Cloud Transformation: What Boards Will Want to Know

Some 85 percent of US CEOs say that they are increasing investment in digital transformation for 2021, and for many companies, cloud computing is a key component of digital transformation. Indeed, nearly one-third of board members surveyed for a just-released PwC report confirmed that cloud computing is central to business strategy and critical to revenue growth.

Digital and cloud technologies are what it takes to compete in the market today. A strong business strategy, for many companies, will require a clear cloud strategy. An engaged board will want to ask the right questions about aligning those strategies. The four questions below can help guide the board’s discussions with management:

1. How will cloud computing enable our business strategy?

Input from the board is perhaps most needed when considering how cloud capabilities will support your business strategy.  

A cloud transformation provides a generational opportunity to achieve a higher level of digital fitness. That will require robust discussions with management about the cloud strategy and overall investment.

The strategy should focus on enabling and improving those underlying capabilities that differentiate a company and can create enduring value. The PwC US Cloud Business Survey revealed that the top business outcomes from a cloud transformation desired by board and management respondents are improved decision-making with data analytics, stronger resiliency and agility, innovation of products and services, and better customer experiences.

Boards will want to know how their companies are using cloud to deliver on their short- and long-term business strategies. They will want to make time on their agendas to monitor their organizations’ cloud transformations, if significant, and get periodic updates from management, including progress toward key milestones. 

2. What is the cost of using cloud, and how will our financial model be impacted going forward?

Use of cloud reduces or removes the need for companies to buy, own, and maintain physical information technology (IT) infrastructure, which can provide cost savings. For companies with cloud-compatible applications, cloud providers offer services on a pay-as-you-go pricing model, which adds agility and scales up and down automatically to meet businesses’ needs. 

Moving to cloud means shifting technology spending from capital expenditure to operating expenditure. But it often begins with a capital expenditure that covers the costs of application modernization, if needed, including legacy app replacement to work with this new technology. The outlay for these items varies depending on a range of factors that may include how many legacy applications you use and the complexity of your IT environment. That said, companies too often simply migrate applications to cloud (that is, “lift and shift”) instead of taking the opportunity to first modernize their apps to support greater value creation.  

Boards should understand management’s strategy to modernize certain applications and the expected return on investment, when the initial investment will break even, and whether there might be additional savings in future years.

3. How do we manage data security and privacy risks using cloud?

Similar to the adoption of other novel technologies, cloud creates new opportunities but also brings new risks. The risk boards and others most frequently think about is data security and privacy. While cloud-native applications will likely make a business more secure than if those services were performed on the premises, companies still need to have effective controls and processes in place to address data security. 

Even so, our data shows that security, risk, and compliance are considered in the planning phase of cloud transformation only 17 percent of the time. For companies beginning to confront cloud transformation, involving experts on security, risk, and compliance early in the process can avoid greater risks and larger expenditures later, and boards will want to ask about their involvement.

4. What are the tech talent and upskilling implications of moving to cloud?

Boards will want to understand the strategy for ensuring that their businesses have sufficient talent to support cloud transformation and ongoing operations. The good news is that the survey revealed this issue is top of mind for management, with 57 percent of chief information officers reporting that they have upskilling programs in place to help develop the requisite skills.

There are two talent-related implications of moving to cloud. The first relates to the underlying talent in an organization and whether it is skilled and equipped to handle the new technology and business processes. Some questions directors might want to ask include:

What new skills are needed?
Will the company upskill existing talent or recruit outside talent—or both?
How does the increasing number of cloud applications change how the traditional IT function operates?

The second, and more significant, personnel-related implication relates to the expectation that companies will operate leaner in the future. Shareholders and other constituents will require growth without an increased workforce capacity, which will place even greater pressure on cloud-related investments to deliver a return. 

Boards will want to make sure they understand the talent strategy around cloud. 

Digital transformation via cloud can bring value to a company. A board that makes sure there is a focused strategy with defined value metrics and management of key risks, including talent needs, can help ensure success. Just remember: The cloud journey is never complete. It is not a destination, but a new way of doing business. 

Maria C. Moats is a partner with PwC and the leader of PwC’s Governance Insights Center. Jenny Koehler is a partner and PwC’s cloud and digital leader.

NACD: Tools and resources to help guide you in unpredictable times.

Become a member today.

For SPACs, an Ounce of Liability Prevention Is Worth a Pound of Cure

Special purpose acquisition companies (SPACs) have only continued to proliferate in 2021. Since last year, over 300 new SPACs have raised more than $100 billion, and SPACs now account for more than 70 percent of initial public offering (IPO) funding.

