Oct 11, 2015
P1 BY DR. PARMINDAR SINGH
These slides are meant for students taking the
P1 subject for ACCA.
These slides are not meant for the purpose of
selling, editing and anything else whatsoever
without the permission of Dr. Parmindar Singh.
The author also does not allow these slides to be
used by other lecturers, students and any other
agents for the purpose of lecturing, tutoring and
any other forms of delivery without the authors consent.
Governance, Risk and Ethics
PAPER P1
SYLLABUS OUTLINE LESSON TOPIC (OVERVIEW)
1 Corporate governance an introduction
2 Stakeholders
3 Agency model and transaction costs
4 Ethics and morality
5 Corporate social responsibility
6 Environmental accountability
7 Profession and public interests
8 Rule-based and principle-based approach
9 Principle-based approach overall
10 Combined code on corporate governance
11 Sarbanes-Oxley Act 2002
12 Board size, structure and culture
13 Risks and risk management
14 Internal controls
15 Internal audit
Focused areas for P1
June 2014
Dear students,
These focused areas are, as the name implies just to highlight important areas for consideration in
the June 2014exams.
However, it is the responsibility of the student to cover all areas of the P1 syllabus to ensure that
they are thoroughly prepared.
1. Stakeholder distinguish stakeholders; justifying the type of stakeholders and stakeholder engagement.
2. Ethics Kohlberg, relativism and absolutism, code of ethics, ethical stances, threats (FIASS), encouraging ethical behavior, general ethics question.
3. CSR Gray, Owen and Adams (especially social ecologist, socialist and radical feminist and others), importance of CSR, social and environmental audit
pressures (TBL).
4. Environment environmental and social footprint, environmental accountability, environmental audits
5. Profession and public interest public interest, accounting as a value-laden profession.
6. Governance public-listed governance rules-based and principles-based; non public-listed governance family-based corporate governance; Governance (Combined) Code (read all and more focus on risk committee, remuneration
committee, roles of chairman, shareholders AGM, EGM, proxies); principles of good governance (FIT-PRAR-JI). Also focus on the term business model and
characteristics of good annual reports; 2-tier boards; institutional investor
intervention
7. Risks types of risks, differentiation one risk from another, risk auditing, risk correlation, risk management, risk expressions and terms (ALARP,
subjective/objective risks)
8. Internal controls internal control purposes/objecitves/aims/characteristics, internal control challenges/measures, internal control failings (based on scenario),
reasons why internal control cannot provide absolute assurance.
9. Internal audit threats (FIASS), factors to consider, internal audit scope/remit, internal auditor (recruit or promote from within).
NOTES ON PROFESSIONAL MARK
REQUIREMENTS FOR P1 1. Letter
Should have senders address details (company name, address line 1, address line 2)
Date
Letter should commence with Dear XXXX Write letter in first person, such as I, we, your board, our company etc. Conclude letter with suitable sentence, thanking the reader for their interests and
time
Use Yours faithfully where the addressee is anonymous, such as shareholders or use Yours sincerely if the addressee is named.
2. Presentation
Write your answers in first person
When writing notes for presentation write in short sentences, focus on key points.
3. Briefing notes/management reporting
Should be written in third person, the company, XYZ Ltd, the board
Well structured focused on key points.
4. Press statement
Clear short paragraphs
Written in third person
Opening paragraph delivering the key message with background information
The rest of paragraphs will give more elaboration
5. Memo
Will have heading called Memorandum Followed by: To:, From:, Date:, Subject:
Style of writing will be precise and factual
Written in first person (identifying author as I)
6. Report
Just like memo, but have a heading called Report Should have an introduction
Finish with summary or conclusion
Use of sub-headings desirable
7. Statement
Have a heading, for example, Chairmans statement at AGM Have an introduction
Use first person
Write a style that could be read out
Make sure flow is logical
Source: Condon, S. (2009), Professional marks, Student Accountant, June, pp. 86-89.
