New York Common files its first cyber risk shareholder proposal

The $209bn New York State Common Retirement Fund filed its first shareholder proposal dealing with cybersecurity, calling on Express Scripts to publicly detail its cyber risk and security efforts.

While the proposal failed to gain the support of a majority of shareholders, the state pension system said that cyber risks will be an increasing concern for shareholders in the future.

“A significant number of shareholders spoke loudly at Express Scripts’ annual meeting supporting our call for the company to publicly detail its cyber risk and actions taken to ensure cyber security,” DiNapoli said in a statement. “Cyber security is one of the most critical issues facing businesses today and breaches can affect millions of people, but Express Scripts has provided shareholders with little reassurance or information on
what actions it has taken to mitigate cyber risk in its operations. Company executives should reassure investors that they have taken solid steps to mitigate the risk of a computer breach.”

The New York fund, which holds a $130m stake in the pharmacy benefits management company, requested that the Express Scripts board annually review and publicly report on its cyber risk, including risks related to outsourced business functions, a description of material cyber incidents, risks related to undetected cyber intrusions, and a description of relevant insurance coverage. The company disclosed in 2008 that a data breach affected the personal and medical information of more than 700,000 customers, and State Comptroller Thomas DiNapoli filed the shareholder proposal shortly after the Equifax data breach exposed the personal information of as many as 145 million Americans.

This is the first time the fund filed a shareholder proposal exclusively dealing with cyber security, spokesman Mark Johnson said. Express Scripts had sought to prevent DiNapoli’s proposal from going to a shareholders’ vote, but the Securities and Exchange Commission rejected the company’s request in March, according to the Comptroller’s Office.

Read the full story: New York Common files its first cyber risk shareholder proposal

Published by Money Management Report/Pageant Media.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s