$
USD
Total Economic Impact
Cost Savings And Business Benefits Enabled By Nasdaq’s Compliance Questionnaires
A FORRESTER TOTAL ECONOMIC IMPACT STUDY COMMISSIONED BY NASDAQ, JULY 2025
Total Economic Impact
A FORRESTER TOTAL ECONOMIC IMPACT STUDY COMMISSIONED BY NASDAQ, JULY 2025
Meeting regulatory requirements is essential to preserve customer trust, prevent legal or regulatory penalties, and support overall financial health.1 Organizations seek technology to modernize and automate their compliance processes to create efficiencies and minimize regulatory compliance related risks.
Nasdaq’s compliance questionnaires offer corporate secretaries, general counsel, directors, and executive officers a customizable digital interface to manage and complete compliance questionnaires and board evaluations. This data-driven solution, which is supported on Nasdaq’s questionnaires platform, can simplify an organization’s compliance efforts, streamline risk management, and improve both administrator and respondent efficiency. Examples include questionnaires specifically for directors and officers (D&O) and questionnaires that cover topics like conflict of interest, fitness for purpose, and related parties.
Nasdaq commissioned Forrester Consulting to conduct a Total Economic Impact™ (TEI) study and examine the potential return on investment (ROI) enterprises may realize by deploying Nasdaq’s compliance questionnaires.2 The purpose of this study is to provide readers with a framework to evaluate the potential financial impact of Nasdaq’s compliance questionnaires on their organizations.
To better understand the benefits, costs, and risks associated with this investment, Forrester interviewed five decision-makers with experience using Nasdaq’s compliance questionnaires. For the purposes of this study, Forrester aggregated the experiences of the interviewees and combined the results into a single composite organization, which is a global, publicly traded organization with $2 billion revenue, five governance team members, and 15 executive officers and board members.
Interviewees said that prior to using Nasdaq’s compliance questionnaires, their organizations struggled to manage their questionnaire workflows efficiently. Their manual distribution, collection and review processes burdened governance teams with redundant administrative tasks, and these paper- and email-based processes also led to longer completion times for respondents and heightened both data privacy and regulatory compliance risks.
After the investment in Nasdaq’s compliance questionnaires, the interviewees’ organizations gained efficiencies in their questionnaire workflows, reduced the likelihood of data breaches containing sensitive executive and company information, and reduced the risk of Securities and Exchange Commission (SEC) penalties and fines or other regulatory infractions. Interviewees also stressed the importance of realizing efficiency gains for questionnaire respondents — which improved the ability to predict legal costs throughout the year — and having access to prompt customer support.
Quantified benefits. Three-year, risk-adjusted present value (PV) quantified benefits for the composite organization include:
Questionnaires workflow efficiency. The composite organization distributes two questionnaires annually: the D&O questionnaire and conflict of interest questionnaire. With Nasdaq’s compliance questionnaires, the governance team saves 50% of its time on distribution, collection, and analysis workflows by Year 3. Additionally, the organization saves 30% of its costs on outside counsel as it streamlines these processes and relies less on their services. This is worth $14,000 to the composite over three years.
Data breach risk reduction. The composite improves its data privacy practices by transitioning from paper- and email-based methods to Nasdaq’s secure platform, which improves its data retention policies and decreases its risk of a data breach by 40%. This is worth $132,000 to the composite over three years.
Regulatory compliance risk reduction. With Nasdaq’s compliance questionnaires, the composite decreases the volume of incomplete or inaccurate questionnaire responses. This reduces the risk of incurring regulatory penalties or infractions by 50% and is worth $99,000 to the composite over three years.
Unquantified benefits. Benefits that provide value for the composite organization but are not quantified for this study include:
Respondent efficiency gains. Interviewees said Nasdaq’s technology is easy to use and navigate. At the composite, all users (e.g., directors, executive officers, employees) save time when populating and submitting their questionnaires.
Prompt customer support. Interviewees also said Nasdaq’s support team is prompt and knowledgeable when responding to administrative and compliance-related questions.
Costs. Three-year, risk-adjusted PV costs for the composite organization include:
Nasdaq’s D&O questionnaire fees. The composite pays $4,000 in initial implementation fees and $14,000 annually to Nasdaq for this questionnaire. This annual fee includes distribution to up to 20 respondents. Over three years, this costs the composite $41,000.