8. Speech
Have an introduction
Use first person
Write a style that could be read out
Make sure flow is logical
Have a proper ending
Analysis of past year questions
Topic Pilot
paper
Supplement
pilot paper
Dec
07
Jun
08
Dec
08
Jun
09
Dec 09 Jun
10
Dec 10 Jun
11
Dec 11 June
12
Dec 12 June 13
Corporate governance 1(a) 4(a) 2(a)
Stakeholders 4(a) 1(a)
(i),
(ii)
1(d) 1(a) 1(d, i) 4(b, c)
Agency model &
transaction costs 2(b) 3(a) 2(c),
4(c)
3(a) 1(c) 1(c) 1(d,
ii)
3(b)
Ethics & morality 3(a),
3(c)
1(a), 1(b), 1(d),
2(d)
1(b) 1(d)
(iii),
2(a),
2(b)
(ii),
2(c)
1(a),
1(c)
(ii),
4(a),
(c)
1(a)
(i),
(ii),
(iii);
2(b)
1(a),
3(b, c)
2(c),
4(c)
1(b) 1(b),
4(a, b,
c)
1(a);
4(c)
1(b),
3(b)
1(c),
4(a)
1(d,ii)
CSR 4(b) 1(c)
(i)
2(c) 4(c) d(ii) 4(a, b,
c)
Environmental
accountability 1(e) 1(d)
(i),
(ii)
1(d,
ii)
2(a, b) 1(b) 1(a) 1(b)
Profession & public
interests 2(b)
(i)
2(a) 3(a) 4(b) 3(a)
Accounting & financial
scandals
Rule & principle-based 3(d) 3(c) 4(a)
(i),
(ii)
3(a) 2(a) 2(b)
Principle-based 3(b) 1(a),
3(c)
3(b) 2(c) 1(d)
(i),
2(a)
2(b),
2(c)
Combined code 1(a),
1(d)
2(a),
2(b)
1(c),
2(c),
3(a),
3(b)
3(b),
3(c)
3(c),
3(d)
1(c),
2(c)
2(a, b) 1(a),
1(c) (i),
3(a,b,c)
d(i),
3(c)
2(b);
3(a, c)
2(a, b,
c),
3(c)
2(c),
2(a)
2(b, i,
ii), 4(a,
b, c)
SOA 2002 3(c) 4(b)
Board size, structure &
culture 1(a),
1(c)
2(b) 4(c)
Risks 1(b),
4(b)
2(a),
2(b)
1(b),
(c)
1(b),
3(c)
4(b),
4(c),
4(d)
1 (d, ii),
3 (a, b,
c)
1(d, i) 2(c),
4(a,b,c)
2(a, b,
c, d)
1(c) (ii,
iii, iv);
3(b)
1(a) 1(b),
1(d, i)
1(a),
3(a,c)
Internal controls 4(a) 1(d) 1(e) 3(a)
(i),
3(b)
1(b),
1(e)
1(b),
1(d, i)
3(b) 1(c)(ii,
iii)
1(a) 1(c) (i) 1(c) 1(d, ii),
3(a),
3(b),
3(c)
1(c),
2(c)
Internal audit
2(a), 2(b), 2(c),
2(d), 3(c)
3(a)
(ii),
3(b)
3(c)
2(a)
Consolidation of
knowledge 2(c),
4(c)
1(c), 1(d) 1(a),
2(c),
4(c)
4(c) 1 (d)
(i, ii),
4(b)
3(a),
3(b)
1(b),
4(a)
Topic Dec 2013
Corporate governance 1(c)
Stakeholders
Agency model & transaction costs 2(b)
Ethics & morality 3(c), 4(c)
CSR 3(c)
Environmental accountability 1(a, I, ii)
Profession & public interests
Accounting & financial scandals
Rule & principle-based 2(a)
Combined code/Governance Code (including Smith
and Higgs report)
1(c), 3(a, b), 4(a, i, ii)
OECD & ICGN
SOA 2002 2(b, c)
Board size, structure & culture
Risks 1(b), 4(b)
Internal controls 1(d, i)
Internal audit
1(d, ii)
Consolidation of knowledge
P1 key words
1. Critically evaluate generally, the answer would want the pros (in
support/benefits) and cons (problems/disadvantages).
2. Assess Mr. Xs understanding of his role as XXX explain whats wrong with his
understanding.
