We believe effective corporate governance is a cornerstone of our business decision-making and is a material contributor to the creation of long-term shareholder value.

Our Board guides our strategy and has ultimate oversight responsibility for the affairs of the Company, with management having day-to-day responsibility for operations and implementation of our strategy. Of our eleven Board members, nine are independent, and every member must stand for election annually. The Board’s oversight responsibility is fulfilled either directly or through its four standing committees: Audit, Investment, Compensation, and Nominating and Governance. The charters for each of these Board committees, as well as the Corporate Governance Guidelines that detail the governance philosophy and practices of our Board, can be found on the Investors Page of our website, as can our most recent proxy statement.

As delegated by our Board, the Audit Committee provides oversight of Regency’s financial statements and disclosures, internal controls, the engagement of our external auditors, oversight of risk assessment and management relating to our cybersecurity program, and other matters that could impact the financial performance of the Company. Our management-led Cyber Risk Committee has responsibility relating to our cybersecurity program and provides reports to the Audit Committee at each of its meetings and more frequently as necessary or appropriate.

Our Investment Committee, to the extent delegated by the Board, provides oversight of Regency’s capital allocation strategy.

Our Nominating and Governance Committee provides oversight of the Company’s governance structure, together with our Corporate Responsibility program and ESG strategy and initiatives. The committee also provides oversight of risks and opportunities associated with public company governance matters, the Company’s ethics and compliance program, political spending and lobbying (which has been de minimis in recent years), health and safety, our diversity and inclusion program, as well as risks related to the environmental impacts of our centers, such as those relating to climate change.

*Board metrics are based on director nominee for 2023 election year. 

At Regency, we have lived our Core Values for 60 years by successfully meeting our commitments to our stakeholders. We hold ourselves to this high standard every day. From an Ethics and Compliance standpoint, we are guided by one of our six Core Values: “We Do What Is Right.” This means that we believe in acting with unwavering standards of honesty and integrity.

As delegated by our Board, the Nominating and Governance Committee has oversight responsibility for the Company’s corporate Ethics and Compliance program.  Management’s Executive Committee (which consists of our CEO and the other three most senior executives) has established a Compliance Committee, which is comprised of senior leaders from key areas of our business, to ensure that our ethics and compliance program, and the values underlying it, are embedded throughout the Company’s business decisions, processes, and activities. The Compliance Committee meets at least quarterly, and its Chair reports regularly to our CEO and the Board’s Nominating and Governance Committee. Updates are also provided to the Nominating and Governance Committee at its quarterly meetings.

The key policy document embodying our Core Value of “We Do What Is Right” is Regency’s Code of Business Ethics and Conduct (Code of Conduct), which reinforces our culture of honesty and integrity. Of course, the Code of Conduct requires that all directors, officers, and full and part-time employees comply with applicable laws, rules, and regulations, but as mandated by our Core Values, our Code of Conduct goes well beyond mere compliance with law and requires adherence to our higher standards. The Code of Conduct also provides specific guidance in particular areas, such as our stance against bribery and corruption, and our approach to topics such as political contributions; each of which management’s Executive Committee must approve (and which have been de minimis in recent years). In addition, our Ethics and Compliance program requires that every new employee is trained in our Code of Conduct as part of their new-hire orientation when they join the Company, and receive refresher training annually thereafter.

To supplement our Code of Conduct and transparently inform our stakeholders on key issues, we have documented our Corporate Responsibility Policies and Practices, including our:

• Human Rights Policy
• Freedom of Association Policy
• Forced Labor, Child Labor, and Modern Slavery Policy
• DEI Practices
• Health and Safety Practices
• Anti-Money Laundering Policy
• Anti-corruption
• Whistleblower Reporting
• Business Continuity and Crisis Management

Our expectations related to Ethics and Compliance are reinforced in both mandatory and discretionary online training and learning opportunities, which are periodically refreshed and reviewed to ensure the content remains relevant and appropriate.

In 2022, the following training was provided to our employees:

• Code of Business Ethics & Conduct
• Harassment Prevention, such as sexual harassment and age discrimination
  
• Cybersecurity, including advanced cybersecurity training such as spear phishing and social-engineered tricks
• EEO/Diversity
• Antitrust (tailored based on the employees’ respective roles)
• Speak Up

It is important that our employees believe we are living our Core Values every day. As such, we ask our employees every year as part of our engagement survey to rate whether our senior leadership demonstrates integrity. In 2022, Regency’s engagement score in this key area was 89%.

Regency Centers strongly encourages all employees to report any concerns or improper conduct to their manager, Human Resources, Legal, Internal Audit, or anonymously through our Regency Alert Line. Our Alert Line is an ethics hotline managed by an independent third party and is available either by phone or online 24 hours a day, seven days a week. In addition, “Speak Up” training is conducted annually to ensure our employees know the numerous reporting channels available to them. All concerns and inquiries submitted through the Regency Alert Line are provided to a group consisting of senior Human Resources, Internal Audit, and Legal personnel for evaluation and investigation, and are reported to the Nominating and Governance Committee of the Board. We make clear that there will be no retaliation of any kind against anyone reporting suspected unethical, illegal, or unsafe behavior. We have zero tolerance for retaliatory actions.

Regency is committed to minimizing the impact of an unplanned business interruption. We have established a Business Continuity Committee, comprised of a cross-functional group of senior managers, to develop and execute strategies and processes to assess our risk and recover operations, data, and full functionality in the event of an unplanned interruption. We conduct annual Business Impact Analyses, and each of our geographic locations develops a custom Business Continuity Plan to ensure recovery as soon as reasonably possible for their critical business functions. Our local teams test their respective plans to ensure they are effective and fit for purpose. These activities complement the emergency preparedness planning performed by our Operations personnel at our properties.

Through our thoughtful approach to these issues, we strive to ensure that Regency Centers can withstand unexpected events, such as a pandemic, severe weather, or an unplanned technology-driven business interruption. We do our best to operate and provide essential goods and services to our communities during uncertain times.

We strive to ensure that those third parties we work with have a similar commitment to doing what is right through our Vendor and Contractor Due Diligence Process and Principles. Our team works closely with our vendors and contractors to monitor performance and identify and address any activity that does not adhere to our high ethical standards.

Cybersecurity risks require heightened attention and prevention. We have developed a comprehensive cybersecurity governance structure and policy approach to provide oversight, management, awareness, and training in this crucial area.

At the Board level, our Audit Committee is delegated oversight authority over Regency’s cybersecurity program, with management’s Cyber Risk Committee having responsibility for the implementation of Regency’s cybersecurity programs and initiatives. The Cyber Risk Committee reports to the Audit Committee at each of its regular meetings, and more frequently if necessary or appropriate. The Cyber Risk Committee has implemented a robust Cyber Risk Management and Data Breach Preparedness Policy to address the potential for cyber incidents and how to address them.

People are the most significant risk to a company’s cybersecurity, as they are susceptible to increasingly sophisticated hackers and cyber-attacks. To address this risk and prepare our people, we ensure onboarding includes robust cyber-awareness training, ongoing regular and unscheduled phish testing to reinforce the awareness of the cyber threat landscape, and annual refresher training with advanced users undertaking specialized training. Furthermore, we engage a vendor to conduct third-party cyber due diligence and audits, to test the cyber-preparedness of the key vendors and contractors we do business with.