Tag Archives: new york stock exchange

How Good Is Your Cybersecurity?

The country was rocked recently when three major enterprises, including the New York Stock Exchange, encountered cyber “glitches” that were serious enough to take them off line, leading to speculation that perhaps there was something more sinister at play. While contemplating the situation in real time, many enterprises undoubtedly engaged in a quick self-assessment of their own cybersecurity defenses and readiness and heaved a sigh of relief when the disruptions were reported to be resolved, unrelated and not caused by malicious outsiders.

But what if it had been different? How well would your company fare in the face of an attempted or successful cyber attack?

Recent events should serve as a wake-up call for all enterprises to shore up their defenses and formulate their game plan in the event of a cybersecurity incident.

Here are four key factors to consider:

1. Have you conducted a risk-based security assessment? The assessment, among other things, should determine if you’ve already been hacked, test your perimeter and scan for internal and external vulnerabilities.

2. Have you established and implemented effective employee training and awareness policies and programs? Studies repeatedly show that employees are at the heart of most security incidents. Employees should be educated about the crucial role they play in securing enterprise data, and they should be trained to recognize and avoid security threats.

3. Have you assembled an incident response team? No entity should put itself in the position of wondering what to do and who to call when it suffers a cybersecurity incident. Entities should build their incident response team and practice their response to various security incident scenarios before an incident ever happens. Companies that do this are in a better position to respond when an event occurs, thereby minimizing the financial, legal and reputational fallout of a cybersecurity incident.

4. Have you purchased insurance to cover cyber incidents? Enterprises routinely purchase insurance to transfer the risk of potential liabilities they might encounter in the course of their business operations. Cyber liabilities should be treated the same way. Cyber insurance can provide much needed financial and tactical support in the event of a cyber incident.

Takeaway

Thoughtful focus on these four steps can help companies protect against and mitigate the effects of a cybersecurity incident. As recent events have demonstrated, the risks are real, and they show no signs of abating.

How to Evaluate the External Auditors

The Audit Committee Collaboration (six associations or firms, including the National Association of Corporate Directors and NYSE Governance Services) recently published External Auditor Assessment Tool: A Reference for Audit Committees Worldwide.

It’s a good product, useful for audit committees and those who advise them — especially chief audit executives (CAEs), CFOs and general counsel.

The tool includes an overview of the topic, a discussion of important areas to assess (with sample questions for each) and a sample questionnaire to ask management to complete.

However, the document does not talk about the critical need for the audit committee to exercise professional skepticism and ask penetrating questions to test the external audit team’s quality.

Given the publicized failures of audit firms to detect serious issues (fortunately few, but still too many – the latest being the FIFA scandal) and the deficiencies continually found by the PCAOB Examiners, audit committees must take this matter seriously.

Let me Illustrate with a story. Some years ago, I joined a global manufacturing company as the head of the internal audit function, with responsibility for the SOX program. I was the first to hold that position; previously, the internal audit function had been outsourced. Within a couple of months, I attended my first audit committee meeting. I said there was an internal control issue that, if not addressed by year-end, might be considered a material weakness in the system of internal control over financial reporting. None of the corporate financial reporting team was a CPA! That included the CFO, the corporate controller and the entire financial reporting team. I said that, apart from the Asia-Pacific team in Singapore, the only CPAs on staff were me, the treasurer and a business unit controller. The deficiency was that, as a result, the financial reporting team relied heavily on the external auditors for technical accounting advice – and this was no longer permitted.

The chairman of the audit committee turned to the CFO, asked him if that was correct and received an (unapologetic) affirmative. The chairman then turned to the audit partner, seated directly to his right, and asked if he knew about this situation. The partner also gave an unapologetic “yes” in reply.

The chairman then asked the CEO (incidentally, the former CFO, whose policy it had been not to hire CPAs) to have the issue addressed promptly, which it was.

However, the audit committee totally let the audit partner off the hook. The audit firm had never reported this as an issue to the audit committee, even though it had been in place for several years. The chairman did not ask the audit partner why; whether he agreed with my assessment of the issue; why the firm had not identified this as a material weakness or significant deficiency in prior years; or any other related question.

If you talk to those in management who work with the external audit team, the most frequent complaint is that the auditors don’t use judgment and common sense. They worry about the trivial rather than what is important and potentially material to the financial statements. In addition, they often are unreasonable and unwilling to work with management – going overboard to preserve the appearance of independence.

