Applying Governance Codes
Governance codes contain guidelines around best practice in governance. Adherence to and reporting against a code of governance provides stakeholders with a mechanism to determine how the organisation is complying with these guidelines, offering them assurance. In this month’s blog, I’ll be talking about how we can determine how well a company’s corporate governance compares, not only to their own code of governance but also against best practice and discussing some of the aspects of the wider picture of reporting against a code.
Let’s revisit what a governance code is.
What is a governance code?
In undertaking my work, I have found that there can be different interpretations of what constitutes a governance code and have therefore included some descriptions from various sectors below to focus our understanding of what I am trying to describe:
“… a set of principles of good corporate governance…” UK Corporate Governance Code
“…a practical tool to help charities and trustees develop high standards of governance.”Charity Governance Code
“The UK Corporate Governance Code (formerly known as the Combined Code) sets out standards of good practice for listed companies on board composition and development, remuneration, shareholder relations, accountability and audit.” ICAEW on the UK Corporate Governance Code
“…reinforces the notion that good corporate governance is a holistic and interrelated set of arrangements to be understood and implemented in an integrated manner.” PwC South Africa on King IV
“…providing a framework to help them not only meet legal requirements but to promote long term success in this vital sector. Recognising this, the Wates Principles encourage these companies to adopt a set of key behaviours to secure trust and confidence among stakeholders and benefit the economy and society in general.” FRC on Wates Principles
“…sets out best practice principles and processes to help NHS foundation trust boards of directors.” NHS Improvement on NHS Foundation Trust Code of Governance
“…sets out the levels of transparency, accountability and financial integrity that will be required…” UK Sporton A Code for Sports Governance
While many codes have similar principles relating to leadership, board effectiveness, stakeholder interaction, accountability, remuneration, transparency etc., one of the emerging differences is in how the body that issue the code want to see compliance demonstrated.
How do we gain assurance?
You may remember or be familiar with the failure of Enron in 2001 which led to the introduction of the Sarbanes-Oxley Act in 2002, a bill which details the responsibilities of a public corporation’s board and the criminal penalties for certain instances of misconduct. This introduced a rules based approach for these organisations in the USA to gain assurance and led to openness and transparency for stakeholders.
To get that same assurance and be open and transparent with stakeholders here in the UK and in other regions such as the Middle East and South Africa, the approach to compliance is either ‘comply or explain’ or ‘apply and/or explain.’ Understanding how this works is part of understanding how to apply a governance code but also will help you to process how your organisation should comply and report in order to avoid negative consequences.
While in the USA, the consequences are more obvious because there are legal implications, here in the UK where we mostly have a comply and explain or apply and/or explain approach, which is not based on a legal or statutory framework, the consequences can be less obvious. However, where organisations and companies have had failures or similar issues and where there can be some kind of causal link identified to corporate governance failure, some of the clear consequences include:
- Reputational damage – think Sports Direct;
- Falling share prices – think Gerald Ratner and the Ratner Group;
- Loss of life – think Victoria Climbé and Mid-Staffs NHS Trust;
- Impact of the livelihood of employees – think BHS pensions.
Different approaches
So, let’s examine some of the differences between the principles of comply or explain and apply and/or explain and the impact the application of these principles can have on governance. Firstly though, it is important to understand that no matter which approach is taken, compliance, application or explanation is linked to the provisions of the code and not the principles. For example, the UK Corporate Governance Code last revised in 2018, has eighteen principles across its 5 sections. However, it is the forty-one provisions that companies who are required to comply with this code have to demonstrate compliance against.
An article written by Board Agenda outlines that the introduction of the comply or explain principle which was: “… introduced in 1992, has been widely admired and imitated, but it’s not without its critics.” The article goes on to state that: “The comply-or-explain system is premised on the inflexibility of a “one-size-fits-all” approach and introduces some flexibility for companies. Companies not complying with corporate governance code provisions are required to provide explanations.”
Whilst the lack of rigidity of the comply or explain approach ensures that organisations of all sizes are still able to be guided by a code of governance and not be restricted to reporting against provisions with which they may never be able to demonstrate compliance, criticism of the approach includes doubts that compliance can be secured when it is almost voluntary.
Elsewhere, other codes of governance have moved away from the comply or explain approach to methods that require more detailed responses to code compliance such as the Malaysian Code on Corporate Governance (2017). The approach taken by the Securities Commission of Malaysia who issued the code is comprehend, apply and report (CARE). A 2017 article about the publication of the code by ACCA outlines that:
“… companies have to set out the processes involved in practising good corporate governance, including providing fair and meaningful explanation of how the company has applied the practices laid out in the code. Under the MCCG 2017, it’s no longer sufficient for companies to merely explain the reasons for non-compliance; they will also have to provide alternative steps or actions that have been taken if the requirements have not been adhered to.”
The Charity Governance Code published in 2017 requires charities to apply or explain and states that:
“A charity should explain the approach it takes to applying the Code, so it is transparent to anyone interested in its work. We call this approach ‘apply or explain’. All trustees are encouraged to meet the principles and outcomes of the Code by either applying the recommended practice or explaining what they have done instead or why they have not applied it. We have not used the phrase ‘comply or explain’, which is used by some other governance Codes, because meeting all the recommended practice in this Code is not a regulatory requirement.”
Despite one of the criticisms of the comply or explain approach being the dependence on organisations to report their compliance because of the voluntary nature of it, research by Grant Thornton demonstrates how well companies are actually complying. Their last index published in October 2018 states that 95% of FTSE companies reported that they meet all but one or two provisions and 72% say they are fully compliant with the code, an improvement on the 66% reported to have done the same in 2017. While this demonstrates good progress, the report outlines that only 27% of companies give good insight into how the principles are being applied. One of the assertions of this blog is that there needs to be improvements in this area across all sectors.
Reporting compliance against the code of governance for your sector within a robust and evidence based manner is important. Whether the code you are required to comply with has a comply or explain, comply and explain, apply and explain, apply or explain or CARE approach, demonstrating to stakeholders and regulators how well you comply will rely on how rigorous this reporting is.
The challenge
The King IV Report on Corporate Governance for South Africa (2016) moved from an apply or explain basis to apply andexplain given that: “The principles are basic and fundamental to good governance and application thereof is therefore assumed.” What this should lead us to reflect on is whether or not code compliance and level of insight given to compliance should be anything other than an assumed part of our pursuit of good governance.
Whether your sector requires any of the approaches outlined in this blog, what is important is that we apply the fundamental principles of best practice to help to change, improve or make better the way we do corporate governance in our companies.
Is there an answer?
My newly developed product – The Governance Framework©, has created a process for organisations to clearly demonstrate how they are applying the main principles and provisions of their governance code. Part of the methodology takes the principles of codes from a number of sectors, some of which are included in this blog and integrates them into the twelve solid principles that underpin The Governance Framework© which encapsulates global best practice.
In our opinion, every organisation should not only demonstrate how they apply these principles but also provide evidence and full, satisfactory explanations as to how they have done so. Any diagnostic process that is used to assess this should take into account how the organisation can demonstrate that applying good governance principles provides added value and that this introduces a holistic and integrated approach to governance throughout the organisation.
Where there are circumstances where an organisation does comply with a provision but there are some actions that need to be carried out to ensure governance systems and processes are robust, the traditional comply or explain approach may be over simplistic. Through The Governance Framework©, it is my supposition that an organisation should be able to demonstrate levels of partial compliance. I believe that doing this promotes transparency and allows those who use the information to gain a true understanding of how well governed the organisation is.
Until next time…