Nasdaq’s conflict of interest questionnaire fees. The composite pays $2,000 in initial implementation fees and $10,000 annually to Nasdaq. This annual fee includes distribution of up to 20 respondents. Over three years, this costs the composite, $28,000.
Implementation and ongoing management. The composite’s governance team spends two weeks on initial implementation to create and refine the Nasdaq questionnaires and train administrative users. Each year, the composite spends one week performing administrative tasks within the solution (e.g., adding new respondents, resetting passwords). Over three years, this costs the composite $11,000.
The financial analysis that is based on the interviews found that a composite organization experiences benefits of $246,000 over three years versus costs of $80,000, adding up to a net present value (NPV) of $166,000 and an ROI of 208%.
Return on investment (ROI)
Benefits PV
Net present value (NPV)
Payback
| Role | Industry | Publicly listed? | Details | Questionnaire types |
|---|---|---|---|---|
| Chief legal and administrative officer | Manufacturing | Yes |
HQ: US Employees: 7,000 Revenue: $1.7B |
D&O |
| CFO | Healthcare | Yes |
HQ: US Employees: 1,900 Revenue: $2B |
D&O |
| General counsel | Manufacturing | Yes |
HQ: US Employees: 750 Revenue: $550M |
D&O |
| Finance director | Technology | No |
HQ: US Employees: 1,000 Revenue: $150M |
D&O, conflict of interest |
| Operational strategy lead | Insurance | Yes |
HQ: Europe Employees: 7,000 Revenue: $1.7B |
D&O |
Each interviewee said that prior to implementing Nasdaq’s compliance questionnaires, their organizations conducted their questionnaire workflows through time-consuming paper-based processes and email distribution. Each organization distributed a D&O questionnaire, and one also distributed a conflict of interest questionnaire. These workflows led to redundant administrative tasks for both governance teams and questionnaire respondents, created data privacy concerns, and heightened the organization’s risk of incurring regulatory compliance fines. Interviewees noted how their organizations struggled with common challenges, including:
Time-consuming questionnaire workflows. Interviewees explained that once questionnaires would be distributed, their organizations’ governance teams spent an abundance of time chasing down respondents and constantly following up via email or phone to collect answers. This redundant work created frustration. The CFO at a healthcare organization said: “I just got completely sick of having to chase everyone down for responses. Some of the board members asked, ‘Can’t you just fill it out for me, and I’ll sign?’ This prompted me to find a way to digitize and save my team time.”
Heightened risk of incurring regulatory compliance fines. Interviewees explained that respondents’ incomplete and inaccurate answers in questionnaires created concern around regulatory compliance, requiring governance teams and outside counsel to dedicate additional time to review cycles. The general counsel at a manufacturing organization said: “Part of what motivated the transition from our paper questionnaire was the desire to get complete and accurate answers. Frankly, some of the answers just were incorrect previously.”
Data privacy concerns. Interviewees explained that the questionnaires contained sensitive information around the individual respondents and their personal lives, as well as the organizations overall. They said their processes based on paper and email raised data privacy concerns and necessitated a solution with secure privacy controls. The finance director at a technology organization said: “A lot of that sensitive info sat in email inboxes and through shared links. Without using a platform, you have more risk around breaching privacy and a weaker information security posture.”
The interviewees searched for a solution that could:
Create an automated, structured, and repeatable questionnaire workflow.
Ensure data privacy.
Provide an intuitive experience for respondents.
Meet scalability needs.
Support IPO readiness preparations and financing events.
After conducting requests for proposal and business case processes evaluating multiple vendors, the interviewees’ organization chose Nasdaq’s compliance questionnaires and began deployment. Interviewees mentioned the following reasons for choosing Nasdaq:
The chief legal and administrative officer at a manufacturing organization said: “The need for efficiency and security drove the implementation. There is sensitive information in the D&O questionnaires. The Nasdaq solution was more cost-effective than the other solutions we evaluated.”
The general counsel at a manufacturing organization said: “Our prior process was very, very manual. [There was] a lot of back and forth and a lot of follow-up. Part of the advantage of investing in this solution is the tracking to understand when respondents have opened the questionnaire and if they are working on answers in a timely fashion. This feature was appealing. Nasdaq also had the ability to compare our questionnaire across a spectrum of questionnaires as well [as those] from other peer companies. The process of refining the questionnaire can always be improved.”
The finance director at a technology organization said: “With Nasdaq, it’s time-stamped, it’s version controlled, it’s secure, and there are evidence ready logs that are tailored for different groups, like outside counsel versus investors. As we approach an IPO, I was exploring the opportunities to automate and centralize governance disclosures.”