3. Construct the case for - in support of the argument.
4. Define give meaning.
5. Explain elaborate more and should be longer than simply defining.
6. Criticise to find issues in opposition to the points raised.
7. Assess whether there is any element of truth or otherwise.
8. Distinguish between X and Y differentiate between X and Y.
9. Discuss similar to explain and you can give your point of view (in support or to
oppose).
10. Explore find out more about a particular issue.
11. Advise telling what ought to be done in a polite manner.
12. Identify find out from the scenario about something (stakeholders, issues etc.).
Issues Key words
Reward/remuneration ARM = attract, reward, motivate
Information ACT = accurate, complete, timely
NED KSA = knowledge, skills, abilities
Annual report FBU = fair, balanced, understandable
Annual report Contains information about performance,
business model and strategy
Induction FFT = full, formal and tailored
NED induction BPS = business, people, stakeholders
CORPORATE GOVERNANCE
The Cadbury Committee defined corporate
governance as the system by which companies
are directed and controlled
Corporate governance is the relationship among
various participants in determining the
direction and performance of corporations
(Monks & Minow, 2002, p. 1). The primary
participants are (1) the shareholders, (2) the
management (led by the CEO) and (3) the BODs.
. Owners/principals/shareholders
Shareholders
Government Non-government SOE GLC Individuals families Institutions
: public-listed firms : private companies : NGO charitable firms, religious bodies, foundations, SIG : pension funds, mutual funds, hedge
funds, private equity funds
INSTITUTIONAL SHAREHOLDERS
Dedicated
Transient
CORPORATE GOVERNANCE PERSPECTIVES
Shareholder model/agency model is of the view that there is good corporate governance when agents (management/CEO, board) take action to maximize shareholders wealth. Hence agents fiduciary duty lies only to shareholders; however, this model also recognizes that agents may tend to pursue their own interests (i.e. act opportunistically) at the expense of shareholders and therefore, there must be proper mechanisms in place (monitoring, bonding) to ensure that agents do not act opportunistically and consequently pursuing shareholders interests.
Stakeholder model is of the view that there is good corporate governance when agents take care of the interests of the organizations stakeholders. These stakeholders may be shareholders and employees or the diverse range of stakeholders of an organization such as customers, suppliers, community and others. All stakeholders have an inherent worth and none should be exploited for the benefit of some. Therefore, agents must attempt to treat each stakeholder fairly. Hence agents fiduciary lies to all stakeholders communitarian position.
Stewardship model is of the view that good corporate governance occurs when agents view themselves as stewards/guardians of the corporations and diligently work to attain high levels of corporate profits and shareholders returns. Stewards or agents will not shirk their responsibilities. Being stewards of the organization, agents will never pursue their own self-interests, and therefore there is no monitoring of agents/management.
Enlightened shareholder value a corporate governance approach where an agent takes the interests of its diverse stakeholders only in so far as to promote and advance the long-term value of shareholders.
Political model a corporate governance approach where government (being the sole- or major shareholder) decides how rewards, resources, power, privileges, among others are allocated. Government will also decide on appointments to be made as well as strategies to be pursued. Government will also use the firm to pursue its own agenda.
Cultural model is of the view that good corporate governance occurs when a healthy, dynamic and adaptive culture of the organization moulds, shapes and gels the running of an organization so that it is well directed and controlled.
CORPORATE GOVERNANCE
Monistic
Dualistic
Pluralistic
NEDs
Shareholder activism
Small board size
External auditors and internal auditors
Rating agencies
Laws and regulations
Internal controls
Risk management
Mission, ethics, culture, strategy
BENEFITS OF GOOD CORPORATE GOVERNANCE
Attracts greater investments into firms, both foreign and domestic (McKinsey & Co.) with good corporate governance, many investors, both foreign and domestic will be attracted to the firm. As such, the firm will be highly sought after and consequently, its share price will be in great demand. Hence its share price may move northwards.
Reduces cost of capital
Attracts patient capital
Reduce risk
Stimulates performance and improves share price
Enhance marketability of products and services by creating confidence among stakeholders
Improve leadership standing
Demonstrates transparency and accountability
STAKEHOLDERS
Definition
Types classification
DEFINITION
Stakeholders are those whom the firms operations has benefited or burdened (Steiner & Steiner).