I addressed this in a prior post, when I said the audit committee should consider:

  • Whether the external auditor has adopted an appropriate attitude for working with the company, including management and the internal auditor
  • Whether the auditor has taken a top-down and risk-based approach that focuses on what matters and not on trivia, minimizing both cost and disruption, and
  • Whether issues are addressed with common sense rather than a desire to prove themselves

Does your audit committee perform an appropriate review and assessment of the external audit firm and their performance?

I welcome your comments.

Buckle Up: Monetary Events Are Speeding

Just when you thought the world could not spin much faster, global monetary events in 2015 have picked up speed. Buckle up.

A key macro theme of ours for some time now has been the increasing importance of relative global currency movements in financial market outcomes. And what have we experienced in this very short year-to-date period so far? After years of jawboning, the European Central Bank has finally announced a $60 billion monthly quantitative easing exercise to begin in March. Switzerland “de- linked” its currency from the euro. China has lowered the official renminbi/U.S. dollar trading band (devalued the currency). China lowered its banking system required reserve ratio. The Turkish and Ukrainian currencies saw double-digit declines. And interest-rate cuts have been announced in Canada, Singapore, Denmark (four times in three weeks), India, Australia and Russia (after raising rates meaningfully in December to defend the ruble). All of the above occurred within five weeks.

What do all of these actions have in common? They are meant to influence relative global currency values. The common denominator under all of these actions was a desire to lower the relative value of each country’s or area’s currency against global competitors. As a result, foreign currency volatility has risen more than noticeably in 2015, necessarily begetting heightened volatility in global equity and fixed income markets.

If we step back and think about how individual central banks and country-specific economies responded to changes in the real global economy historically, it was through the interest-rate mechanism. Individual central banks could raise and lower short-term interest rates to stimulate or cool specific economies as they experienced the positive or negative influence of global economic change. Country-specific interest-rate differentials acted as pressure relief valves. Global short-term interest-rate differentials acted as a supposed relative equalization mechanism. But in today’s world of largely 0% interest rates, the interest-rate “pressure relief valve” is gone. The new pressure relief valve has become relative currency movements. This is just one reality of the historically unprecedented global grand central banking monetary experiments of the last six years. At this point, the experiment is neither good nor bad; it is simply the environment in which we find ourselves. And so we deal with this reality in investment decision making.

There has been one other event of note in early 2015 that directly relates to the potential for further heightened currency volatility. That event is the recent Greek elections. We all know that Greece has been in trouble for some time. Quite simply, the country has borrowed more money than it is able to pay back under current debt-repayment schedules. The New York consulting/ banking firm Lazard recently put out a report suggesting Greek debt requires a 50% “haircut” (default) for Greece to remain fiscally viable. The European Central Bank (ECB), largely prompted by Germany, is demanding 100% payback. Herein lies the key tension that must be resolved in some manner by the end of February, when a meaningful Greek debt payment is due.

Of course, the problem with a needed “haircut” in Greek debt is that major Euro banks holding Greek debt have not yet marked this debt to “market value” on their balance sheets. In one sense, saving Greece is as much about saving the Euro banks as anything. If there is a “haircut” agreement, a number of Euro banks will feel the immediate pain of asset write-offs. Moreover, if Greece receives favorable debt restructuring/haircut treatment, then what about Italy? What about Spain, etc? This is the dilemma of the European Central Bank, and ultimately the euro itself as a currency. This forced choice is exactly what the ECB has been trying to avoid for years. Politicians in the new Greek government have so far been committing a key sin in the eyes of the ECB – they have been telling the truth about fiscal/financial realities.

So, to the point: What does this set of uncharted waters mean for investment decision making? It means we need to be very open and flexible. We need to be prepared for possible financial market outcomes that in no way fit within the confines of a historical or academic playbook experience.

Having said this, a unique occurrence took place in Euro debt markets in early February: Nestle ́ shorter-term corporate debt actually traded with a negative yield. Think about this. Investors were willing to lose a little bit of money (-20 basis points, or -.2%) for the “safety” of essentially being able to park their capital in Nestle’s balance sheet. This is a very loud statement. Academically, we all know that corporate debt is “riskier” than government debt (which is considered “risk-free”). But the markets are telling us that may not be the case at the current time, when looking at Nestle ́ bonds as a proxy for top-quality corporate balance sheets. Could it be that the balance sheets of global sovereigns (governments) are actually riskier? If so, is global capital finally starting to recognize and price in this fact? After all, negative Nestle ́ corporate yields were seen right alongside Greece’s raising its hand, suggesting Euro area bank and government balance sheets may not be the pristine repositories for capital many have come to blindly accept. This Nestle ́ bond trade may be one of the most important market signals in years.

