How have boards evolved since SOX? Hear from the directors themselves

Aarthi Natarajan

Let’s take a time machine back to the boardrooms of 2002. Nearly half (47%) of board meetings clocked in at under two hours. Sarbanes-Oxley (SOX) wasn’t even an official act — up until July 30, at least. And audit committees didn’t yet tackle risks beyond the financial realm.

Today, by contrast, board meetings are often full- or multi-day affairs. And thanks in large part to SOX and other regulations, 35% of directors now feel that the scope and complexity of the audit committee’s work rivals that of the full board.

Boards have evolved to meet today's challenges. In 2013, 88% of directors told us they found their boards “adequately experienced and skilled.” This figure increased to a full 100% by 2023.

But as directors’ expertise and confidence have grown, so have the issues on their plates — from ESG to DEI to cyber, COVID-19 and more.

These evolutions in the business landscape have shaped what’s on board agendas and on directors' minds.

Here’s an example to illustrate: We asked directors in February 2023 about the areas of the business where they wanted the most insight. Two-thirds told us digital and tech strategy. Nearly one third (32%) said people and culture, and one quarter (25%) said HR strategy. What’s more, a lot of these changes have taken place over the last few years.

Read on for a deeper look at how board operations have changed over the past 20 years, from the perspective of boardrooms worldwide.

A global pandemic reshaped business as usual  

Deloitte asked 149 public companies how COVID-19 impacted their board’s overall processes and practices. Over half (55%) cited a moderate impact, and a similar percentage (56%) said that te changes they made to their processes and practices led to greater board efficiencies.  

As boards worked more productively, many of their priorities also shifted and evolved as well — often with a people-centric trend. For example, PwC’s 2022 Annual Corporate Directors survey polled directors about shareholder engagement. In 2017, roughly 4 in 10 (42%) of non-executive directors met with investors. In 2022, this figure had jumped to 6 in 10 (60%).

For many, trust has been the driver:

  • 71% of directors told PwC that direct stakeholder engagement would enhance stakeholder trust
  • 70% said that enhanced disclosure or reporting would positively impact this area
  • 64% said that increasing board diversity would increase trust

PwC also polled directors about executive compensation. What should companies expect from their leaders to keep strategy on track? Over half supported diversity and inclusion metrics (52%), metrics related to employee engagement (57%) and metrics related to succession planning (54%) — up from 39%, 54% and 43% respectively in 2020.

Over 90% of directors said they had discussed talent management, while 86% had spoken about board composition over the past 12 months. And for a smaller percentage of boards, other “S in ESG” topics have entered the conversation as well: 30%-39% reported talking about their company’s stance on social issues, human rights and corporate political activity.  

Cyber threats are growing with the digital landscape

Throughout the 2020s, cybersecurity has remained a top priority, with the continued proliferation of ecommerce, digital services and digital currencies, as well as the convergence of IT and operational technologies.

As digital transformation accelerates on all fronts, exposure to cyber risk increases. In fact, a full 90% of UK senior executives cited digital transformation as their organization’s biggest cyber challenge since 2020, according to PwC’s 2023 Digital Trust survey.

While over 90% of directors say they’ve discussed data security over the past 12 months, other statistics indicate a need to turn talk into action:

  • Just under two-thirds (64%) of UK CEOs are “extremely” or “very” concerned about how cyberattacks could affect their ability to sell products or services
  • A “catastrophic cyber attack” is the top risk scenario for nearly half (48%) of UK organizations
  • A quarter of UK CEOs rank cyber risk ahead of macroeconomic volatility, inflation, geopolitical conflict and climate change
  • These 1 out of 4 executives cite their businesses as “extremely” or “highly” exposed to cyber risk
  • Meanwhile, 64%-68% of senior UK executives have not fully mitigated the risks of cloud adoption, increased digitization of delivery mechanisms or increased digitization of their supply chain

How can today’s corporate directors bridge these gaps? According to the UK senior executives polled by PwC, cyber readiness for 2024 and beyond will require:

  • Stronger AI-powered data analytics for detecting threats, identifying risk, and guiding smart funding and business decisions
  • Stronger investment in a cyber-savvy workforce: With only 46% of business leaders planning to increase their human-led tech teams in the area of risk, according to PwC’s UK CEO survey, today’s companies have a long way to go.   
  • Stronger leadership throughout the organization — with the board, CEO and top executives guiding the way 

 boardroom transformation infographic

New best practices for a new era of governance

If one thing is clear from all this data, it's that boards have never been busier — and if they are to deflect these emerging risks on multiple fronts, they need the right information and insights.

Functional leaders can help boards cut through the noise with effective presentations that utilize dashboards, visualizations and other tools to highlight the most important details.

Learn more about how you can get "boardroom ready" with Diligent today.

Don’t Get Left Behind
Governance, risk, audit, compliance and ESG are ever evolving. Our newsletters keep you informed about trending topics impacting your organization.
Background image
Related Insights
Aarthi Natarajan
Aarthi Natarajan, Senior Manager at Diligent, has expertise in the governance space for both corporations and not-for-profit organizations. She has worked extensively with corporate and mission-driven organization governance technologies as well as in the changing needs of hybrid and remote workforces.