Stakeholders can also be defined as the individuals
or groups who can affect, and are affected by, the
strategic outcomes achieved and who have
enforceable claims on a firms performance (Freeman).
CLASSIFICATION OF STAKEHOLDERS
Narrow and wide stakeholders (Evans and
Freeman) narrow stakeholders are those that are most affected by the organizations policies. Examples include shareholders, employees,
customers, suppliers. Wide stakeholders are those
that are less affected and may include government,
indirect customers, the wider community and other
peripheral groups
Active and passive stakeholders (Mahoney) active stakeholders are those who seek to participate in the organizations activities. Examples are management and employees. Passive stakeholders include shareholders, government and local communities.
Internal (internal actors employees and their representatives, board of directors, sub-board management, company secretary) and external stakeholders (shareholders, stock exchanges, auditors and governments and regulators).
Voluntary and involuntary stakeholders voluntary stakeholders will include employees, customers, suppliers and shareholders. Involuntary stakeholders will include local communities, natural environment, future generations and most competitors
Legitimate and illegitimate stakeholders legitimate stakeholders are those that an organization recognizes as having a valid claim on an organizations operations and acknowledges its existence and vice-versa for illegitimate stakeholders
Recognized and unrecognized stakeholders -
recognized stakeholders are those that an
organization views as a legitimate stakeholder
and acknowledges its existence and vice-versa for
unrecognized stakeholders.
Known-about and unknown stakeholders
Mendelow power-interest matrix
Level of interest (in organizational strategies)
Low High
Low
Power
High
A. B. Minimal effort Keep informed
(e.g. community)
C. D. Keep satisfied Key players (e.g. institutional investors)
Low High
Mendelows power-interest matrix
STAKEHOLDERS
Identify all stakeholders non should be omitted
Classify stakeholders accurately
Undertake proper stakeholder relationship
management
A proper stakeholder relationship management
will give an organization competitive advantage Hillman and Keim
Stakeholder relationship management
Stakeholder engagement
Shareholders Employees Community Customers
AGMs, Meetings, Town-hall meetings, CRM Meetings PA, rewards open day, Annual dinner, CSR programs Family day,
QUESTIONS
Required:
(a) Distinguish between voluntary and involuntary stakeholders,
identifying both types of stakeholders in Hesket Nuclear. Assess the
claims of THREE of the involuntary affected stakeholders identified.
(12 marks)
Answer:
- Define voluntary stakeholders
- Give examples
- Define involuntary stakeholders
- Give examples
- Assess claims of THREE of the involuntary
affected stakeholders
(d) Distinguish between narrow and wide stakeholders and
identify three narrow stakeholders in Global-bank (based
on Evan & Freemans definition) from information in the case. Assess the potential impact of the events described on
each narrow stakeholder identified. (10 marks)
Answer:
- Define narrow stakeholders
- Define wide stakeholders
- Identify three narrow stakeholders
- Assess impact on the narrow stakeholders
identified
AGENCY THEORY
Agency theory
Agency costs
Fiduciary duty
Increasing fiduciary duty of board
1932 Berle and Means (US)
Owner Controller
Jensen and Meckling (1976)
Fiduciary duty Principal Agent (CEO)
(ROAD)
Appoint, place some degree of trust and confidence, provide resources Principal conflict Opportunistically to address Agency costs Agency conflict
Increases agent opportunism
Agency costs
increase
Adverse selection
Management style poor Low PET Compounded by Information asymmetry BOD ineffective poor internal controls external and Risk management internal auditor not I&O
AGENCY COSTS Jensen and Meckling defines agency costs as the sum of:
Monitoring management (the agent),
Bonding the agent to the principal (economic bonding) and,
Sum of all the previous residual losses.
Information asymmetry
Ineffective Board of directors
Management style poor high turnover of staff
Poor internal controls and risk management
External and internal auditors not I&O
Agency costs can therefore increased due to:
REDUCING AGENCY COSTS Remuneration - performance-based incentive plans performance shares,
performance bonuses and other remuneration (incentives must be aligned to shareholders long-term interests).
