Corporate governance
The meaning of corporate governance
A company is governed by its directors on behalf of the shareholders. Arguably, the directors also govern on behalf of other ‘stakeholders’ in the company, such as its employees. Corporate governance is the system by which a company is directed and controlled.
In many countries, rules or guidelines on ‘best practice’ in corporate governance have been developed. These are either applied on a voluntary basis or imposed by law.
An important aspect of corporate governance is the relationship between the owners of a company (its equity shareholders) and its governors (the board of directors). The strength of the relationship between owners and governors depends largely on the quality of the communication between them. The most important method of communication is the annual financial statements and accompanying reports (the ‘report and accounts’).
To promote good corporate governance, the financial statements should be reliable. This means that the directors should present reliable and relevant information in the financial statements, and those financial statements should be subject to independent audit to provide assurance to the shareholders.
In many countries, rules or guidelines on ‘best practice’ in corporate governance have been developed. These are either applied on a voluntary basis or imposed by law.
An important aspect of corporate governance is the relationship between the owners of a company (its equity shareholders) and its governors (the board of directors). The strength of the relationship between owners and governors depends largely on the quality of the communication between them. The most important method of communication is the annual financial statements and accompanying reports (the ‘report and accounts’).
To promote good corporate governance, the financial statements should be reliable. This means that the directors should present reliable and relevant information in the financial statements, and those financial statements should be subject to independent audit to provide assurance to the shareholders.
The responsibility of directors for the management of risks
Another issue in corporate governance is the management of risks. Companies face many different risks, but most risks can be divided into two categories:
- Business risks or ‘enterprise risks’. These are the risks associated with investing in products and services, and competing in markets.
- Governance risks. These are the risks that errors (deliberate or accidental) may occur due to weaknesses in existing ‘internal’ controls. For example, there may be excessive risks that financial transactions will be recorded incorrectly in the accounting system, or there may be an unacceptable risk that fraud could occur and remain undetected. There may be risks of failure to comply with regulations or laws. There may also be risks of operational errors in day-to-day operating activities, due to human error, machine breakdowns or poor supervision by management.
In the UK, internal controls are divided into three categories for the purpose of corporate governance:
- financial controls
- compliance controls (to ensure compliance with laws and regulations) operational controls.
- controls that safeguard the assets of the company
- controls that ensure that adequate accounting records are maintained
- controls over the preparation and delivery of the annual financial statements.
The main issues in corporate governance
Corporate governance has attracted a large amount of attention in recent years, although measures to promote good corporate governance vary substantially between different countries.The initial demand for better corporate governance occurred as a result of several ‘corporate scandals’, with major companies either collapsing or coming close to collapse. In the UK, several corporate failures in the 1980s (such as Maxwell Communications Corporation and Polly Peck International) were subsequently blamed on poor governance. In the US, corporate governance legislation was introduced in 2002 following the spectacular collapse of Enron and WorldCom, and other corporate scandals. There have also been major cases in Continental Europe, such as Ahold (the Netherlands) and Parmalat (Italy). Still more recently the collapse of several commercial and investment banks, notably Lehman Brothers in the US in 2008, raised questions about the adequacy of corporate governance, particularly risk management, in banks.
There are several key issues in corporate governance, although their perceived importance varies between different countries:
- There should be an effective board of directors. The directors should be independent-minded and should collectively have a wide range of skills, knowledge and experience. The board of directors should not be under the control or influence of an ‘all-powerful’ chairman and/or chief executive officer, who is able to dictate the board’s decisions.
- The board of directors should have clearly-defined responsibilities that it must not delegate, and it should carry out these responsibilities properly.
- The directors should govern the company in the best interests of its shareholders (and possibly also other stakeholders); they should not run the company in their own self-interest.
- The financial statements of the company should be reliable. (In many cases of corporate collapse, the financial statements were proved to have been misleading and unreliable.)
- Risks should be controlled, and the directors should provide assurance to the shareholders about the systems of controls and risk management.
- The remuneration of directors should be fair. Directors should not fix their own remuneration, and their remuneration package should provide them with incentives to achieve the objectives of the company that are in the best interests of the shareholders. Directors should not be rewarded for failure.
- There should be active, open and constructive dialogue between the company’s directors and its shareholders, in particular its major shareholders.
As far as audit and assurance are concerned, the main relevant aspects of corporate governance are items (4) and (5) above.
