Advisor: Target should drop most board members

Target
Shoppers arrive at a Target store in Los Angeles on Thursday, Dec. 19, 2013.
Damian Dovarganes/AP, File

A shareholder advisory firm has recommended that Target shareholders oust most members of the company's board at its annual meeting next month.

Institutional Shareholder Services on Wednesday said the members of two key board committees didn't do enough to protect the company — and its customers — from a massive data breach last year.

Related: Target CEO is out following credit card breach
Also: Target fires president of Canadian operations

ISS advises big investors like pension funds and mutual funds on corporate governance matters that are up for a vote by investors. The ISS report on Target said seven of 10 Target board members "should have been aware of, and more closely monitoring, the possibility of theft of sensitive information."

The members are on the company's audit and corporate responsibility committees and include interim board chair Roxanne Austin.

Late last year, cyber-thieves stole payment card and personal information for tens of millions of Target shoppers. Target officials have said the company cannot yet estimate what costs it will bear for the breach but has warned they could be significant.

Before you keep reading ...

MPR News is made by Members. Gifts from individuals fuel the programs that you and your neighbors rely on. Donate today to power news, analysis, and community conversations for all.

ISS said the data breach revealed Target was inadequately prepared for the risks of doing business in today's electronic commerce environment. The shareholder advisory firm said oversight of those risks rests with the audit and corporate responsibility committees.

"It appears that failure of the committees to ensure appropriate management of these risks set the stage for the data breach, which has resulted in significant losses to the company and its shareholders," ISS wrote in its report.

The organization called for a vote against directors Austin, Mary Minnick, Anne Mulcahy, Derica Rice, Calvin Darden, Henrique De Castro, and James Johnson.

ISS recommended a vote in favor of two members with Minnesota roots: Ecolab CEO Douglas Baker and Wells Fargo CEO John Stumpf. Also escaping the ire of ISS was former U.S. Senator and Commerce Secretary Kenneth Salazar, a fairly recent addition to the board.

Analysts and industry observers doubt the ISS recommendation to dump so many board members will get much traction with investors.

There are no alternative candidates. So a successful "no" vote would leave the board with only three members at a time when the company is searching for a replacement for fired CEO Gregg Steinhafel.

Edward Jones retail analyst Brain Yarbrough said the advice seems farfetched.

"To claim the board was liable here just seems a little excessive to me, unless the board knew about the breaches when there were warnings and the company ignored those," he said. "I'm sure the first the board heard of the breach was when the breach occurred."

Retail consultant Howard Davidowitz said the people responsible for the breach at Target were lower in the chain of command.

"If no one came and told the board about it, how on earth could they know about it," he said. "Twenty companies have had breaches and no board members or CEOs were fired."

Many observers consider Target's woeful performance in Canada to be the major factor in Steinhafel's ouster. The retailer has lost about $1 billion in its foray into Canada.

Harvard Business School professor Jay Lorsch said he could not recall shareholders going along with such a sweeping proposal for a purge of board members in a case like this.

"It sounds pretty extreme," he said.

Still, Lorsch said ISS holds a lot of influence. But some shareholders are more inclined to follow its recommendations than others.

"The public pension funds, the union pension funds and others like that are likely to pay a lot of attention to them," he said. "There are others who'll only pay attention to them if they think the idea was particularly important and credible. It's almost like politics. There are some people who have more of a tendency to listen to what ISS recommends and others who are somewhat skeptical."

It would seem skeptics are in the majority. But the true test of ISS' influence about the Target board will come June 11 in Dallas at Target's annual shareholder meeting.

ISS also criticized former Target CIO Beth Jacob, who's been replaced.

The advisory service said a publicly available biography suggests Jacob lacked data security or information technology experience until she was named senior vice president and CIO in 2008. But the new CIO — Bob DeRodes — has more than 40 years of experience.

ISS noted that Target has boasted DeRodes is a "recognized leader in information technology, data security, and business operations." He has been a senior information technology advisor for the Center for CIO Leadership, the U.S. Department of Homeland Security, the U.S. Secretary of Defense, and the U.S. Department of Justice.