Direct intervention by shareholders (especially institutional investors)
The threat of firing (reduced by golden handshake/severance pay and empire building)
The threat of takeover (sometimes agents resist this takeover through greenmail and poison pill) (or use of white knight or white squire)
An effective board of directors chairman, nomination committee, audit committee, risk management committee and other committees, INEDs
Triple-bottom line reporting
Internal audit risk management, internal controls and governance
External audit
Empire building (managerial self-interest)
Pursing unprofitable acquisitions
Managerial entrenchment
Harder to be laid-off
Remuneration increases
-Greenmail approaching shareholders of acquiring firm to buy back shares at a premium
-Poison pill (i) share rights option, (ii) borrowing on terms that require immediate repayment of all loans if the firm/target is acquired, (iii) selling-off at bargain prices the assets that originally made the firm a desirable target
-White knight friendly acquirer
-White squire friendly investor
INCREASING FIDUCIARY DUTY
Political-economic argument
Profits
Legitimate theory
Competitive advantage
QUESTIONS (c) Explain what an agency relationship is and examine
the board of HPCs current agency relationship and objectives. Briefly explain how these would differ if HPC
was a company with private shareholders. (10 marks)
Answer:
- What is agency relationship
- Examine current principal and agent
- Explain current objectives
- How current principal and agent changes if
company owned by private shareholders
ETHICS
Kohlbergs moral development
Ethical relativism and absolutism
Tucker
AAA
Teleological utilitarianism
Deontological Kantian ethics
JSWs ethical stances
Code of ethics (benefits and problems)
IFAC/ACCA code of ethics principles of professionalism
Threats to professionalism
Level Stage Description
1 1. Person acts in such a way in order to
avoid punishment or to receive rewards.
2. Person acts because it is his/her self-
interests to act in such a way.
2 3. Person acts in such a way so as to
nurture long-term relationships of
mutual support with members on ones in-group/immediate circle or those close
to them.
4. Consists of upholding the law, order, LR,
regulations, and policies. Here the in-
group expands to include ones larger community.
3 5. Conceives morality as compliance with
the social contract. Rules are
understood to be relative to a particular
group but are upheld in the interests of
impartiality.
6. Morality based on commitment to self-
selected universal principles for
governing social cooperation.
Kohlbergs moral development
ETHICAL RELATIVISM AND ABSOLUTISM
Ethical relativism is a theory that what is right (i.e.
ethical/moral) is determined by what a culture or
society say is right. What is right in one place may
be wrong in another more pragmatic/flexible/practical
Ethical absolutism where there are a set of
principles that can be applied, irrespective of culture
and society. These set of principles falls under
normative theories of ethics more rigid and firm
PRAGMATIC APPROACHES
Profitable?
Legal?
Fair?
Right?
Sustainable or
environmentally
sound?
What are the facts of the case?
What are the ethical issues of the case?
What are the norms, principles, and values related to the case?
What are the alternative courses of action?
What is the best course of action that is consistent with the norms, principles, and values identified in step 3?
What are the consequences of each possible course of action?
What is the decision?
Tucker AAA
NORMATIVE THEORIES
Bentham an act is morally right if it
promotes the greatest
net human
welfare/net happiness
in the long run.
