Compensation Risk Assessments


If you have had occasion to read the Compensation Discussion & Analysis section of a proxy statement recently, you likely came across a statement quite similar to this one:

“Our Compensation Committee, with assistance from internal risk management staff and the Committee’s compensation consultant, has assessed our compensation programs and has concluded that our compensation policies and practices do not create risks that are reasonably likely to have a material adverse effect on us.”

This all-too-common statement reflects a potential opportunity lost. Compensation committees can go far beyond merely demonstrating a lack of material risk by using an effective risk-assessment process in the management of their incentive programs.

In this article, we present a set of standards for conducting an effective risk assessment. The information gathered in such assessments should enable compliance with required compensation-risk disclosures, enhance the potential for incentive plans to produce desired business results and reward management appropriately relative to performance.


An appropriate level of risk is essential for any business to survive and produce acceptable risk-adjusted returns for stakeholders. Eradicating all risk in compensation programs is not desirable or feasible. However, actively managing risks undertaken —and understanding their relationship with executive compensation structure and design — is.

The Federal Reserve’s guidance on incentive-compensation risk assessment is consistent with this view. This principles-based guidance recognizes that no single incentive design is appropriate for all organizations. In the Fed’s view, incentive arrangements should be:

  • Balanced regarding financial rewards so as not to encourage employees to imprudently expose their organizations to risk.
  • Compatible with effective controls and risk management.
  • Supported by strong corporate governance.

From our recent experiences, most companies have stepped up and eliminated the more obvious types of corporate exposure to imprudent risk-taking.  Yet in the areas of controls and corporate governance practices — focused on managing pay risk over time — there is substantial room for improvement.

Four specific types of risk are associated with compensation programs: financial, operational, reputational and talent-related. Sharp focus on each of these areas will go a long way toward meeting the Federal Reserve standards and achieving objectives for managing risk.

  • Financial. A company’s incentive plans could place an undue financial burden on the company or fail to motivate behavior critical to financial success.

These assessments often balance financial impact and potential for risk generation. The graphic below shows how different incentive plans within an organization might fall along the spectrum of the combined dimensions of materiality and risk.

Financial Risk Assessment

In this example, the organization has a number of incentive plans in which the size of individual payments to participants and the overall cost to the company are deemed material. In this context, materiality involves a company-specific definition of the relationship of incentive plan costs to company profitability and/or cash flow. (This is not a legal definition.)

Also, none of the plans shown in the example represented more than a moderate risk regarding types of executive behavior and performance scenarios. The risk that these plans might pay out significant amounts for undesirable behaviors or performance outcomes is limited.

There is no universal definition of risk potential when applied to compensation.  Company-specific risk factors, many of which are used in assessing other business risks, should all be considered when assessing compensation-related risk. These include stock beta, debt-to-equity ratios and the potential for efficient incremental profits.

  • Operational. Processes in place concerning the governance and administration of compensation programs are not sufficient to mitigate errors in judgment or calculated payments.

Operational risk assessments are fundamentally a process review with a focus on pay governance. Below is a sample operational review of pay risk and its assessment.

Summary of Operational Risk Factors

The company reflected in this sample appears to have the right organizational units involved in the audit and approval of the pay-determination process. Also, the process is not controlled or overly influenced by a single segment of the organization, and those who determine pay draw on appropriate internal resources for legal, financial and human resources expertise.

  • Reputation.The design of certain pay programs, while not in violation of any regulatory or legal requirements, could draw negative attention from the company’s constituents, including investors.

Reputational risk assessments will most often be based on evaluation of incentive pay in relation to a checklist of items judged externally to be poor pay practices. In 2011, for example, the presence or absence of a defined policy on clawbacks was on most checklists, as were items such as severance payments for non-renewal of executive employment agreements.

Reputational risk should be balanced against the intended business purpose of pertinent pay practices. Continuing to provide executives with excise-tax protection may, in itself, pose a serious reputational risk for companies, but an alternative may be needed to help ensure that executives are not discouraged from objectively evaluating prospective transactions that might trigger this tax.

  • Talent. The design or absence of some types of compensation plans could result in a loss of critical talent.

Risk of losing talent may stem from simply not paying competitively. But more often, it is caused by a weak pay/performance relationship, typically resulting from any or all of the following:

  • Overly aggressive performance expectations
  • Insufficient leverage in rewards for exceeding expectations
  • Excessively harsh penalties for failing to meet expectations

Regulations expected from the SEC on implementation of the Dodd-Frank requirement for annual pay and performance disclosures will make this assessment part of annual pay program management for most organizations. In addition, it will become part of many companies’ talent-risk assessments.

In the context of our recommended principles-based approach to risk assessment and the Federal Reserve guidelines, below is a set of standards from which to evaluate the effectiveness of your company’s pay-risk assessment. Does it:

1. Set oversight priorities that identify pay plans relating to the highest-risk businesses and positions and ensure that both management and the compensation committee monitor them closely?
2. Incorporate risk assessment into plan-design philosophy by avoiding extremes and by maintaining a balanced mix of fixed and variable pay, short- and long-term incentives and corporate and business-unit performance goals?
3. Assure that plans are well designed by addressing any red flags raised by features that may encourage excessive risk-taking, such as steep incentive curves, uncapped payouts, completely formulaic awards and misaligned timing of payments — or, if such features are used, assuring that their effectiveness has been carefully vetted?
4. Get performance metrics right by carefully evaluating whether an incentive plan’s measures are comprehensive and support the efficient use of capital, sustainability of profits and linkage with shareholder value creation?
5. Define pay-plan governance processes by clearly defining oversight roles, ensuring that plans are consistent with both business goals and risk tolerances, and stress-testing results under a range of scenarios characterized by realistic assumptions about conditions?


The SEC continues to issue comment letters to domestic publicly traded companies asking that they not only disclose their conclusions about the existence of material pay risks, but also describe their assessment processes. (For an example of a process disclosure, see Brown-Forman Corporation, DEF14A, 6-25-2010, p. 36).  This particular disclosure, and the company’s identification of criteria used in its evaluation, is extremely instructive, as it reflects many of the standards by which the implementation of pay philosophy is being judged.

As pay-risk disclosures evolve, either by company initiative or with a push from the SEC, let’s hope that we see a change to something more like the following:

“Our compensation programs are part of our performance culture. They provide balanced reward opportunities tied to a variety of performance outcomes that drive shareholder value. The Compensation Committee subjects the programs to continual review with assistance from management and the committee’s independent consultant, and has concluded that these plans are designed to contribute to our success and reasonably unlikely to have a material adverse effect on ur company.”

Download a free copy of our new eBook!
Simply provide your e-mail address and a link will automatically be sent to you.
Request a paperback version of the book. Input your address in the message field.