the Jetsons and solve global problems like poverty. Industries ranging from food production, health care, transportation, travel, retail to consumer products could be disrupted, most believe for the better. But there is a “long last mile” ahead to get to where the technology can integrate into how we actually live.

How Target Battled Amazon & Survived

How Target Battled Amazon & Survived

This article serves as a great reminder that close to twenty years ago retailers, caught off guard with the societal shift to online purchasing, partnered with Amazon to provide their e-commerce solutions as a quick fix entry into the new marketplace. In an age of disruption, be willing to look to past shifts for guidance. Most of what is happening today has happened before in another form, you just must look for it. The Target story is a good one to understand when it’s time to invest in your own systems and technology versus leaning on someone else’s.

Disruption Trends to Watch in the Boardroom This Fall & Into 2020

Disruption Trends to Watch in the Boardroom This Fall & Into 2020

As summer comes to an end, we all turn our attention to achieving end of year goals and planning for 2020.  As I work with boards in managing disruption, I look for not just the new technologies that will disrupt industries, but unusual intersections or unexpected consequences of disruption.  I’ve outlined here just a couple of the trends I am watching and what is evolving as new trends in board room oversight of disruption. 

  • Speed will intersect internet decentralization

  • Oversight will become increasingly important and privacy will become an industry

  • Virtual environments and space transform experiences

  • AI, IOT and Voice Tech change everything

The Summer of Tech Trust Busting

The Summer of Tech Trust Busting

In the last couple of weeks there have been a series of articles and commentary about trust busting big tech companies like Google, Facebook and Amazon. Will government agencies and/or legislators really doing something or is it just rhetoric? What impact would it have on consumers and businesses? The topic of big tech trust busting has been surprisingly bi-partisan, particularly in such a divided political era.

Disruption is the New Normal

Disruption is the New Normal

In the last five years, business models that have been around for generations have suddenly found themselves disrupted in new and surprising ways.  Most board members and senior executives come to work with a certain set of assumptions about the world, the economy, the environment and their work force.  Those assumptions are often built on decades of experience.   But what if those assumptions are wrong or simply outdated?