The Board exercises its oversight responsibility for risk both directly and through the Audit, Compensation, Corporate
Governance and Nominating and Technology Committees. Management of TSYS, which is responsible for
day-to-day
risk management, maintains an enterprise risk management
process. The enterprise risk management process is designed to identify and assess TSYS risks, and to develop steps to mitigate and manage risks. On at least an annual basis, our Chief Risk, Compliance and Privacy Officer presents a report to
the full Board and the Board discusses the most significant risks that TSYS is facing and the steps management has taken or will take to mitigate those risks. In addition, the full Board is kept informed of each committees risk oversight and
related activities through regular reports from the committee chairs.
The Audit Committee has primary responsibility for overseeing TSYS enterprise risk
management framework and programs. The Committee regularly discusses our major financial risk exposures, financial reporting, internal controls, key operational risks, market risks and compliance, and the enterprise risk management framework and
programs. TSYS executive management engages with and/or reports to the Committee on a regular basis to address high priority risks.
The Technology Committee
assists the Board and the Audit Committee in the oversight of TSYS management of risks regarding technology, information security, cybersecurity, disaster recovery and business continuity, including, but not limited to, risks in these five
areas related to hardware, software, personnel, architecture, organizational structure, management, resource allocation, innovation, and research and development. The Committee oversees and reviews managements assessment and management of
these technology risks and regularly discusses with management TSYS risk appetite and strategy relating to these risks. In this regard, the Chief Information Officer, the Chief Information Security Officer and the Chief Technology Officer
attend all meetings of the Committee and each periodically makes presentations to the full Board regarding technology risks. With respect to communications between the Committee and the Board, the Chairman of the Technology Committee is a member of
the Audit Committee and regularly reports to the Audit Committee at its meetings regarding the Committees activities. In addition, as noted above, the full Board is kept informed of the Technology Committees risk oversight and related
activities through regular reports from the Committees Chair.
The Corporate Governance and Nominating Committee oversees risks related to our overall
corporate governance structure and processes, including board and committee composition, board size and structure, independence and risks arising from related party transactions.
The Compensation Committee oversees the risks associated with management resources, succession planning and management development and our compensation structure and
programs, including evaluating and assessing risks arising from our compensation policies and practices for all employees, as discussed further below.
Management
recently conducted a risk assessment to evaluate the risks associated with TSYS compensation practices, policies and programs for all employees, including the named executive officers. Managements analysis was reviewed with the
Compensation Committee at its February 2018 meeting. Based on this review and assessment, we do not believe our compensation programs encourage excessive or inappropriate risk-taking that is reasonably likely to result in a material adverse effect
on TSYS.
Shareholder Engagement
We believe that building positive relationships with our shareholders is critical to TSYS long-term success. We value the views of our shareholders and we have
both
face-to-face
meetings and conference calls with them during the year on subjects such as capital allocation, our performance, the regulatory environment, corporate
governance and executive compensation in an effort to ensure that management and the Board understand and consider the issues that matter most to our shareholders and to enable TSYS to attempt to address them effectively. In addition, our senior
management participates in formal industry conferences and
non-deal
road shows. We also host on an annual basis a TSYS Investor Day for institutional investors and equity analysts.
Board and Committee Evaluations
Our Board recognizes that a thorough, constructive evaluation process is an essential element of good corporate governance and enhances the Boards effectiveness.
Accordingly, each year our Board and committees conduct self-evaluations to, among other things, assess the composition of the Board, including the background, qualifications, attributes, skills and experience represented on the Board; to assess
their effectiveness and adherence to our Corporate Governance Guidelines and committee charters; and to identify opportunities to improve Board and committee performance through feedback received during the evaluation process. Based on the
evaluation results, changes in practices or procedures are considered and implemented, as appropriate. The
8 TSYS -
2018 Proxy Statement