Based on the interviews, Forrester constructed a TEI framework, a composite company, and an ROI analysis that illustrates the areas financially affected. The composite organization is representative of the interviewees’ organizations, and it is used to present the aggregate financial analysis in the next section. The composite organization has the following characteristics:
Description of composite. The composite is a publicly listed organization with global operations and $2 billion revenue. It has five governance team members and 15 executive officers and board members.
Deployment characteristics. The composite distributes its D&O questionnaire and conflict of interest questionnaire through Nasdaq’s software. During initial implementation, the composite integrates its compliance questionnaire software with Nasdaq Boardvantage. The organization creates its questionnaire using the template provided by Nasdaq and makes annual updates to the questionnaire as needed.
$2 billion revenue
Global operations
20 respondents per questionnaire
| Ref. | Benefit | Year 1 | Year 2 | Year 3 | Total | Present Value |
|---|---|---|---|---|---|---|
| Atr | Questionnaires workflow efficiency | $4,741 | $5,821 | $6,876 | $17,438 | $14,286 |
| Btr | Data breach risk reduction | $53,200 | $53,200 | $53,200 | $159,600 | $132,301 |
| Ctr | Regulatory compliance risk reduction | $40,000 | $40,000 | $40,000 | $120,000 | $99,474 |
| Total benefits (risk-adjusted) | $97,941 | $99,021 | $100,076 | $297,038 | $246,061 |
Evidence and data. Interviewees explained that their organizations’ governance teams were responsible for distributing questionnaires, collecting responses, and analyzing results. Three interviewees said their organization worked with outside counsel to verify the completeness of results and ensure regulatory compliance, and they described the workflows as time-intensive and redundant. But interviewees explained that using Nasdaq’s compliance questionnaires led to time savings and the ability to create standardized and repeatable workflows. They also specifically noted efficiencies created through the following features: automatic distribution and reminders, flagging answers, version control, preloaded templates, smart form logic, informed guidance, and role-based permissions. They said Nasdaq’s law firm partners develop questionnaire templates as part of its offering.
The CFO at a healthcare organization said: “From an analog to technology perspective, there’s a ton of time savings. Before, it was a process of herding board members. With the digital format, I get more information on where respondents were in the process and can send out informed reminders as we approach the deadline. That’s a tremendous value add.”
The finance director at technology organization said: “With the Nasdaq-enabled workflows, all the form templates are preloaded. You can automatically distribute to all the different stakeholders. We now have real-time tracking and submissions, and it’s all time-stamped and version-controlled. We’re probably saving around 20 to 30 hours per cycle, and we may have two cycles per year.”
The same interviewee said: “There’s [the benefit of] having more of an efficient legal team. Outside counsel spends tasks reviewing conflict of interest forms to validate completeness. There’s a lot of post-submission review to interpret red flags or diligence prep. Nasdaq drives time savings by standardizing the templates, which minimizes redrafting, building, and validating. It also creates efficiencies during the post-hoc reconciliation work with version control, timestamps, and dashboards.”
The finance director at a technology organization said: “Outside counsel by nature tends to be spiky throughout the year. This solution makes costs more predictable as it helps to offset a fair amount of large, recurring of burdens placed on our legal and operations teams.”
Modeling and assumptions. For the financial analysis as applied to the composite organization, Forrester assumes:
The composite distributes two questionnaires annually.
In the prior environment, it took the organization 45 hours to distribute, collect, and analyze responses for each questionnaire.
With Nasdaq’s compliance questionnaires, the governance team saves 40% workflow efficiency in Year 1, 45% efficiency in Year 2, and 50% efficiency in Year 3.
The annual fully burdened hourly salary for a governance professional is $115,000. The hourly rate is $55.
Only 50% of the recaptured work is spent on productive activities.
In the prior environment, outside counsel dedicated 40 hours annually to questionnaire review.
With Nasdaq’s compliance questionnaires, the composite’s governance team saves 20% workflow efficiency in Year 1, 25% efficiency in Year 2, and 30% efficiency in Year 3 on its workflows.
The hourly cost of outside counsel is $500.
Risks. The value of this benefit may vary among organizations depending on:
The number of questionnaires distributed.
The extent to which the organization previously distributed questionnaires manually.
The extent to which outside counsel engages with questionnaires.
The salaries for governance team members.
Results. To account for these risks, Forrester adjusted this benefit downward by 5%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $14,000.
