Many public companies face an imminent deadline to comply with new Securities and Exchange Commission (SEC) disclosure requirements regarding risk management. Approved on December 16, 2009, SEC Rule No. 33-9089 mandates increased disclosure of compensation and corporate governance practices. Effective February 28, 2010, the majority of public companies must comply with the complete ruling.

Two provisions of Rule No. 33-9089 may be of specific interest to board members, senior leaders, and risk managers:

• Section A1: Narrative Disclosure of the Company's Compensation Policies and Practices as They Relate to the Company's Risk; and
• Section C: New Disclosure about Board Leadership Structure and the Board's Role in Risk.

Recommended Action
Marsh recommends that all organizations review their risk management policies and processes. Suggested activities include instituting or refining enterprise risk management (ERM) processes, conducting a compensation risk management assessment, and improving risk management oversight.