Staying on top of corporate governance

Tony DowdingSeptember 14, 2023

Quality management with QA (assurance), QC (control) and improvement. Standardization and certification concept. Compliance to regulations and standards. Concept with manager or auditor. — Credit: Shutterstock/NicoElNino

There has been a big focus in recent times on the environment element of ESG, and increasingly on the social element. But what about the ‘G’? In many ways, governance also covers the other elements of ESG, but it is generally concerned with internal controls, good practice, ethical behaviours, accountability and oversight.

Mike Lea, partner, head of management liability at Lockton, says that in order to facilitate and demonstrate a company’s compliance with the legislation and regulation that governs their industry sector and geographical location, the company will need to have in place a set of internal controls, procedures, committees, handbooks, training courses and reporting lines.

“These are designed to promote best practice throughout the company and to limit the company’s and the board’s exposure to investigation, enforcement, litigation and even criminal prosecution. Collectively these efforts are known as corporate governance, which forms the third component of ESG,” he points out.

He goes on: “It is not possible to change a company’s position on, say, climate change or diversity and inclusion without establishing goals and a strategy to reach them. The rigour which underpins the company’s ability to measure compliance with existing regulations and performance against stated goals, and to ensure the accuracy of its public disclosures, is provided by heightened governance.”

And he notes that the company’s governance framework needs to be reviewed regularly in order to take into account changes in the regulatory and legislative landscape.

Naomi Grossman, learning and content manager at compliance eLearning and software provider, VinciWorks, says that with such a big emphasis and focus on climate risk (‘E’) and social factors (‘S’), it is easy for governance issues to be downplayed. She explains that governance covers corporate policies, stakeholder rights and responsibilities, managing the corporation and measuring its success. It involves board composition, pay, ethics, tax transparency, bribery and corruption, audit committee structure, donations and whistleblowing.

“With good governance, a company can build public faith and confidence in its organisation, attract good employees and appeal to investors,” she says. “Poor governance has real consequences. Think of the Uber scandal that involved multiple accusations of sexual harassment and questions over its ruthless approach to expansion and ‘bro’ culture – which proved to be the biggest scandal and led to the resignation of CEO Travis Kalanick in June 2017.” She adds that the claims affected the company’s share prices, which were traded privately at the time.

Governance risks

So what exactly are the main governance risks? Clearly, a company’s duty to comply with regulation and legislation can depend on its size, industry sector and the countries where it operates. But Lea says there are some universal governance ideals, which include but are not limited to:

Accurate financial disclosure in accordance with applicable accounting practices such as GAAP or IFRS;
Compliance with laws and regulation governing the company’s business;
Consideration of the impact of the environment, the wellbeing of employees, and the communities in which the company operates;
Acting in the interest of the company and its shareholders and upholding the reputation of the company;
And managing conflicts of interest where they may arise.

Grossman says governance risk involves organisational leadership and decision making that involves outside stakeholders and considers the environmental and social impact of the decisions made by those leaders. She says there are risks related to the company’s ethical and legal management and the transparency and accuracy of company performance.

“Investors might want to know that a company’s accounting records are accurate, complete and transparent, business practices are ethical, policies encourage stakeholder engagement and that the board of directors are accountable, diverse and independent,” she explains. “Gender diversity and gender equity represent another high-profile governance factor, with many institutional shareholders demanding better representation of women and minorities on corporate boards and in the executive ranks, equal compensation, and access to career promotion for women.”

Boards of directors are clearly responsible for the governance of their companies. “But successful governance means that all employees understand company values, such as the importance of safeguarding sensitive information and protecting confidential data. By following best practices in governance, organisations can create and maintain effective internal control processes to detect potential frauds before they occur,” says Grossman.

On the other hand, regulations notwithstanding, accountability becomes increasingly complex without good governance and transparency is virtually non-existent, she says. “Poor governance practices can create an environment of distrust among those involved and limit their willingness to collaborate or provide feedback, hindering innovation and growth.”

In terms of the role for corporate risk managers in managing governance risk, Lockton’s Lea says risk managers are able to utilise tools such as risk register to assess the likelihood and the impact of an event that could negatively impact the company and its reputation.

Through quantifying, mitigating and transferring some of these risk to external insurers, risk managers are also establishing best practice in the company. For example, through the collation of incidents and accidents for health and safety reporting, the risk manager will be able to identify trends and either make recommendations internally or from insurers and their surveyors or risk engineers,” he says.

Risk managers can also promote awareness and training around areas of risk where the company is seeking improvement. Lea says that handbooks to remind employees of their duties and common failings, or an employee code of conduct, are often instrumental in engaging the employees in improving the governance at the company, he says, adding that risk managers are a link to the insurance market and can therefore seek insurers’ and peer companies’ input on how best to improve in managing governance risk.

Corruption and bribery

One important area of corporate governance risk is mitigating the risk of corruption, bribery and unethical board behaviour. Lockton’s Lea says the most commonly used tools to mitigate this risk include rigorous checks and sign-offs, so that all behaviour is required to be supervised and, where heightened exposure exists, approved beforehand. He adds that companies may also want to consider an audit of operating divisions to ensure they have appropriate internal controls and procedures to govern their operations.

VinciWorks’ Grossman says that having clear, written policies, procedures and protocols in place helps ensure that all employees understand what is expected of them, especially regarding financial reporting and compliance. “This can prevent fraudulent or corrupt activities from occurring in the first place by clearly outlining roles, creating vigilant oversight and eliminating opportunities for abuse. It also helps detect any suspicious or irregular activity before it becomes a real problem,” she says.

As for reporting, there are many EU directives and regulations including the Non-Financial Reporting Directive, the Sustainable Finance Disclosure Regulation and the EU Taxonomy Regulation Article 8 Delegated Act. But Grossman says the adoption of the Corporate Sustainability Reporting Directive (CSRD) will likely bring significant reporting changes in governance.

She explains that the detailed reporting requirements under CSRD are laid down in several standards referred to as European Union Sustainability Reporting Standards (ESRS), which are expected to be adopted at different speeds. “The ESRS standards will specify the data to be reported by the companies to determine good corporate governance, which will include the management’s tasks concerning corporate sustainability, business ethics and culture, as well as the company’s control and risk management in relation to sustainability risks,” she says.

Tony DowdingSeptember 14, 2023

Staying on top of corporate governance

Read Next

Diversity equity and inclusion: bridging the perception/reality gap

Collaboration, as always, is the key to achieving sustainability

Healthcare and flexible/hybrid working most valued benefits

Marsh McLennan achieves ‘Autism Confidence’ status

Lazio region ordered to reverse destruction of protected lake

Diversity equity and inclusion: bridging the perception/reality gap

Collaboration, as always, is the key to achieving sustainability

Healthcare and flexible/hybrid working most valued benefits

Marsh McLennan achieves ‘Autism Confidence’ status

Lazio region ordered to reverse destruction of protected lake

Read Next

Diversity equity and inclusion: bridging the perception/reality gap

Collaboration, as always, is the key to achieving sustainability

Healthcare and flexible/hybrid working most valued benefits

Marsh McLennan achieves ‘Autism Confidence’ status

Lazio region ordered to reverse destruction of protected lake

Related Articles