As we have stated in our writings many a time, one of the most important disciplines in the investment management process is to remain flexible and open in thinking. Dogmatic adherence to preconceived notions can be very dangerous, especially in the current cycle. As such, we cannot look at global capital flows and investment asset class price reactions in isolation. This may indeed be one of the greatest investment challenges of the moment, but one whose understanding is crucial to successful navigation ahead. In isolation, who would be crazy enough to buy short-term Nestle ́ debt where the result is a guaranteed loss of capital in a bond held to maturity? No one. But within the context of deteriorating global government balance sheets, all of a sudden it is not so crazy an occurrence. It makes complete sense within the context of global capital seeking out investment venues of safety beyond what may have been considered “risk-free” government balance sheets, all within the context of a negative yield environment. Certainly for the buyer of Nestle ́ debt with a negative yield, motivation is not the return on capital, but the return of capital.

This leads us to equities and, again, this very important concept of being flexible in thinking and behavior. Historically, valuation metrics have been very important in stock investing. Not just levels of earnings and cash-flow growth, but the multiple of earnings and cash-flow growth that investors have been willing to pay to own individual stocks. This has been expressed in valuation metrics such as price-to-earnings, price relative to book value, cash flow, etc. To the point, in the current market environment, common stock valuation metrics are stretched relative to historical context.

In the past, we have looked at indicators like total stock market capitalization relative to GDP. The market capitalization of a stock is nothing more than its shares outstanding multiplied by its current price. The indicator essentially shows us the value of stock market assets relative to the real economy. Warren Buffett has called this his favorite stock market indicator.

Untitled

The message is clear. By this valuation metric, only the year 2000 saw a higher valuation than the current. For a while now, a number of market pundits have suggested the U.S. stock market is at risk of a crash based on these numbers.

Wells Capital Management recently developed data for the median historical price-to-earnings multiple of the NYSE (using the data for only those New York Stock Exchange companies with positive earnings). What this data tells us is that the current NYSE median PE multiple is the highest ever seen. Not exactly wildly heartwarming for anyone with a sense of stock market valuation history.

Untitled

It is data like this that has prompted a number of market commentators to issue warnings: The big bad stock market wolf isn’t coming; he’s here!

In thinking about these numbers and these dire warnings from a number on Wall Street, we again need to step back and put the current cycle into context. We need to put individual asset class movements into context.

In isolation, current stock market valuations should be very concerning (and they are). In isolation, these types of valuation metrics do not make a lot of sense set against historical precedent. But the negative yield on Nestle corporate debt make littles to no common sense, either…unless it is looked at as an alternative to deteriorating government balance sheets and government debt markets.

Trust us, the LAST thing we are trying to do is be stock market cheerleaders. We’ll leave that to the carnival barkers at CNBC, with its historically low viewer ratings. What we are trying to do is “see” where the current set of global financial market, economic and currency circumstances will lead global capital as we move throughout 2015.

Heightened global currency volatility means an increasing amount of global capital at the margin is seeking principal safety. The recent Greek election results are now forcing into the mainstream commentary the issue of Euro bank and government fiscal integrity, let alone solvency. We believe the negative yield on the Nestle ́ corporate bond is an important marker that global capital is now looking at the private (corporate) sector as a potential repository for safety. The Nestle ́ bond is an investment that has nothing to do with yield and everything to do with capital preservation. Nestle ́ has one of the more pristine corporate balance sheets on Earth. We need to remember that equities represent a claim on not only future cash flows of a corporation but also on its real assets and balance sheet wherewithal.

We need to be open to the possibility that, despite very high-valuation metrics, a weak global economy and accelerating global currency movements that are sure to play a bit of havoc with reported corporate earnings, the equity asset class may increasingly be seen as a global capital repository for safety in a world where global government balance sheets have become ever more precarious over the last half decade. The investor who survives long-term is the one with a plan of action for all potential market outcomes. Avoid the tendency to cry wolf, but, of course, also keep in mind that even the boy who cried wolf was ultimately correct.

It’s all in the rhythm and pacing of each unique financial and economic cycle. Having a disciplined risk management process is the key to being able to remain flexible in investment thinking and action.