Efficiency gain for questionnaire workflows by Year 3
| Ref. | Metric | Source | Year 1 | Year 2 | Year 3 | |
|---|---|---|---|---|---|---|
| A1 | Questionnaires | Composite | 2 | 2 | 2 | |
| A2 | Time required to distribute, collect, and analyze each questionnaire in prior environment (hours) | Interviews | 45 | 45 | 45 | |
| A3 | Efficiency gain with Nasdaq’s compliance questionnaires | Interviews | 40% | 45% | 50% | |
| A4 | Time saved (hours) | A1*A2*A3 | 36 | 41 | 45 | |
| A5 | Burdened salary for a governance team member | Composite | $55 | $55 | $55 | |
| A6 | Productivity recapture | TEI methodology | 50% | 50% | 50% | |
| A7 | Subtotal: Governance team efficiency | A4*A5*A6 | $990 | $1,128 | $1,238 | |
| A8 | Outside counsel time contracted in prior environment (hours) | Interviews | 40 | 40 | 40 | |
| A9 | Efficiency gain with Nasdaq’s compliance questionnaires | Interviews | 20% | 25% | 30% | |
| A10 | Hourly cost of outside counsel | Interviews | $500 | $500 | $500 | |
| A11 | Subtotal: Outside counsel cost savings | A8*A9*A10 | $4,000 | $5,000 | $6,000 | |
| At | Questionnaires workflow efficiency | A7+A11 | $4,990 | $6,128 | $7,238 | |
| Risk adjustment | ↓5% | |||||
| Atr | Questionnaires workflow efficiency (risk-adjusted) | $4,741 | $5,821 | $6,876 | ||
| Three-year total: $17,438 | Three-year present value: $14,286 | |||||
Evidence and data. Interviewees reported that their organizations previously relied on non-encrypted, email-based workflows and generally had weak data retention policies for file storage. They said these manual processes heightened the risk of bad actors intercepting sensitive personal and company information stored within their organizations’ questionnaires, but that Nasdaq’s compliance questionnaires reduced this risk. One of the interviewees said their organization also integrated with Nasdaq Boardvantage, which allows SSO to add another layer of data security.
The finance director at a technology organization said: “There are always security [concerns] around file storage. None of our email attachments are encrypted either. There are weak retention policies. With Nasdaq’s [compliance questionnaires, you can address] some of those risks like SSO integration where only authorized users can access and submit forms. On role-based access, only the right people see the right forms. All the edits are logged from an audit standpoint. It supports all of our infosec (information security) and privacy team compliance, which goes along with broader GRC (governance, risk, and compliance) goals. We’ve avoided accidental disclosure of sensitive data that could put us in violation. We work with a lot of partners that care about GDPR and CCPA.”
The CFO at a healthcare organization said, “With the technology in place, the risk of accidentally leaving behind papers on a printer, for example, reduces the accidental disclosure of information.”
Modeling and assumptions. For the financial analysis as applied to the composite organization, Forrester assumes:
The cumulative cost of a breach for the composite is $3,207,000.3
There is a 64% likelihood the composite experiences one or more breach.4
Eighty-one percent of the attacks originate from external attacks targeting the composite, external attacks targeting remote environments, or an internal incident.5
Ten percent of these attacks are related to loss of physical assets, stolen credentials, or phishing for privileged accounts.
With Compliance Questionnaires, the composite has a 40% reduced risk of exposure to breach costs.
Risks. The value of this benefit may vary among organizations depending on:
The organization’s security posture.
The organization’s maturity as it relates to questionnaire distribution.
Results. To account for these risks, Forrester adjusted this benefit downward by 20%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $132,000.