The role of the auditor in corporate governance
The external auditor
The external auditor is part of the corporate governance system.
- He provides an independent check on the integrity of the financial information prepared by the directors for the use of shareholders and other stakeholders
- He may have a responsibility for forming an opinion on the extent to which the directors have complied with specific corporate governance regulations (accepted voluntarily or imposed on them by law).
In order to fulfil these roles, the external auditor will examine the company’s systems and controls. However, he is not responsible for those systems or controls. Responsibility remains with the directors and executive management.
The external auditor is also required by ISA 260 Communication of audit matters to those charged with governance to provide management periodically with observations arising from the audit that are significant and relevant to management’s responsibility to oversee the financial reporting process. These observations might include:
The external auditor is also required by ISA 260 Communication of audit matters to those charged with governance to provide management periodically with observations arising from the audit that are significant and relevant to management’s responsibility to oversee the financial reporting process. These observations might include:
- weaknesses in internal control found by the auditor, or
- accounting policies adopted by the entity which the auditor considers inappropriate.
In addition, all good corporate governance systems have procedures and arrangements designed to maintain the independence of the external auditor. For example:
- the external auditor may be required to report to an audit committee, as well as to work with the chief executive officer and finance director
- the nature and extent of non-audit services provided by the audit firm may be kept under review, to make sure that the auditor:
management for fee income, and
− is not in danger of becoming too familiar with the company’s management
and systems of operation
- suitable procedures may be established for the discussion of contentious issues where the auditors and the finance director/chief executive officer have strong differences of opinion.
The internal auditor
Senior management is responsible for putting in place a system of internal controls that will prevent or detect errors and fraud. An internal audit function may be used by management as a means of monitoring these systems of internal control.
An internal audit function can therefore be used to obtain assurance that the system of internal controls is adequate and that it is functioning properly.
Companies are not required by law to have an internal audit function. However, in the UK, listed companies are required to set up an audit committee which is required each year to:
An internal audit function can therefore be used to obtain assurance that the system of internal controls is adequate and that it is functioning properly.
Companies are not required by law to have an internal audit function. However, in the UK, listed companies are required to set up an audit committee which is required each year to:
- monitor and review the effectiveness of internal audit activities, or
- where there is no internal audit function, to consider the need for an internal audit function and make a recommendation to the board. (The reasons for not having an internal audit function should also be explained in the annual report and accounts.)
Other companies and entities may also choose to have an internal audit function, because of the assurance it should provide about the adequacy of internal controls.
Systems of corporate governance
A voluntary or statutory approach
Many countries now have minimum corporate governance requirements. Typically, they are imposed only on listed companies, although smaller companies are also encouraged to comply. (Listed companies are companies whose shares are officially ‘listed’ by the financial markets regulator and traded on a major stock market.) In addition, some public sector organisations are also showing an increased emphasis on corporate governance matters.
In many countries, corporate governance guidelines are based on a voluntary code of practice rather than statutory regulation.
This is largely the case in the UK, where the Combined Code on Corporate Governance is applied to listed companies. Although this Code does not have any statutory force, the Listing Rules of the Financial Services Authority Stock Exchange require listed companies to comply with every aspect of the Code or to explain their reasons for any non-compliance. This is known as ‘comply or explain’. There are also some statutory requirements relating to corporate governance in the UK, such as the statutory requirement for an annual audit and a requirement for an annual ‘directors’ remuneration report’ on which the shareholders must be invited to vote.
A statutory approach to the regulation of corporate governance has been taken in the United States, in the form of the Sarbanes-Oxley Act (2002). This was introduced primarily as a result of the corporate failures in 2001 and 2002, including Enron and WorldCom. (One of the requirements of the Sarbanes-Oxley Act is for the chief executive and chief financial officer of each stock market corporation to submit an annual report to the Securities and Exchange Commission about the adequacy of their internal control system. This report must be supported by a formal statement from the external auditors.)
The detailed provisions of corporate governance regulations vary from country to country. The examiner has made it clear that you are not required to have a detailed knowledge of the regulations in any particular country. However, you should be aware of general principles underlying the regulation and application of best practice in corporate governance.
In many countries, corporate governance guidelines are based on a voluntary code of practice rather than statutory regulation.