Kants categorical imperative can be broken down into two
postulates:
What makes an action right is
that the agent would be
willing to be so treated were
the positions of the parties
reversed (Universal
Acceptability)
Humanity as an End, never
as merely a Means i.e. human beings has an
inherent worth and should
not be exploited
Teleological -
utilitarianism
Deontological Kantian ethics
ETHICAL STANCES - JSW
Short- term shareholder interests is of the view that organizations have acted ethically if it can perform her economic and legal
responsibilities, i.e. the adage, the business of business is business
Tends to adopt an agency model, i.e. to maximize shareholders interests/wealth
Long-term shareholder interest is of the view that an organization has acted ethically by promoting and advancing the long-term value
of shareholders by taking care of its other stakeholders (constituents)
All expenses incurred in taking care of other stakeholders are
Classified as marketing expenses/PR
Has an instrumental view on CSR; adopts an enlightened
Shareholder view on CG
Multiple stakeholder obligations is of the view that an organization has acted ethically by taking care of all its stakeholders (dualistic or pluralistic)
and therefore must be seen to be acting fairly to all its stakeholders
Has a normative view on CSR
Adopts a stakeholder approach to CG
Shaper of society is of the view that an organization has acted ethically if it is able to influence society with its ideals, values, beliefs, principles
and doctrines
Mainly for non-profit oriented firms: religious bodies, SIG/NGOs, charitable
organizations
ENCOURAGING ETHICAL BEHAVIOUR
Self-regulation SOP, policies, code of ethics
Whistle-blowing
Ethics Ombudsman
Appoint senior executives to oversee matters (IKEAs CEO)
Leadership by example
Internal controls
HRM practices
Culture
CODE OF ETHICS
Code of ethics can also be defined as a statement of principles a business
agrees to abide by voluntarily over the course of its operations
Benefits of code of ethics Problems
Clarifies company expectations of
employee conduct in various situations
Ineffective from the work of some researchers
Makes clear that the company expects
its people to recognize the ethical
dimensions in decisions and actions
Not influential in determining a persons ethical decision-making behavior
Enhance reputation and brand equity Inflexibility
Communication sending the right message about good business practices
to stakeholders as well as to indicate
firm is committed to ethical behavior
Lack of clarity
Helps to create cohesive corporate
culture
Irrelevant
Can help firm avoid adversity such as
fines, sanctions and litigations self-regulation
Globalization imperative codes may transcend local laws and culture
Improve employee commitment
IFAC/ACCA CODE OF ETHICS/PRINCIPLES OF
PROFESSIONALISM
Professional behaviour - Complying with laws and regulations, listing requirements
- Complies with policies and procedures
- Kind, understanding, considerate,
courteous, helpful, empathetic, P&Qs
Objectivity - Rational, impartial/unbias
- Independent
- Emotionally detached
- Under no undue
pressure/duress/influence
- Practices professional skepticism -
facts
Professional competence and due care
- Keeping up-to-date CPD
- Practices due diligence: analyse
meticulously, all facts covered before
making decisions
Integrity
- Strong internal moral code/principles/
high PET
- Level 3 stage 6 (Kohlberg)
- Honest, truthful
- Never compromising on principles
Confidentiality
- Values confidentiality and keep things
confidential unless needed by law
- Confidential information obtained not to
be used for ones personal advantage nor for the advantage of any 3rd parties
POPIC
THREATS TO PROFESSIONALISM
Familiarity threat external auditor knowing someone in client firm; internal auditor auditing areas where he/she familiar with people in those areas
Intimidation threat external auditor receiving bribes etc. and
subsequently being blackmailed or intimidated; external auditor being intimidated into completing tasks as unqualified even though there are irregularities as demanded by FD of client firm or by lead partner
Advocacy threat upon receiving bribes or gifts, senior
accountant advocating/promoting the giver of bribes/gifts for certain projects/contracts
Self-review threat internal auditor review or providing
assurance on earlier work where he has provided consultancy Self-interest threat external auditor auditing client firm where
he has some vested interests; senior accountant providing inside tips to outsiders where benefits will be reaped by both parties
CSR GRAY, OWEN AND ADAMS
Position Description
Pristine capitalist Is of the view that organizations have acted in a socially responsible manner if they are able to safeguard the interests of shareholders and creditors; in
short, performing their economic and legal responsibilities. (related to the business of business is business and short-term shareholder interests
Expedients Is of the view that organizations have a limited responsibility in performing its corporate social responsibility especially if such a behavior can help to promote the organizations self-interests.
Proponents of the social contract Organizations believe they should behave in a way broadly in conformance with the ethical norms in society because there is effectively a contract or
agreement between the organizations in power and those who are affected
by the exercise of this power and an organizations survival and prosperity is dependent on it.
Social ecologist Is of the view that organizations, especially large organizations have caused much social and environmental degradation; as such, organizations must now fully
pledge and undertake its CSR to redeem itself.
Socialists Is of the view that organizations can only perform its CSR if society as a whole is a socialist or an egalitarian community where organizations are expected to
treat its workers and other stakeholders equally and therefore one class of
workers (the capitalists, shareholders, bourgeois) do not oppress lower-class
workers or the proletariats.
Radical feminists Is of the view that organizations can only be successful in undertaking its CSR if the society/country has a feminine culture.
Deep ecologists Is of the view that organizations can only start to practice its CSR if it starts to respect the rights of the down-trodden and also to appreciate that human
beings have no greater rights to resources or life than other species.