Reduced risk of exposure to breach costs
| Ref. | Metric | Source | Year 1 | Year 2 | Year 3 | |
|---|---|---|---|---|---|---|
| B1 | Cumulative cost of breaches | Forrester research | $3,207,000 | $3,207,000 | $3,207,000 | |
| B2 | Likelihood of experiencing one or more breach | Forrester research | 64% | 64% | 64% | |
| B3 | Percent of breaches originating from external attacks targeting organizations, external attacks targeting remote environments, and internal incidents | Forrester research | 81% | 81% | 81% | |
| B4 | Percent of attacks related to loss of physical assets or stolen credentials or phishing for privileged accounts | Composite | 10% | 10% | 10% | |
| B5 | Risk exposure addressable by Nasdaq’s compliance questionnaires | B1*B2*B3*B4 | $166,251 | $166,251 | $166,251 | |
| B6 | Reduced risk of exposure to breach costs with Nasdaq’s compliance questionnaires | Interviews | 40% | 40% | 40% | |
| Bt | Data breach risk reduction | B5*B6 | $66,500 | $66,500 | $66,500 | |
| Risk adjustment | ↓20% | |||||
| Btr | Data breach risk reduction (risk-adjusted) | $53,200 | $53,200 | $53,200 | ||
| Three-year total: $159,600 | Three-year present value: $132,301 | |||||
Evidence and data. Aside from data privacy risk reduction, interviewees also described how transitioning to Nasdaq’s compliance questionnaires reduced the risk of incurring regulatory compliance fines as it relates to disclosure requirements. Interviewees shared that the questionnaires were completed and evaluated in advance of their annual proxy statement that is filed with the SEC. They explained that with time stamps, evidence-ready logs, and the requirement that all questions must be answered, the likelihood of incomplete or inaccurate answers across their organizations decreased.
The CFO at a healthcare organization said: “The offering from Nasdaq is great because it ensures that we aren’t missing anything from Nasdaq requirements. It provides a big upgrade by ensuring completeness of the files and documentation. It definitely eliminated the risk of missing a question or completely skipping over it. The system does not let you move forward or submit if a question is still open.”
The operational strategy lead at an insurance organization said: “From the regulatory side, board-level sign-off for filings or responses is streamlined. [This allows you] to not miss your regulatory deadlines and save any risk of delayed filings.”
The finance director at a technology organization said: “It reduces our legal exposure from any sort of like undocumented conflict of interest or outdated D&O filings. The escalation logic automatically flags some of the more high-risk responses. … It basically prevents governance breakdowns that could get flagged during fundraising or investor scrutiny in general, or as we kind of do our diligence process toward an IPO (initial public offering).”
Modeling and assumptions. For the financial analysis as applied to the composite organization, Forrester assumes:
The cost of regulatory fines is $1 million.
The likelihood of incurring a regulatory fine in the prior environment was 10%.
The risk of incurring a regulatory fine is reduced by 50% with Nasdaq’s compliance questionnaires.
Risks. The value of this benefit may vary among organizations depending on:
Past fines.
Existing regulatory compliance practices.
Results. To account for these risks, Forrester adjusted this benefit downward by 20%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $99,000.
Reduced risk of incurring a regulatory compliance fine
| Ref. | Metric | Source | Year 1 | Year 2 | Year 3 | |
|---|---|---|---|---|---|---|
| C1 | Cost of regulatory fines | Composite | $1,000,000 | $1,000,000 | $1,000,000 | |
| C2 | Likelihood of incurring a regulatory fine in prior environment | Interviews | 10% | 10% | 10% | |
| C3 | Risk reduction with Nasdaq’s compliance questionnaires | Interviews | 50% | 50% | 50% | |
| Ct | Regulatory compliance risk reduction | C1*C2*C3 | $50,000 | $50,000 | $50,000 | |
| Risk adjustment | ↓20% | |||||
| Ctr | Regulatory compliance risk reduction (risk-adjusted) | $40,000 | $40,000 | $40,000 | ||
| Three-year total: $120,000 | Three-year present value: $99,474 | |||||
Interviewees mentioned the following additional benefits that their organizations experienced but were not able to quantify:
Respondent efficiency gains. Interviewees said much like governance teams, directors and officers also gain efficiencies when responding to their annual questionnaires by using the digital form. The chief legal and administrative officer at a manufacturing organization estimated respondents saved up to a 50% of time once they’re adjusted to the digital format. They said, “Respondents appreciate having an easy place for access, pre-filled forms, and the security of not emailing sensitive information that could get lost.”
The finance director at a technology organization said: “The executives fill out both the D&O and the conflict of interest disclosures. They’re probably saving about half an hour per questionnaire as the forms are a lot more streamlined and consolidated.”
Prompt customer support. Interviewees said Nasdaq’s support team is prompt in answering platform-related questions. The chief legal and administrative officer at a manufacturing organization said: “[Nasdaq’s] support team is super knowledgeable about the platform and prompt. I cannot recall a time where we did not get our question answered.”