The continued SPAC boom has drawn attention from investors, US Securities and Exchange Commission (SEC) regulators, and lawmakers alike, and a recent string of SEC advisory opinions foreshadows a stricter SPAC enforcement regime. Moreover, statements by SEC chair Gary Gensler indicate that the agency is prepared to devote significant resources to addressing SPAC-related issues. 

In light of the SEC’s recent crackdown, as well as congressional attention and the inevitable increase in securities lawsuits and SEC investigations to come, it is crucial that SPACs, their boards, their sponsors, and target companies implement safeguards to protect against securities litigation and SEC enforcement actions. 

Recent Regulation and Litigation

Since late 2020, the SEC has issued a number of statements indicating the agency’s intent to tighten SPAC regulations, potentially altering the ways SPACs operate.

In December 2020, the SEC issued disclosure guidelines on potential conflicts of interest among SPAC sponsors, directors, and public shareholders. In April, the SEC made statements on the adequacy of financial reporting and even suggested that the Private Securities Litigation Reform Act’s safe harbor—which applies to SPACs but not IPOs—does not protect against false or misleading statements made with actual knowledge of their false or misleading nature or when the statements are not forward-looking but rather about current valuation or operations. In this most recent guidance, the SEC asserted that SPACs should face stricter financial reporting and disclosure requirements, asking registrants and their independent auditors to evaluate and correct any material misstatements in their financial disclosures. Since then, numerous SPACs have filed Form 8-Ks indicating their intent to refile their financial statements.

The concerns expressed in the SEC’s advisory opinions generally track with the concerns outlined by private litigants and SEC enforcement actions. Historically, securities litigation and SEC actions against SPACs have focused on false and misleading forward-looking financial projections; conflicts of interest among SPAC sponsors, directors, officers, and public shareholders; inadequate financial disclosures; and inadequate due diligence of the target company. Take the class action lawsuit against the SPAC Immunovant and a similar case, Jensen v. GigCapital3, Inc. et al, as examples.

Best Preventative Practices

SPAC boards, sponsors, and target companies should implement the following practices and procedures to reduce the risk of litigation and avoid SEC scrutiny. 

1. SPACs should consider retaining an independent financial advisor to provide a fairness opinion on the proposed merger. Fairness opinions, though not required by law, are a feature of most corporate transactions, and they provide value to both management and boards in mitigating litigation risk and as evidence of proper due diligence. They also provide value to shareholders as an indication of the quality of the proposed transaction. Fairness opinions are less common in SPACs, however, except when the target company has some affiliation with the sponsor. Nonetheless, with SPAC litigation on the rise, a diligently prepared fairness opinion may offer value to a SPAC’s board, which may then rely on it to demonstrate that the board complied with its duty of care.

2. Use of a reputable accounting firm is critical in conducting due diligence on the target company. Indeed, even if a SPAC sponsor is unaware of false statements made by the target company, the sponsor may still be required in litigation to demonstrate that it conducted its own due diligence. A reputable accounting firm may also provide value by addressing concerns from both the market and regulators on target companies’ accounting integrity and governance weaknesses. There is a growing perception, fueled by short sellers and press reports on SEC investigations, that some fledgling companies may be abusing the SPAC process. The accounting firm can help the target company test its internal accounting controls—including payment processes, delegation of authority, and separation of duties—to ensure that transactions are recorded accurately and conform to management authorization, which are key considerations in SEC enforcement investigations. 

3. Operating companies and SPACs should use extreme care when making and relying on financial earnings projections. Sponsors should engage in a documented, critical review and ensure that such projections are based on reasonable grounds and not unsupported opinions. Sponsors should also consider hiring outside financial advisors to determine whether such projections are sound. Finally, while the SEC’s recent guidance challenges the applicability of the Private Securities Litigation Reform Act’s safe harbor for forward-looking statements and projections, these statements and projections should always be accompanied by meaningful cautionary language.

4. SPACs should consider including waivers of liability in shareholder support agreements to avoid future liability relating to de-SPAC mergers. After a de-SPAC merger is signed, target companies often wait to enter into their first shareholder agreement until the registration or proxy statement becomes effective. In response, a SPAC should require officers, directors, and shareholders to enter into a shareholder support agreement, whereby the signatories pledge to vote their shares in favor of the transaction. By including a release or waiver of liability, SPACs can significantly reduce any liability arising from the de-SPAC merger should anything go awry.

