2018 Guide to Effective Proxies

2.16 Risk oversight | 231 6 TH EDITION | GUIDE TO EFFECTIVE PROXIES VALERO ENERGY CORPORATION INFORMATIONREGARDINGTHEBOARDOFDIRECTORS Our CorporateGovernanceGuidelines enumeratethedutiesandresponsibilitiesoftheLeadDirector,whichinclude:(a)servingasa liaisonbetweentheChairmanandtheindependentdirectors,(b)consultingwiththeChairmanonagendasforboardmeetings, (c)reviewingandapprovinginformationsenttotheBoardasandwhenappropriate,(d)theauthoritytocallmeetingsofthe independentdirectors,(e)settingagendasandleadingthediscussionofregularexecutivesessionmeetingsoftheBoardoutsidethe presenceofmanagementandprovidingfeedbackregardingthesemeetingstotheChairman,and(f)receiving,reviewing,andacting uponcommunicationsfromstockholdersorotherinterestedpartieswhenthoseinterestsshouldbeaddressedbyaperson independentofmanagement. Risk Oversight TheBoardconsidersoversightofValero’sriskmanagementtobearesponsibilityofthefullBoard.TheBoard’sroleinriskoversight includesreceivingregularreportsfromitscommitteesandfrommembersofseniormanagementonareasofmaterialrisktoValero,or tothesuccessofaparticularprojectorendeavorunderconsideration,includingoperational,financial,legal,regulatory,strategic, political,reputational,environmental,cybersecurity,andclimate-relatedrisks.Forexample,theBoardrecentlycompletedareviewwith managementofValero’spoliciesandproceduresconcerningissuesofworkplacediversity,sexualharassmentanddiscrimination,and ensuringasafeworkplace. ThefullBoard(orappropriateBoardcommittee)regularlyreceivesreportsfrommanagementtoenabletheBoard(orcommittee)to assessValero’sriskidentification,riskmanagement,andriskmitigationstrategies.Whenareportisvettedatthecommitteelevel,the chairofthatcommitteethereafterreportsonthemattertothefullBoard.ThisenablestotheBoardanditscommitteestocoordinate theBoard’sriskoversightrole.TheBoardalsobelievesthatriskmanagementisanintegralpartofValero’sannualstrategicplanning process,whichaddresses,amongotherthings,therisksandopportunitiesfacingValerointhelongterm. OneoftheAuditCommittee’sresponsibilitiesistodiscusswithmanagementValero’smajorfinancialriskexposuresandthesteps Valerohastakentomonitorandcontrolthoseexposures,includingourriskassessmentandriskmanagementpolicies.Inthisregard, ourchiefauditofficerpreparesacomprehensiveriskassessmentreportandreviewsthatreportwiththeAuditCommittee.Thisreport identifiesmaterialbusinessrisksforValeroandidentifiesValero’sinternalcontrolsthatrespondtoandmitigatethoserisks.Valero’s managementregularlyevaluatesthesecontrols,andtheAuditCommitteeisprovidedregularupdatesregardingtheeffectivenessofthe controls.TheAuditCommitteealsohasoversightresponsibilityregardingmanagement’sannualassessmentof,andreporton, Valero’sinternalcontroloverfinancialreporting.Inaddition,seniormanagementreportsregularlytotheAuditCommitteeregarding Valero’sinitiativesandstrategiesrespectingcybersecurityandinformationtechnologyrisks. OurNominating/GovernanceandPublicPolicyCommitteereviewsourpoliciesandperformanceinareasofemployeeandcontractor safety,environmentalcompliance,governmentalaffairs,reputationmanagement,climate-relatedrisksandopportunities,andpolicy mattersgenerally.Valero’sGeneralCounselandtheVicePresidentPublicPolicy&StrategicPlanningattendallmeetingsofthe Committee.Inaddition,membersfromseniormanagementreport,atleastannually,totheCommitteeregardingValero’ssafetyand environmentalrisks,strategies,andassessments.TheCommitteealsoassiststheBoardinoversightofValero’sclimate-relatedrisks andopportunities(describedfurtherin“ClimateChangeDisclosure”below). OurCompensationCommitteeassessestheriskofourcompensationprograms.Ourcompensationconsultantregularlyattends meetingsoftheCommitteetoprovideupdatesoncompensationrelatedrisksandtrends.Seealso,“RiskAssessmentof CompensationPrograms”elsewhereinthisproxystatement. 2018PROXYSTATEMENT 7 VERA BRADLEY, INC. CORPORATEGOVERNANCE CORPORATE GOVERNANCE We believe corporate governance should promote the long-term interests of our shareholders, as well as maintain internal checks and balances, strengthen management accountability, engender public trust and foster responsible decision making and accountability. We continue to strengthen existing governance practices and develop new policies that make us a better company. To that end, the following policies and practices are used to guide and regulate various actions, in addition to the Company’sArticlesofIncorporationandBylaws. CORPORATE GOVERNANCE GUIDELINES Our Corporate Governance Guidelines set out various rules and principles for self-governance and address