Currently, Standard & Poor’s (S&P) is scoring the management and governance of a company as part of S&P’s credit rating process. In an effort to strengthen the robustness of their evaluation process, S&P has published proposed scoring criteria for public comment and suggestions.  There are four factors that the proposed review of management and governance will examine: strategic positioning, risk management/financial management, organizational effectiveness, and governance. The first three factors can be scored positively, negatively, or neutral, while governance is scored as either neutral or negative. The overall goal of the scoring process is to score management and governance as one of four things – strong, satisfactory, fair, or weak.  This score contributes to the credit rating that an organization will receive from S&P.

Strategic Positioning Factors

Strategic Planning Process

The strategic planning sub-factor considers whether the organization has a specific and comprehensive strategic planning process which births a strong organizational plan.  This plan will include projections, specific goals, and clear paths to achieve these goals.  A broad, deep strategic plan with clear goals and plans will receive a positive score. A neutral score will be awarded to plans that are either shallow or unspecific. Plans to achieve goals are also unclear. Organizations with limited evidence to show a strategic plan will receive a negative score for this sub-factor.

Consistency of Strategy with Organizational Capabilities and Marketplace Conditions

Strategies and goals have to be fluid like the environments that surround them. A solid strategic plan ten years ago could be insufficient or overly specific in today’s economic environment.  Assumptions that are made within a strategic plan are compared with peer organizations and forecasters as part of the scoring process, as is a record of sticking to the plan for at least some period of time. The “fit” of cultures between an organization and the other entities it buys are also considered in this sub-factor. A company can receive a strong score if strategy is consistent with capabilities in a market, if it has a successful record of M&A, and if it is somewhat innovative. Organizations receive negative scores if they have outrageous goals or use M&A in a non-strategic or logical manner.

Ability to Track, Adjust, and Control Execution of Strategy

This is a forward-looking aspect of strategy. What S&P examines here is if an enterprise’s strategy can be converted into action that will lead to success for interest-holders. The process of implementation and how it is presented to employees is also considered.  A positively scored organization will have converted all of its strategic plans into actions, has a track record of meeting goals, and is overall successful when compared to peers. A negatively scored company will have many instances of strategic decisions staying on paper with no action associated with it and often not meeting financial goals. A neutral score is earned when S&P thinks that at least one of those aspects can only be considered being true “sometimes.”

Risk Management/Financial Management Factors

Comprehensiveness of Risk Management Standards and Tolerances

This sub-factor looks at the degree of aggressiveness or conservatism of risk management processes. Organizations with “deliberate, consistent, well-articulated, well-resourced, and integrated” risk management processes are more likely to be strong in the long run as opposed to companies that look to be opportunistic all the time.  A positive score is earned when management has instituted some sort of risk management process that effectively identifies, monitors, and selectively mitigates risk.  A neutrally scored organization has a set of standards for a risk management process, but is not really followed up on. If no standards or actions are taken in regards to risk management, a negative score is earned.

Standards for Operational Performance

These goals need to be distinctly different than strategic goals, but need to be aligned within them.  A strong score in this area will be earned through a rigorous and ambitious standard of operation that is still reasonable. If industry norms are followed, a neutral score is applicable. A negatively scored organization does not have the “wherewithal, discipline, or management commitment” to have decent operational standard.

Comprehensiveness of Financial Standards and Risk Tolerances

The balance between the risks an organization takes and the level of resilience they have to handle the consequences of risk events. This could be common ratios like a debt-service coverage ratio. This is one area where insurers are scored slightly different than other organizations because of the nature of their business. If management has a robust process of handling financial risks, they receive a strong score. If management has a basic set of standards and processes for financial risk, a neutral score is earned. A negative score is awarded when no defined financial standards or risk tolerance is articulated.

Risk Tolerances

For insurance companies, their risk tolerances are compared to the S&P standards to assess their aggressiveness or conservatism. S&P scores conservative companies strongly, while overly aggressive companies earn a negative score. Analytics such as risk tolerances for macroeconomic stress and catastrophic risks are considered beside leverage, debt service coverage, investment risk, liquidity, asset-liability mismatches, and use of hedging instruments are considered when making this determination.

Organizational Effectiveness

Management’s Expertise and Experience

Having experienced and smart management is an important aspect of a successful company. However, just having that experience is only one aspect, as having someone associated with numerous failures is just as risky as having someone that has never held the role they are currently in. Situations where management has considerable experience in successful organizations receive strong scores. Those that don’t or have checkered pasts are scored negative and neutral, respectively.

Management Depth and Breadth

If an organization only has a few key cogs in management it depends on, that can be a major risk for an entity. If this person leaves the organization, that can leave it in dire straits. If leadership and management drill deep into the organization, a company receives a strong score. If there were to be a temporarily decline in cash flow from a departure of a key manager from an organization, then a neutral score is given. If one manager leaving would be fatal to the company, a negative score is given.

Management’s Operational Effectiveness

A history of not responding to unusual events or surprises well could be very important to a creditor – therefore it is important to S&P. If a company has avoided significant cash flow deficiencies due to unusual events, then the organization will receive a strong score. If there are occasional affects to cash flow due to organizational surprises, then a neutral score is given. A negative score occurs when surprises happen often and affect cash flow most of the time.

Governance — As a reminder, in these subfactors, only a neutral or negative can be earned by any organization.

Board Independence from Management

Management isn’t appropriately evaluated if the board isn’t independent from management. If the board is able to maintain sufficient evidence to provide effective oversight of management and remains in control of the organization then a neutral score is earned. If this isn’t true, then a negative score is awarded.

Entrepreneurial or Controlling Ownership

Family-bound and overly entrepreneurial organizations can be a credit risk, as they tend to take more risks than other organizations. If the board isn’t independent from the risk management process or negatively influences it, then a negative score is given. Otherwise, a neutral score is earned.

Management Culture

If management of an organization isn’t sensitive to the wants and needs of shareholders and other-interest holders, then a negative score is given to that organization. However, if management routinely shows they have a vested interest in what interested parties have in their organization, then a neutral score is awarded.

Regulatory, Tax, or Legal Infractions

If a company or management has a history of regulatory, tax, or legal infractions that goes beyond one “isolated episode” that was outside of industry norms then they will receive a negative score for this sub-factor. Otherwise, a neutral score is given.

Communication of Messages

If a company sends a consistent message to interested parties, they receive a neutral score. If conflicting messages goes out, then a negative score has been earned, as this poses a risk to the well-being of the organization.

Internal Controls

This sub-factor goes hand-in-hand with SOX 404a and 404b. If the internal controls of an organization are considered to not have any material deficiencies which cause restatements and/or delays in reporting, then the entity receives a strong score. If material weaknesses are present within the internal controls of an organization, then a negative score is given to the company by S&P.

Financial Reporting and Transparency

If accounting choices consistently reflect the true economic state of an organization, then a neutral score is given. However, if an entity tries to hide its economic state in its financial statements, then a negative score is awarded.

Link: Standard & Poor’s

Subscribe to ERM Insights

The latest research, insights and opportunities from the NC State ERM Initiative to help
you and your organization lead with confidence.

ERM Enterprise Risk Management Initiative 2012-05-01