This is largely the case in the UK, where the Combined Code on Corporate Governance is applied to listed companies. Although this Code does not have any statutory force, the Listing Rules of the Financial Services Authority Stock Exchange require listed companies to comply with every aspect of the Code or to explain their reasons for any non-compliance. This is known as ‘comply or explain’. There are also some statutory requirements relating to corporate governance in the UK, such as the statutory requirement for an annual audit and a requirement for an annual ‘directors’ remuneration report’ on which the shareholders must be invited to vote.
A statutory approach to the regulation of corporate governance has been taken in the United States, in the form of the Sarbanes-Oxley Act (2002). This was introduced primarily as a result of the corporate failures in 2001 and 2002, including Enron and WorldCom. (One of the requirements of the Sarbanes-Oxley Act is for the chief executive and chief financial officer of each stock market corporation to submit an annual report to the Securities and Exchange Commission about the adequacy of their internal control system. This report must be supported by a formal statement from the external auditors.)
The detailed provisions of corporate governance regulations vary from country to country. The examiner has made it clear that you are not required to have a detailed knowledge of the regulations in any particular country. However, you should be aware of general principles underlying the regulation and application of best practice in corporate governance.
General principles of corporate governance
The five principles set out below were developed by the Organisation for Economic Co-operation and Development (OECD). They are intended to provide a general model of a good corporate governance system.
The OECD Principles state that a corporate governance framework should achieve the following objectives:
The OECD Principles state that a corporate governance framework should achieve the following objectives:
- Protect shareholders’ rights, such as voting rights and the right to transfer ownership in shares.
- Ensure the equitable treatment of all shareholders, including minority and foreign shareholders. All shareholders should have the opportunity to obtain effective redress for any violation of their rights.
- Recognise the rights of stakeholders as established by law and encourage active co-operation between corporations and stakeholders in creating wealth, jobs, and the sustainability of financially secure enterprises.
- Ensure that timely and accurate disclosure is made on all material matters regarding the corporation, including the financial situation, performance, ownership, and governance of the company.
- Ensure the strategic guidance of the company, the effective monitoring of management by the board, and the board’s accountability to the company and the shareholders. This includes ensuring:
− the integrity of the corporation’s accounting and financial reporting
systems, including the independent audit
− that appropriate systems of control are in place, in particular, systems for
monitoring risk, financial control, and compliance with the law.
Items (4) and (5) above have the greatest relevance to audit and assurance.
systems, including the independent audit
− that appropriate systems of control are in place, in particular, systems for
monitoring risk, financial control, and compliance with the law.
Items (4) and (5) above have the greatest relevance to audit and assurance.
Example of a corporate governance system
Although, as stated above, you are not required to have a detailed knowledge of the regulations in any particular country, it is useful to see how the above principles are reflected in a specific corporate governance system. The main principles of the UK’s Combined Code are therefore set out below by way of an example of a current corporate governance system. The principles have been expanded upon where they are of particular relevance to external auditors.
Directors
- Every company should be headed by an effective board, which is collectively responsible for the success of the company
- There should be a clear division of responsibilities between the running of the board (the chairman) and the running of the company’s business (the chief executive)
- The board should include a balance of executive and non-executive directors.
- There should be a formal procedure for appointing new directors to the board.
- The board should be provided with timely information to enable it to discharge its duties.
- The board should undertake a formal annual evaluation of its own performance and that of its committees and individual directors.
- All directors should be submitted for re-election at regular intervals, subject to continued satisfactory performance.
Remuneration
- Levels of remuneration should be sufficient to attract, retain and motivate directors, but should not be more than is necessary.
- There should be a formal procedure for fixing directors’ remuneration. No director should be involved in deciding their own remuneration.
Accountability and audit
- The board should present a balanced assessment of the company’s position and prospects.
- The board should maintain a sound system of internal control to safeguard the company’s assets.
- The board should maintain an appropriate relationship with the company’s auditors.
Relations with shareholders
- There should be a dialogue with shareholders based on the mutual understanding of objectives.
- The board should use the AGM to communicate with investors and encourage their participation.
Example
Mrs Smith is both Chief Executive Officer (CEO) and Chairman of your client. The board of directors consist of five executive and two non‐executive directors. Board salaries are set by Mrs Smith based on her assessment of all the board members, including herself, and not their actual performance .Required
Explain why your client does not meet international codes of corporate governance, why this may cause a problem for the company, and recommend changes.Answer
Chief Executive Officer (CEO) and Chairman
Why codes are not met: Mrs Smith is both CEO and Chairman of the company. Good principles of corporate governance state that the person responsible for running the company (the CEO) and the person responsible for controlling the board (the chairman) should be different people.Why a problem: This is to ensure that no one individual has unrestricted powers of decision.