The value of flexibility is unique to each customer. There are multiple scenarios in which a customer might implement Nasdaq’s compliance questionnaires and later realize additional uses and business opportunities, including:
Scaling questionnaires to additional user groups. Interviewees shared anticipation about using Nasdaq’s compliance questionnaires to facilitate additional use cases across their organizations, not just for D&O and conflict of interest. The CFO at a healthcare organization said: “The main evolution in our healthcare compliance team starting to use this technology was the ability to manage a lot more users. As I recall, this basic questionnaire had to go to every employee to confirm HIPAA information was not accidentally shared. This evolution was going from 13 respondents to 500. It’s a system, so scaling is pretty easy.”
Flexibility would also be quantified when evaluated as part of a specific project (described in more detail in Total Economic Impact Approach).
| Ref. | Cost | Initial | Year 1 | Year 2 | Year 3 | Total | Present Value |
|---|---|---|---|---|---|---|---|
| Dtr | Nasdaq D&O questionnaire fees | $4,200 | $14,700 | $14,700 | $14,700 | $48,300 | $40,757 |
| Etr | Nasdaq conflict of interest questionnaire fees | $2,100 | $10,500 | $10,500 | $10,500 | $33,600 | $28,212 |
| Ftr | Implementation and ongoing management | $4,866 | $2,433 | $2,433 | $2,433 | $12,165 | $10,917 |
| Total costs (risk-adjusted) | $11,166 | $27,633 | $27,633 | $27,633 | $94,065 | $79,886 |
Evidence and data. Interviewees explained that pricing for Nasdaq D&O questionnaires depends on the number of respondents. Pricing may vary. Contact Nasdaq for additional details.
Modeling and assumptions. For the financial analysis as applied to the composite organization, Forrester assumes:
The composite pays $4,000 to Nasdaq for initial implementation costs.
The composite has up to 20 D&O questionnaire respondents.
The composite pays an annual fee of $14,000.
Risks. The value of this cost may vary among organizations depending on the number of respondents.
Results. To account for these risks, Forrester adjusted this cost upward by 5%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $41,000.
| Ref. | Metric | Source | Initial | Year 1 | Year 2 | Year 3 |
|---|---|---|---|---|---|---|
| D1 | Nasdaq D&O questionnaire fees | Nasdaq | $4,000 | $14,000 | $14,000 | $14,000 |
| Dt | Nasdaq D&O questionnaire fees | D1 | $4,000 | $14,000 | $14,000 | $14,000 |
| Risk adjustment | ↑5% | |||||
| Dtr | Nasdaq D&O questionnaire fees (risk-adjusted) | $4,200 | $14,700 | $14,700 | $14,700 | |
| Three-year total: $48,300 | Three-year present value: $40,757 | |||||
Evidence and data. Interviewees explained that pricing for Nasdaq conflict of interest questionnaires depend on the number of questionnaire respondents. Pricing may vary. Contact Nasdaq for additional details.
Modeling and assumptions. For the financial analysis as applied to the composite organization, Forrester assumes:
The composite pays $2,000 to Nasdaq for initial implementation costs.
The composite has up to 20 conflict of interest questionnaire respondents.
The composite pays an annual fee of $10,000.
Risks. The value of this cost may vary among organizations depending on the number of questionnaire respondents.
Results. To account for these risks, Forrester adjusted this cost upward by 5%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $28,000.
| Ref. | Metric | Source | Initial | Year 1 | Year 2 | Year 3 |
|---|---|---|---|---|---|---|
| E1 | Nasdaq conflict of interest questionnaire fees | Nasdaq | $2,000 | $10,000 | $10,000 | $10,000 |
| Et | Nasdaq conflict of interest questionnaire fees | E1 | $2,000 | $10,000 | $10,000 | $10,000 |
| Risk adjustment | ↑5% | |||||
| Etr | Nasdaq Conflict of Interest Questionnaire fees (risk-adjusted) | $2,100 | $10,500 | $10,500 | $10,500 | |
| Three-year total: $33,600 | Three-year present value: $28,212 | |||||
Evidence and data. Interviewees said the implementation process included creating and refining their organization’s questionnaires and training both the administrative users and respondents. Some of the organizations used a Nasdaq-provided template and others uploaded their own existing questionnaire templates into Nasdaq’s compliance questionnaires. This involved various levels of effort and commitment from mixed teams of legal, business operations, and IT staff. Interviewees described ongoing management as a light lift and said it includes activities like adding new respondents or resetting passwords as needed.
The chief legal and administrative officer at a manufacturing organization said: “We expect that the D&O questionnaire is largely static unless there are some new regulatory or compliance requirements. We generally don’t expect that it’s really going to change materially at all from year to year.”
