By Paul Ziobro
A prominent proxy adviser took the unusual step of recommending
that Target Corp. shareholders oust seven of the company's 10
directors, citing what it called the board's failure to manage risk
and protect the retailer from a massive data breach.
Institutional Shareholder Services, which advises big
shareholders like mutual funds how to vote on corporate issues,
focused on directors who serve on Target's audit and
corporate-responsibility committees. Those committees are tasked
with overseeing and managing risk, and the data breach showed the
company was inadequately prepared for the threats posed by
hackers.
"It appears that failure of the committees to ensure appropriate
management of these risks set the stage for the data breach, which
has resulted in significant losses to the company and its
shareholders," ISS wrote.
ISS, which rarely recommends voting against a majority of the
board, added that actions Target took in response to the breach,
like replacing the chief information officer and beefing up its
security protocols, appear "largely reactionary" and could have
prevented the data breach from occurring had the company
implemented them sooner.
In response to the criticism on Wednesday, Target's board said
overseeing risk is the responsibility of the entire board and is
part of the board's ongoing review of the company's strategy. It
also said that Target's security measures were "among the
best-in-class within the retail industry," adding that it had made
significant investments in data security and that its payment
systems had been compliant with industry guidelines.
The ISS report is the latest criticism to emerge against
Target's handling of the breach, which compromised 40 million
credit- and debit-card numbers weeks before Christmas. The report
is among the first to lay blame squarely on the board.
The recommendation calls for voting against seven of the 10
directors, including two of Target's longest serving members:
former Xerox Corp. Chief Executive Anne Mulcahy and the onetime
head of Fannie Mae and lead independent director James Johnson. The
firm recommends voting for Kenneth Salazar, the former U.S. senator
who leads the corporate responsibility committee and only joined
the board last July, as well as two members who didn't serve on the
audit or oversight committees.
The votes will be counted for Target's annual meeting, scheduled
for June 11.
So far this year, ISS has called for voting against or
withholding approval for a majority of board nominees at only 11 of
421 companies in the S&P 500.
The advisory and consulting firm also said Target shareholders
should vote to separate the roles of chairman and chief executive,
a proposal voted down at last year's shareholder meeting. ISS said
Target's weak performance and the data breach showed that the dual
role of CEO and chairman didn't provide enough oversight of
management.
Chief Executive Gregg Steinhafel resigned earlier this month in
part for his handling of the data breach. The company has an
interim chairman and a separate interim CEO as it searches for a
new chief. In its proxy statement filed with the Securities and
Exchange Commission, Target argued against the proposal to separate
the two roles, saying its current structure of a lead independent
director provides enough oversight.
Target's board wants to have flexibility to determine the proper
structure of the board. It hasn't made a decision on whether it
will continue with an independent chairman and plans to revisit the
leadership structure when it appoints a permanent CEO.
Roxanne Austin, the interim chairman, is among the directors ISS
has targeted for defeat.
Joann S. Lublin contributed to this article
Write to Paul Ziobro at Paul.Ziobro@wsj.com
Subscribe to WSJ: http://online.wsj.com?mod=djnwires