such matters as Board composition and structure, duties and responsibilitiesof directors and the Board and the duties of theLeadIndependentDirector,amongothermatters. CONFLICT OF INTEREST AND BUSINESS ETHICS POLICY We believe that credibility, integrity, trustworthiness and our core values are critical components of the current and future success of our business. Our Conflictof Interest and Business Ethics Policy is intended to help uphold high ethical standards in all of our operations by promoting ethicalconduct and compliancewithapplicablelaws,rules, regulations and standards. Our Board recognizes that no code of ethics can replace the thoughtful behavior of an ethical director or employee, but such a Code can provide guidance to help recognize and deal with ethical issues andtofosteracultureofaccountability. CODE OF ETHICS FOR SENIOR FINANCIAL OFFICERS In addition to being subject to the Conflict of Interest and Business Ethics Policy, our Chief Executive Officer, Chief Financial Officer and Corporate Controller and Treasurer are also subject to our Code of Ethics for Senior Financial Officers. We will disclose on our website (www.verbradley.com) any amendment to, or waiver from, a provision of the Policy or Code that applies to our Chief Executive Officer, Chief Financial Officer and Corporate Controller and Treasurer or persons performing similar functionsandthatrelatesto: ❖ Honest and ethical conduct, including the ethical handling of actual or apparent conflicts of interest betweenpersonalandprofessionalrelationships ❖ Full, fair, accurate, timely and understandable disclosure in reports and documents that we file with theSECandinotherpubliccommunicationswemake ❖ Compliance with applicable governmental laws, rules andregulations ❖ The prompt internal reporting of violations of the Code to an appropriate person or persons identified in the Code ❖ AccountabilityforadherencetotheCode RISK OVERSIGHT Our Board has and exercises ultimate oversight responsibility with respect to enterprise risk assessment and to the management of the strategic, operational, financial and legal risks facing our Company and its operations and financialcondition.TheBoardisinvolvedin setting our business and financial strategies and establishing what constitutes the appropriate level of risk for us and our business segments. Various committees of the Board provide assistance to the Board in its oversight of, among other things, risk assessment and risk management. The Board also monitors the process by which risk assessment and management is developed and implemented by management and reported to the full Board. Our Audit Committee assists the Board in its oversight of our policies relating to risk assessment and risk management generally, with particular focus on our managementofmajorfinancialriskexposures. Our Compensation Committee assists the Board in assessing the nature and degree of risk that may be created by our compensation policies and practices to ensure both their appropriateness in terms of the level of risk-taking and consistency with our businessstrategies. In conjunction with its assessment, the Committee, with the assistance of independent consultants and independent compensation resources, reviews our compensation policies and practices. That review encompasses each of our incentive plans, eligible participants, performance measurements, parties responsible for certifying performance achievement and sums that could be earned, including caps on the amount of bonus and performance shareunitsthatcanbeearned. 6 VeraBradley,Inc. 2018 ProxyStatement VERIZON COMMUNICATIONS INC. BoardandCommittees | Riskoversight Riskoversight RoleoftheBoard Whileseniormanagementhasprimaryresponsibilityformanagingrisk,ourBoardofDirectorsisresponsibleforrisk oversight.TheBoardworkswithseniormanagementtodevelopacomprehensiveviewofVerizon’skeyshort-andlong- termbusinessrisks.Verizonhasaformalizedbusinessriskmanagementreportingprocessthatisdesignedtoprovide visibilitytotheBoardaboutcriticalrisksandriskmitigationstrategies. TheBoardofDirectorsoverseesthemanagementofrisksinherentintheoperationofVerizon’sbusinessesandthe implementationofitsstrategicplanbyusingseveraldifferentlevelsofreview.TheBoardaddressestheprimaryrisks associatedwithVerizon’sbusinessunitsandcorporatefunctionsinitsoperationsreviewsofthoseunitsandfunctions.In addition,theBoardreviewstherisksassociatedwithVerizon’sstrategicplanatanannualstrategicplanningsessionand periodicallythroughouttheyear. Roleofthecommittees