How would it feel to have to pay out thousands of dollars of your hard-earned money because of your being an unpaid volunteer at your credit union? There are things we need to consider changing to protect you from loss. How would it be to see your workload actually decrease as you insulate your volunteer position from prosecution?
Let me jump to the punch line. Let your CEO have policy-making authority.
The first issue with this is an old notion, the notion that only boards have policymaking authority. That is a myth. But in our careers, we have heard the "boards make policy" mantra so often that we fail to consider that others can make policy, too. And do.
Take for example the Federal Credit Union Act, Section 113. In it, Congress tells boards to do twenty-one things. Among them are specific areas boards need to maintain policies, although Congress only uses the word policy once in that section. What Congress did in this act, many states did similarly in their state laws. Since the same statutes do not make any statement about management making policy, then people easily and mistakenly conclude that only a credit union's board can make policy.
But Congress and the legislatures also did not make policy an exclusive power of boards. No one has. Policy is a tool inherently available to all leaders.
The myth that only boards have policy power unfortunately receives support from many of the places we go for advice and materials. One model manual I reviewed is an example. In the introductory material, the author clearly states that the policy function is an exclusive to the board. Further, it states that polices not approved by a board could be invalid.
Statements like those are unfortunate. I talked to the attorney who wrote this particular manual. What he left out of the written material was that, if the board authorizes management to make policy, in other words, delegates its policy directives, then management's policies would not automatically be invalid.
What is the origin of the myth that only boards can swim in this policy pond? Let me speculate as a theoretical archeologist.
The statement, "Boards make policy and management carries it out," gives us a very clear and simple governance scheme. It was easy to deal with and implement in simpler times. It was easy to remember. The more you make a statement, the more it becomes true. However, it is too simple a governance scheme for today's complexities.
Because of that statement, the next error occurred. Stick with me. This is more complicated. We know a few things that make this next error a difficult one to correct. Those axioms are:
* While we write "policies and procedures" often in the same sentence, and often say them in the same breath, we know one to be superior to the other: policies outrank procedures. Procedures implement policies.
* Policies guide behavior. Two people may act somewhat differently, and we want that.
* Procedures provide sequential steps leading to specified results. Often, we must follow them to the letter because deviations vary the results.
* Boards are superior to their managers. Therefore, boards make policy. Managers carry out policy by developing what we automatically describe as procedures.
The error was to call management's pronouncements "procedures." All that made sense to several generations of workers in the 20th Century, and yet, today, those beliefs are widely held still.
"So what," you say. "What's the beef?"
The beef for me is that we deny our corporate cultures the flexibility we need in a chaotic world. It's not, as many have told me, just a matter of semantics. We deny our professional managers the respect and dignity they deserve in their ever-widening roles. A healthy governance relationship depends on roles, respect, and trust.
The old beliefs were fine in an era when the board hired clerks to do tasks. Since boards today hire managers, and further ask them to be leaders, then they should recognize that leaders don't speak in procedures, but speak in policies.
Accepting two levels of policies may protect directors' wallets.
Personal Liabilities
When a director breaches the fiduciary responsibility of due care and loyalty, the breach can lead to personal liability. The credit union's bond may not cover it.
In carrying out your responsibilities as a director, you adopt policies from time to time. The body of credit union's operating policy statements probably stacks hundreds of pages high. Since you want to do an excellent job for the members, for the board, for management, and, oh yeah, protect your wallet, do one of two things. Read carefully all the policy pages before approving them. The alternative is to delegate some or all of those operating policies to management.
Drawing the line between the two levels of policies, governance and operational, is not complex. Let me explain it with a story. A consultant is in the process of assisting your credit union in a complete policy overhaul. The battlefield is the boardroom. You walk in one day and a few pages of policy are left carelessly on the floor. No one else is around. You want to get these papers in their proper places.
On the boardroom table are two boxes with papers in them. "Governance" is the label on one box. "Operational" is the label on the other.
You remember something the consultant said at the beginning of the project. He said that governance policies speak to the CEO, the board's only employee. Further, operational policies speak to employees. Since hiring, guiding, coaching, disciplining, and terminating employees is the CEO's role, those policies will become the CEO's job.
After looking at the papers from the floor, you realize that the statements on those pages speak to employee behavior, and you place them in the operational box. As you turn to leave, you think how things will be after this policy makeover. No longer will you receive a board packet that weighs over a pound. No longer will you have to feel guilty over not reading the entire Personnel Policy in detail before approving it. Or, no longer will you wonder if your lack of knowledge of what you "rubber stamped" would come back to haunt you.
You are relieved to anticipate the new policy regimen. You will have done your duty by delegating Personnel Policies (for example) to the CEO because you reasonably believe her competent to do it (after all, you've been approving her stuff for years). The board demonstrates diligence by assigning a director to inspect Personnel Policies during the CEO's performance reviews. Your board further displays its care by authorizing the CEO to hire attorneys and other professionals to assure the operating policies are consistent with prevailing statutes and regulations.
Here's some additional support. The last three Chairs of the National Credit Union Administration acknowledged the validity of two levels of policy. Two told me in person, and the latest, Jo Ann Johnson, said it in writing, "It is vital that boards of directors are fully aware of their responsibilities, and likewise, management should maintain operating policies and practices that are in compliance with regulations and the Federal Credit Union Act." (NCUA News, June 2005).
Boards that practice policy governance as in the past, in spite of today's growing numbers of pages to pore over, may eventually drown in the pond that they claim exclusive rights to. Progressive, governance-thinking Boards delegate all they legitimately can so they can concentrate their energies where management cannot represent and be trustees for the membership.
What are you going to do about your situation? Will you keep the operating policy responsibility, but knuckle down and diligently examine them before you adopt them? Or will you move your board to delegate operating policies to your chief executive and give yourself time to pursue strategic issues?
Dan Clark consults on governance and vision/strategic planning. He can be reached at dan
