For WorldatWork Members
- Total Rewards Inventory of Programs & Practices, research
- Compensation Committee Toolkit, tool
- Exploring Executive Compensation Decision Making, Journal of Total Rewards article
For Everyone
- What’s Topping Compensation Committee Agendas in 2025? Workspan Daily article
- ‘Say on Pay’ Data Points to Strong Support for Exec Comp Plans, Workspan Daily article
- Essentials of Executive Compensation, course
- Understanding Executive Compensation & Governance — A Practical Guide, Fourth Edition, book
The December shooting of UnitedHealthcare CEO Brian Thompson raised the alarm among businesses about offering security for their executives.
There’s “no doubt” executive security is currently more top-of-mind than ever for these entities, said Matt Doherty, the managing director of workforce risk management at Sikich and a former U.S. Secret Service special agent in charge of the National Threat Assessment Center. Sikich offers workforce risk management, cybersecurity and other services to organizations.
One factor that adds complexity to the conversation: When is executive security considered a perk — and how does that classification affect total rewards?
Business Necessity or Perk
When businesses establish executive protection measures, they need to determine what security services, if any, would qualify as a perquisite, or perk.
Many measures put in place to protect executives are simply considered part of an organization’s overall mandate to protect its employees, said Ani Huang, the CEO of the HR Policy Association’s Center on Executive Compensation.
On a broader level, that may include building security measures that protect all employees as well as customers, such as badge access and “do-not-admit” lists of terminated employees. At the executive level, protection measures such as in-office panic alarms, secured board meetings and personal protection at mandatory business events also generally would fall under needed business expenses.
However, some security measures — generally those that extend outside of the office or business events, such as home security or personal use of a corporate aircraft — are considered perks.
Experts suggest being mindful of two factors related to executive security services that are classified as perks:
- They are treated as imputed income, meaning the executive receiving the services is taxed on their value.
- The business is required to disclose details about the perks in the proxy statement the organization files with the U.S. Securities and Exchange Commission (SEC) if the perk is valued at more than $10,000 and is provided to a named executive officer (NEO). NEOs generally include the CEO, CFO and several other of an organization’s highest-paid executives.
The imputed income taxation requirement for the executive can be avoided if the organization either establishes an extensive 24-hour-coverage, “overall security program” for executives, or enlists an independent, third-party security study to assess risk for executives and recommend security measures.
However, Huang noted, even if that step is completed so that an executive is not taxed on measures such as personal residence security or use of corporate transportation for personal travel, those types of security measures still require the SEC disclosure, which falls under investor and shareholder scrutiny — particularly for high-cost services such as air travel.
“Our view is that the SEC should reconsider this requirement so that companies can focus on protecting their investments, as they do with any other asset,” Huang said.
Prevalence of Executive Security
Among chief human resources officers (CHROs) recently surveyed by the HR Policy Association, 73% said their organizations provide specific security arrangements for their executives or senior leaders.
Executive security measures classified specifically as perks are less common; according to the most recent Goldman Sachs Ayco Executive Benefits Survey:
- 23% of participating companies offer home security to CEOs and 9% offer it to senior executives.
- 17% offer personal security to CEOs and 4% offer it to senior executives.
- Between 8% and 12% offer cybersecurity protection to CEOs, senior executives and other executives.
Personal use of a corporate aircraft (whether or not it is offered as a security measure) is the most prevalent executive perk by far, with 48% of organizations offering it to CEOs and 22% offering it to senior executives, the Ayco survey found.
Most organizations (68%) surveyed by the HR Policy Association offer security measures for all C-suite executives, including the CEO, while 51% provide security for board members.
CHRO is another executive position that often receives personalized security arrangements, Doherty said.
Security arrangements for executives are determined based on individual circumstances rather than applied across the board, Huang said. Events, geographical climate and risk assessments for each individual play into the security level applied to each executive, as well as their individual roles within the organization.
Types of Executive Security
Executive security may include:
- Security provided during personal or business travel
- Personal use of a secure corporate aircraft or vehicle
- Physical security, such as bodyguards
- Cybersecurity, such as secured devices or personal data protection
- Residential security, such as surveillance or alarm systems
- Crisis management support, such as kidnap, ransom and extortion insurance or evacuation planning
Security assessments also can extend to executives’ family members, although that’s not as common. It’s generally provided on a case-by-case basis stemming from individualized threat assessments, with cybersecurity measures for family members being more common than physical security arrangements, according to the HR Policy Association survey.
“[Executive security concerns] are exacerbated by the public’s constant access to these individuals through the internet, social media and traditional media,” Doherty said. “The individual’s habits, home address and family members can be known with the click of a button.”
The Role of Total Rewards
The decision to provide executive security generally involves collaboration between not only an organization’s compensation function but its physical security, cybersecurity, legal, communications and public relations, and human resources departments, Huang said.
One of the main roles that total rewards plays is accounting for the nuances between security measures that are classified as business expenses and those that are treated as perks, said Sue Holloway, a compensation content director at WorldatWork.
“A rewards professional is accountable for managing whatever the policy is,” Holloway said. “If home security is offered as an executive perk, compensation professionals need to make sure records are accurate, and imputed income and taxes for the executive are administered. They need to determine what perks need to be disclosed in proxy statements and make sure they’re disclosed correctly.”
Total rewards pros also need to pay attention when circumstances shift, causing a security measure that previously was classified as a perk for tax purposes to be considered and accounted for as a business expense instead, Holloway noted.
Where to Start
For businesses looking to create or strengthen an executive security program, seeking out a third-party security firm to perform an assessment is a good place to start, Doherty said. Doing so not only helps identify individual risk levels but also helps determine what measures can qualify as a business expense rather than a perk.
To meet the Internal Revenue Service qualifications for listing security as a nontaxable business necessity, organizations need to follow the third-party recommendations to the letter — but those recommendations aren’t always extreme, Doherty said.
Beyond specific executive security measures, there are lower-cost security initiatives that organizations can — and should — explore, Doherty noted, including digital footprint assessments and workplace violence prevention programs or enhanced security awareness training.
Organizations also can explore workplace safety and security standards from the Occupational Safety and Health Administration (OSHA); the Society for Human Resource Management (SHRM), which also offers executive-specific guidelines; and ASIS International.
Third-party security assessments also should be periodically re-conducted, Doherty said.
“Just because there’s no direct threat on your executive doesn’t mean there aren’t individuals that pose a threat,” he said. “Very rarely does somebody direct their threats to the target — the executive — or law enforcement. If they really want to carry out an attack, they’re not going to announce it in advance. We’ve seen that over and over again: ‘Oh, the person didn’t make a threat; therefore, we don’t need to provide protection.’ That’s a grave mistake with tragic consequences.”
Editor’s Note: Additional Content
For more information and resources related to this article, see the pages below, which offer quick access to all WorldatWork content on these topics:
