AMN 2018 Proxy Statement

CORPORATE GOVERNANCE landscape, engagement and retention of quality healthcare professionals, talent management, technology systems, security and innovation. The Enterprise Risk Management Committee also assists the Board in determining our risk tolerance in light of our (1) existing risk capacity, (2) appetite, if any, to take on additional risk or lessen our risk, (3) risk velocity and (4) mitigation factors. The Board’s determination of our key risks and our tolerance for each ultimately influence how we operate our business, including how we marshal our resources and make strategic and operational decisions. With the oversight from our Board, our Executive Management is given responsibility for monitoring and managing the key risks identified by the Board as well as risk generally to agreed upon appetite and tolerance levels. To ensure that the Company operates within its risk appetite, Executive Management and other leaders establish and support a culture of integrity, ethical behavior and risk awareness for our team members. We also have designed and maintain internal processes and an internal control environment that further facilitate the identification and management of risks. Our Board meets with Executive Management at regular Board meetings and, if necessary, at other times to discuss the strategy and success in addressing our identified key risks along with any other risks that we may face. In addition to the foregoing, each of the Board’s standing committees, as set forth below, focus attention on risk areas implicated by its area of expertise, and report regularly to the Board on its identification and assessment of such risks. All committees play significant roles in carrying out the risk oversight function that typically focus in their areas of expertise. AUDIT COMMITTEE RISK OVERSIGHT The Audit Committee assists the Board in fulfilling its oversight responsibilities of our compliance with ethical requirements and certain legal rules and regulations, as well as our processes to manage our business, financial and enterprise risk. Among other things, the Audit Committee’s specific duties include: (1) overseeing the work of our independent auditors, (2) reviewing and discussing with management the Company’s processes to manage major risk exposures to the Company and the steps management has or plans to take, to monitor, control and manage such exposures, including our risk assessment and risk management guidelines and policies, (3) reviewing and discussing with management key technology strategic initiatives and risks, including information security and receives regular reports on significant cybersecurity breach and any disclosure obligations arising from such breach, (4) approving procedures for receiving complaints by us regarding accounting, internal accounting controls or auditing matters, reviewing our code of conduct program and reviewing attorneys’ reports containing evidence of material violations of securities laws, breaches of fiduciary duty or other similar violations of state or federal law, (5) reviewing and discussing with management, our chief internal auditor, independent auditors or in-house counsel, as appropriate, any legal, regulatory or compliance matters that could have a significant effect on our financial statements, (6) reviewing on a regular basis our ethics and compliance and our code of conduct programs, including the regular receipt and review of any events investigated under our compliance and ethics program, and (7) reviewing the results of significant investigations, examinations or reviews performed by regulatory authorities and management’s responses. In 2017, the Company did not identify any significant deficiencies or material weaknesses in our internal controls. In addition, the Audit Committee determined that our processes to manage our enterprise, business and financial risks are effective and comply with legal requirements, our policies and ethics. COMPENSATION AND STOCK PLAN COMMITTEE OVERSIGHT The Compensation and Stock Plan Committee (the “ Compensation Committee ”) is responsible for analyzing the risk associated with our compensation practices. We design our incentive compensation to reward officers and other key employees for committing to and delivering on financial goals that we believe are challenging, yet (i) reasonably achievable, (ii) require meaningful revenue and profitability performance to reach the target level, and (iii) require substantial revenue and profitability performance to reach the maximum level. The financial performance required to reach the maximum level of compensation is developed within the context of budget planning and, while difficult to achieve, is not viewed to be at such an aggressive level that it would induce bonus-eligible employees to take inappropriate risks that could threaten our financial and operating stability. The Compensation Committee has reviewed our material cash incentive plans, which fall into two types: (1) those for front line sales production employees and (2) those for AMN HEALTHCARE SERVICES, INC. ⎪ 2018 Proxy Statement 19