The CFO at a healthcare organization said: “From our perspective, it was well-built and intuitive. There wasn’t really a whole lot we had to reach out for around troubleshooting. I viewed it as a pretty high-quality system with low maintenance.”
The finance director at a technology organization said: “During questionnaires implementation, you’re doing a lot of project management, configuration, and training. Post-implementation, we have periodic check-ins to coordinate on items like software upgrades. There’s technical support available, too.”
Modeling and assumptions. For the financial analysis as applied to the composite organization, Forrester assumes:
The composite’s initial implementation takes 2 weeks to complete.
The governance team dedicates 1 week annually to ongoing management of Nasdaq questionnaires.
The fully burdened annual salary for a governance professional is $115,000. The weekly salary is $2,212.
Risks. The value of this cost may vary among organizations depending on:
Annual salaries.
The amount of user training needed.
Types of configurations and customizations required (including integration with Nasdaq Boardvantage).
Results. To account for these risks, Forrester adjusted this cost upward by 5%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $11,000.
| Ref. | Metric | Source | Initial | Year 1 | Year 2 | Year 3 |
|---|---|---|---|---|---|---|
| F1 | Implementation time (weeks) | Interviews | 2 | 0 | 0 | 0 |
| F2 | Ongoing management time (weeks) | Interviews | 0 | 1 | 1 | 1 |
| F3 | Burdened weekly salary for a governance professional | Composite | $2,212 | $2,212 | $2,212 | $2,212 |
| Ft | Implementation and ongoing management | (F1*F3) + (F2*F3) | $4,424 | $2,212 | $2,212 | $2,212 |
| Risk adjustment | ↑10% | |||||
| Ftr | Implementation and ongoing management (risk-adjusted) | $4,866 | $2,433 | $2,433 | $2,433 | |
| Three-year total: $12,165 | Three-year present value: $10,917 | |||||
| Initial | Year 1 | Year 2 | Year 3 | Total | Present Value | |
|---|---|---|---|---|---|---|
| Total costs | ($11,166) | ($27,633) | ($27,633) | ($27,633) | ($94,066) | ($79,886) |
| Total benefits | $0 | $97,941 | $99,021 | $100,076 | $297,038 | $246,061 |
| Net benefits | ($11,166) | $70,308 | $71,388 | $72,443 | $202,973 | $166,175 |
| ROI | 208% | |||||
| Payback | <6 months |
The financial results calculated in the Benefits and Costs sections can be used to determine the ROI, NPV, and payback period for the composite organization’s investment. Forrester assumes a yearly discount rate of 10% for this analysis.
These risk-adjusted ROI, NPV, and payback period values are determined by applying risk-adjustment factors to the unadjusted results in each Benefit and Cost section.
The initial investment column contains costs incurred at “time 0” or at the beginning of Year 1 that are not discounted. All other cash flows are discounted using the discount rate at the end of the year. PV calculations are calculated for each total cost and benefit estimate. NPV calculations in the summary tables are the sum of the initial investment and the discounted cash flows in each year. Sums and present value calculations of the Total Benefits, Total Costs, and Cash Flow tables may not exactly add up, as some rounding may occur.
From the information provided in the interviews, Forrester constructed a Total Economic Impact™ framework for those organizations considering an investment in Nasdaq’s compliance questionnaires.
The objective of the framework is to identify the cost, benefit, flexibility, and risk factors that affect the investment decision. Forrester took a multistep approach to evaluate the impact that Nasdaq’s compliance questionnaires can have on an organization.
Interviewed Nasdaq stakeholders and Forrester analysts to gather data relative to Nasdaq’s compliance questionnaires.
Interviewed five decision-makers at organizations using Nasdaq’s compliance questionnaires to obtain data about costs, benefits, and risks.
Designed a composite organization based on characteristics of the interviewees’ organizations.
Constructed a financial model representative of the interviews using the TEI methodology and risk-adjusted the financial model based on issues and concerns of the interviewees.
Employed four fundamental elements of TEI in modeling the investment impact: benefits, costs, flexibility, and risks. Given the increasing sophistication of ROI analyses related to IT investments, Forrester’s TEI methodology provides a complete picture of the total economic impact of purchase decisions. Please see Appendix A for additional information on the TEI methodology.
Benefits represent the value the solution delivers to the business. The TEI methodology places equal weight on the measure of benefits and costs, allowing for a full examination of the solution’s effect on the entire organization.