5. SPACs should identify any potential conflicts among SPAC sponsors, directors, officers, and shareholders. While directors and officers are generally protected from liability by the business judgment rule, the rule might not apply if the directors and officers had a conflict of interest in coming to their decision. Thus, should any conflicts exist, it is in the sponsors’ best interest to promptly and honestly disclose such conflicts to shareholders. Also, SPACs should always maintain directors and officers insurance to protect high-level sponsors should any issues arise.

6. As part of any de-SPAC transaction, SPACs should conduct a robust global compliance gap assessment. Target companies will now be subject to SEC jurisdiction, including the Securities Exchange Act Section 13(b)’s internal accounting controls and books and records provisions, the Sarbanes-Oxley Act, and the Dodd-Frank Act. While a company going public through a de-SPAC may already have sufficient compliance policies and procedures in place in many areas, certain other areas might be new to the company, such as procedures around insider trading, anonymous whistleblowing, and audit committee oversight of the compliance function.

SEC enforcement staff will certainly make requests relating to a company’s compliance procedures part of any investigation. It is, therefore, critical for companies to make sure that their compliance is in order on day one, or as soon as practicably possible. While failure to maintain adequate policies and procedures may not always result in liability, their absence is more likely to cause the SEC to further scrutinize the company’s underlying business practices and culture. As the old saying goes, an ounce of prevention is worth a pound of cure.

By implementing these safeguards, SPACs, their boards, and their sponsors are less likely to become the target of an SEC investigation or securities lawsuits.

Perrie M. Weiner is the partner in charge of Baker McKenzie’s Los Angeles office. He is also chair of the firm’s North America Securities Litigation Group. With over 30 years of experience, Weiner’s practice focuses on securities litigation, complex business litigation, and enforcement matters.

NACD: Tools and resources to help guide you in unpredictable times.

Become a member today.

Former NACD CEO Ken Daly Remembered

It is with a heavy heart that I share the news that Ken Daly passed away on June 14, 2021. Ken served as CEO of NACD from 2007 to 2017 after retiring from KPMG. I first had the privilege of working with Ken when he led KPMG’s Audit Committee Institute and then again when he moved on to join NACD as CEO.    

While Ken was of average stature, he was larger than life. His affable demeanor, quick sense of humor, and deep commitment to whatever he chose to be involved with made his personality truly infectious. Through his insightful encouragement, he had a way of making you feel proud of your accomplishments and determined to do more. He wanted NACD to be the best it could possibly be, and he pushed us to achieve that. He would name a future goal—like Babe Ruth pointing past the fence—and he would inspire us to knock it out of the park. He led NACD through a period of tremendous growth in membership, revenue, and reputation. It has been my honor to succeed him as CEO of this great organization.

Many will remember Ken for his drive, but he had a softer side that his friends were lucky to see. He boasted of his family—his incredible wife Donna, his two sons, Matt and Andy, and his grandchildren, who affectionately called him Poppi. He always said that “family comes first” and encouraged all of us to focus on the things that are really important in life. He was a man of deep faith, even delivering sermons in his church—in his own special way. He once led a service where he handed out mirrors to everyone attending church that Sunday and had the church band learn the Michael Jackson song “Man in the Mirror.” He even learned how to “moon walk” and did so in front of the congregation while the band played. Yes, he definitely had a flair for the dramatic, and he always infused a little wry humor in everything he did. He also had a penchant for obscure sayings or phrases. “Whackadoodle,” “goat rodeo,” “tougher than woodpecker lips,” and “two oil barrels and a goat head” come to mind. Someday, I’ll figure out where he came up with all of those, but I can remember him chewing on a cigar and smiling as he wove them into his conversations.

I was privileged to call Ken my friend. Over the decades that I knew him, he helped me through many tough situations, both personally and professionally. For that, I am forever grateful. To call him a mentor is an understatement. I know that many in our membership may never have met Ken, and for that I’m sorry. For those of you who did, I’m sure you have your own memorable experiences to share. I, for one, will miss my friend and hope that, in partnership with our staff, chapters, and you—our esteemed members—we will carry on Ken’s dream of an NACD that lights the way for directors and boards across this country and beyond.

Our thoughts and prayers are with his family as we mourn his passing and celebrate his life. His obituary and information about services for Ken can be found here.

NACD: Tools and resources to help guide you in unpredictable times.

Become a member today.