EachofourBoardcommitteesoverseesthemanagementofrisksthatfallwithinthatcommittee’sareasofresponsibility.In performingthisfunction,eachcommitteehasfullaccesstomanagementandmayengageadvisors. AuditCommittee • OverseestheoperationsofVerizon’senterpriseriskmanagementprogram,whichidentifiesthe primaryriskstoVerizon’sbusiness. • Periodicallymonitorsandevaluatestheprimaryrisksassociatedwithparticularbusinessunitsand functions. • WorkswithVerizon’sSeniorVicePresidentofInternalAuditing,whohelpsidentify,evaluateand implementriskmanagementcontrolsandmethodologiestoaddressidentifiedrisksandwho functionallyreportsdirectlytotheCommittee. • MeetsprivatelyateachAuditCommitteemeetingwithrepresentativesfromtheindependent registeredpublicaccountingfirm,theSeniorVicePresidentofInternalAuditing,andtheExecutive VicePresidentofPublicPolicyandGeneralCounsel. Corporate Governanceand PolicyCommittee • ReviewsbusinessandreputationalrisksrelatingtoVerizon’spositionandengagementonimportant publicpolicyissues,includingpoliticalcontributionsandcorporatesocialresponsibility. • OverseesbusinessandreputationalrisksrelatingtoVerizon’sproductsandservices. FinanceCommittee • AssistsourBoardinitsoversightoffinancialriskmanagement. • MonitorsVerizon’scapitalneedsandfinancingplansandoverseesthestrategyformanagingrisk relatedtocurrencyandinterestrateexposure. • ReviewsandapprovesVerizon’sderivativespolicyandmonitorstheuseofderivatives. • ReviewsVerizon’sinsuranceandself-insuranceprograms,aswellaspensionandother postretirementbenefitobligations. HumanResources Committee • Considerstheimpactoftheexecutivecompensationprogramandoftheincentivescreatedbythe compensationawardsonVerizon’sriskprofile. • Overseesmanagement’sannualassessmentofcompensationriskarisingfrom Verizon’scompensationpoliciesandpractices. Basedonmanagement’sreview,Verizonhasconcludedthatourcompensationpoliciesand proceduresarenotreasonablylikelytohaveamaterialadverseeffectonVerizonbecausetheyare appropriatelystructuredanddiscourageemployeesfromtakingexcessiverisks. 18 | Verizon 2018ProxyStatement VOYA FINANCIAL, INC. BOARDROLEINRISKOVERSIGHT Ourboardcarriesoutitsriskoversightfunctionthroughitsregularlyscheduledmeetings,throughits committees(includingtheAuditCommittee,whichconsistentwithNYSEruleshasacentralroleinrisk oversight),andthroughinformalinteractionsanddiscussionsbetweenourdirectorsandourseniormanagement. Inparticular,thecommitteesofourboardfocusonoverseeingthefollowingrisks: AuditCommittee OperationalRisk: • InternalFraud • ExternalFraud • Employment Practices& WorkplaceSafety • Clients,Products& BusinessPractices • NaturalDisasters& PublicSafety Strategic / BusinessRisk: ModelRisk • Regulatory • FinancialReporting Risk • ProductDistribution • ExpenseRisk Strategic / BusinessRisk: Credit and CounterpartyRisk MarketRisk LiquidityRisk InsuranceRisk Strategic / BusinessRisk: • Compensationand BenefitsRisk • TalentRisk Strategic / BusinessRisk: • Environmentaland SocialRisk OperationalRisk: • Execution,Delivery& Process Management (encompasses Outsourcing/3rd party vendor risk) • Technology& Infrastructure Management (includes ITRisk) • InformationRisk • Ratings OperationalRisk: • Issueswithmaterial effecton capital plan Compensation andBenefits Committee Finance Committee Nominatingand Governance Committee Technology, Innovationand Operations Committee VoyaBoard: Strategic/BusinessRisks (GlobalEconomy,Emerging Risk,ProductPricing, Investor Risk,SuitabilityRisk)andany otherasappropriate Inadditiontotheabove,theboard,throughtheNominatingandGovernanceCommitteeandthe CompensationandBenefitsCommittee,overseessuccessionplanningofourCEOandotherseniormanagement members. TheboardreceivesregularreportsfromthemanagementriskcommitteeoftheCompanyandthe Company’sChiefRiskOfficerontheCompany’songoingadherencetotheboard’srisk-relatedpoliciesandthe statusoftheCompany’sriskmanagementprograms. BOARDOPERATIONS Ourdirectorsareactivelyengagedinsideandoutsideofboardmeetings. ActivelyEngagedBoardandOutstandingAttendance 9 B OARD M EETINGS IN 2017 34 S TANDING C OMMITTEE M EETINGSIN 2017 25 E XECUTIVE S ESSIONS IN 2017 >50 M EETINGSOF L EAD D IRECTOR AND C OMMITTEE C HAIRPERSONS O UTSIDEOF B OARD M EETINGS Nodirectorsattendedfewerthan75%oftheaggregatenumberofmeetingsoftheboardandoftheboard committeesonwhichthedirectorservedduring2017,thethresholdfordisclosureunderSECrules.In2017,our directorsattended98%ofthecombinedtotalmeetingsofthefullBoardandCommitteesonwhichtheyserved. Inaddition,weencourageourdirectorstoattendeachofourannualmeetingsandin2017,allofourdirectors attendedtheAnnualMeetingofStockholders. -11-