Costs comprise all expenses necessary to deliver the proposed value, or benefits, of the solution. The methodology captures implementation and ongoing costs associated with the solution.
Flexibility represents the strategic value that can be obtained for some future additional investment building on top of the initial investment already made. The ability to capture that benefit has a PV that can be estimated.
Risks measure the uncertainty of benefit and cost estimates given: 1) the likelihood that estimates will meet original projections and 2) the likelihood that estimates will be tracked over time. TEI risk factors are based on “triangular distribution.”
The present or current value of (discounted) cost and benefit estimates given at an interest rate (the discount rate). The PV of costs and benefits feed into the total NPV of cash flows.
The present or current value of (discounted) future net cash flows given an interest rate (the discount rate). A positive project NPV normally indicates that the investment should be made unless other projects have higher NPVs.
A project’s expected return in percentage terms. ROI is calculated by dividing net benefits (benefits less costs) by costs.
The interest rate used in cash flow analysis to take into account the time value of money. Organizations typically use discount rates between 8% and 16%.
The breakeven point for an investment. This is the point in time at which net benefits (benefits minus costs) equal initial investment or cost.
Total Economic Impact is a methodology developed by Forrester Research that enhances a company’s technology decision-making processes and assists solution providers in communicating their value proposition to clients. The TEI methodology helps companies demonstrate, justify, and realize the tangible value of business and technology initiatives to both senior management and other key stakeholders.
Related Forrester Research
Lessons Learned From New SEC Disclosure Requirements for CISOs, Forrester
Research, Inc., September 27, 2024.
Influence And Engage Executives, Forrester Research, Inc., June 22, 2023.
1 Source: Top Insurance Business And Tech Priorities, 2025, Forrester Research, Inc., March 04, 2025.
2 Total Economic Impact is a methodology developed by Forrester Research that enhances a company’s technology decision-making processes and assists solution providers in communicating their value proposition to clients. The TEI methodology helps companies demonstrate, justify, and realize the tangible value of business and technology initiatives to both senior management and other key stakeholders.
3 This percentage is based on the regression analysis of the reported total cumulative costs of all breaches experienced by surveyed security decision-makers’ organizations in the previous 12 months. Forrester used the composite organization’s revenue as the input for the regression formula. Source: Forrester’s Security Survey, 2024. Base: 1,660 global security decision-makers whose organization experienced a breach in the previous 12 months.
4 This percentage is based on regression analysis of the likelihood of experiencing one or more breaches using the frequency that surveyed decision-makers’ organizations experienced breaches in the previous 12 months. Forrester used the composite organization’s revenue is used as the input for the regression formula. Source: Forrester’s Security Survey, 2024. Base: 2,769 global security decision-makers.
5 This percentage is based on the number of breaches by primary attack vector for breaches, as reported by surveyed security decision-makers whose organization experienced at least one breach in the previous 12 months. Source: Forrester’s Security Survey, 2024. Base: 1,542 global security decision-makers whose organization experienced a breach in the previous 12 months.
Readers should be aware of the following:
This study is commissioned by Nasdaq and delivered by Forrester Consulting. It is not meant to be used as a competitive analysis.
Forrester makes no assumptions as to the potential ROI that other organizations will receive. Forrester strongly advises that readers use their own estimates within the framework provided in the study to determine the appropriateness of an investment in Nasdaq’s compliance questionnaires.
Nasdaq reviewed and provided feedback to Forrester, but Forrester maintains editorial control over the study and its findings and does not accept changes to the study that contradict Forrester’s findings or obscure the meaning of the study.
Nasdaq provided the customer names for the interviews but did not participate in the interviews.
Sarah Lervold
Maria Kulikova
July 2025
ABOUT FORRESTER CONSULTING
Forrester provides independent and objective research-based consulting to help leaders deliver key transformation outcomes. Fueled by our customer-obsessed research, Forrester’s seasoned consultants partner with leaders to execute on their priorities using a unique engagement model that tailors to diverse needs and ensures lasting impact. For more information, visit forrester.com/consulting.
© Forrester Research, Inc. All rights reserved. Unauthorized reproduction is strictly prohibited. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change. Forrester®, Technographics®, Forrester Wave, and Total Economic Impact are trademarks of Forrester Research, Inc. All other trademarks are the property of their respective companies.
https://mainstayadvisor.com/go/mainstay/gdpr/policy.html
PDF