Recommendation: That Mrs Smith is either the CEO or the Chairman and that a second individual is appointed to the other post to ensure that Mrs Smith does not have too much power.
Composition of board
Why codes are not met: The current board ratio of executive to non‐executive directors is 5:2.
Why a problem: This means that the executive directors can dominate the
board proceedings. Corporate governance codes suggest that there should be a balance of executive and non‐executive directors so this cannot happen.
Recommendation: That the number of executive and non‐executive directors is equal to help ensure no one group dominates the board. This will mean appointing more non‐executive directors.
Why a problem: This means that the executive directors can dominate the
board proceedings. Corporate governance codes suggest that there should be a balance of executive and non‐executive directors so this cannot happen.
Recommendation: That the number of executive and non‐executive directors is equal to help ensure no one group dominates the board. This will mean appointing more non‐executive directors.
Board remuneration
Why codes are not met: Board remuneration is set by Mrs Smith.
Why a problem: This process breaches principles of good governance because the remuneration structure is not transparent and Mrs Smith sets her own pay. Mrs Smith could easily be setting remuneration levels based on her own judgements without any objective criteria. Remuneration should also be linked to performance, to encourage a high standard of work.
Recommendation: That a remuneration committee is established comprising three non‐executive directors. This committee would set remuneration levels for the board, taking into account current salary levels and the performance of board members.
Why a problem: This process breaches principles of good governance because the remuneration structure is not transparent and Mrs Smith sets her own pay. Mrs Smith could easily be setting remuneration levels based on her own judgements without any objective criteria. Remuneration should also be linked to performance, to encourage a high standard of work.
Recommendation: That a remuneration committee is established comprising three non‐executive directors. This committee would set remuneration levels for the board, taking into account current salary levels and the performance of board members.
The use of audit committees
An audit committee is a sub-committee of the board of directors. The role of the audit committee is to carry out some delegated functions in connection with the external audit and internal audit, and to report and make recommendations to the main board of directors.
The requirement for an audit committee varies between countries. In the European Union, all listed companies are required to establish an audit committee.
In the UK’s Combined Code, these arrangements are fulfilled by establishing an audit committee consisting entirely of independent non-executive directors. The audit committee provides a counter-balance to the working relationship between the external auditors and the executive management of the company.
By having a requirement for the external auditor to have certain dealings with the audit committee, it should be possible to:
- reduce the dependence of the auditors on the executive management (in particular the chief executive officer and finance director)
- monitor the independence of the auditors
- provide assurance to the board that the auditors are performing their tasks to a suitable standard.
Functions of an audit committee
The functions of an audit committee may include the following tasks and responsibilities:
- To monitor the integrity of the financial statements, and to review any significant financial reporting judgements that have been used in the preparation of the statements.
- To review the adequacy of the company’s internal financial controls, and possibly also its other internal controls (compliance controls and operational controls).
- To monitor the effectiveness of the internal audit function in the company.
- To make recommendations to the board about the appointment, re-appointment or removal of the external auditors, for submission to a vote by the shareholders.
- To approve the remuneration and terms of engagement of the external auditors.
- To monitor the independence and objectivity of the external auditors and the effectiveness of the audit process.
- To review and implement a policy on the employment of the external auditors to provide non-audit services to the company, so that the policy maintains the objectivity and independence of the auditors in their audit work.
The audit committee does not remove the need for the executive management to work directly with the external auditors. However, it provides an important extra channel of communication with the external auditors, to ensure that they fulfil their responsibilities properly.
Benefits and disadvantages of an audit committee
The existence of an audit committee should:
- increase user confidence in the credibility of financial information published by the company
- assist directors in meeting their responsibilities
- strengthen the independence of the external auditors by providing a point of liaison for them
- lead to better communication between the external auditors and the board of directors.
However, there are disadvantages, such as:
- the additional cost (and time) involved in having an audit committee
- the creation of a ‘two-tier’ board of directors: those directors closely involved in the preparation of the financial statements and the annual audit, and those who are not involved
- fear amongst executive directors that the aim of the audit committee is to ‘catch them out’
- placing an excessive burden on those non-executive directors who are members of the audit committee.
No comments:
Post a Comment