IMPORTANCE OF CSR
Profits
Improve customer loyalty
Globalization imperative
Successful implementation of strategies
Competitive advantage
Gen. Y
SOCIAL AND ENVIRONMENTAL AUDIT PRESSURES
Environmental issues as a source of risk reputational damage, liabilities
Profits
Potential employees
Investors
TRIPLE BOTTOM-LINE
Political-economic argument
Legitimate theory
Shareholders
Financial performance
Environmental disasters
Laws/regulations
Stakeholder theory
ENVIRONMENT
Environmental footprint - Environmental footprint shows the impact that a businesss activities have upon its environment, in terms of:
An organizations consumption of resources such as energy, water, land, feedstock (grains, edible plants etc.) and,
An organizations harm to its
environment in terms of pollution, emissions, spillages (in respect to oil, chemicals, contaminants etc.)
Large environmental/carbon footprint = negative environmental footprint
Small environmental/carbon footprint = positive environmental footprint
More social contributions than harm = positive social footprint
More harm than social contributions = negative social footprint
VOLUNTARY INITIATIVES
Carbon trading
Reducing, reusing and recycling
Alternative energy sources wind, geothermal, solar, landfills (methane gas), biogas digester (methane gas), biofuels
Pursuing sustainable development
Equator principles discouraging lending to infrastructure projects that pollute
Working closely with NGOs to reduce environmental footprint
Awards/certificates LEEDs, Green mark certification
SUSTAINABLE DEVELOPMENT BRUNDTLAND COMMISSION REPORT
a process of change in which the exploitation of resources, the direction of investments, the orientation of technological development, and institutional change are made consistent with future as well as present needs.
Brundtland Commission Reports also mentions the need to internalize all externalities
- Repletion rate depletion rate
- Internalize all externalities
ENVIRONMENTAL ACCOUNTABILITY
Triple bottom-line reporting
Full-cost accounting EMS Environmental certification
EMS
Defining environmental goals and missions
Developing adequate and effective environmental policies and procedures
Properly documenting and communicating the established environmental policies and procedures to affected personnel
Monitoring these policies and procedures and ensuring compliance with them
ENVIRONMENTAL AUDIT
Agree upon metrics (and objectives/targets)
What to measure emissions (pollution, waste, greenhouse gases) and consumption (energy,
water, feedstock etc.) (see GE)
Performance of company measured against these
metrics
Report on levels of compliance or variance
GENERAL ELECTRIC
PROFESSION AND PUBLIC INTERESTS
A profession is an occupation for which the
necessary preliminary training is intellectual in
character, involving knowledge and to some
extent learning as distinguished from mere skills
It is an occupation which is pursued largely for
others and not merely for oneself
It is an occupation in which the amount of
financial return is not the accepted measure of
success
PUBLIC INTERESTS
Taking care of the interests of all stakeholders
who have a direct or indirect impact on what
happens to a firm
Example, external auditor, accountants and
other accounting professionals have to take care
of the public interests as employees,
shareholders, government, customers, suppliers
and others will be impacted on the goings-on in
the firm
Performs job according to job description
Accept and obey instructions from superior
consistent with job requirements
Be a team player and should not rebel
Act in the best interest of the firm
Work to ensure profitability and harmony of
firm
Responsibilities of employees
PROFESSIONAL ACCOUNTANT
Practice professional skepticism
Maintain the reputation of the accounting/audit
profession
POPIC
Maintain I&O and should not be under any threats
Maintaining fiduciary duty to shareholders and
maintain public interest
PRINCIPLES AND RULES-BASED GOVERNANCE SIMILARITIES AND DIFFERENCES
Improve corporate governance effective board no duality (rule-based does not mention this), formation of sub-committees
Protect whistleblowers
Enhance external auditor independence
Ensure proper internal controls
Improves disclosure financial statements etc.
Increased top management accountability
Rules-based regime require mandatory compliance while principles-based adopts comply or explain
Rule-based regime was passed by the US congress and this law resulted in the formation of an oversight board called the PCAOB, while principles-based regime was initiated by both private and government sector such as FRC and DTI
Rule-based considered more of a knee-jerk reaction to corporate scandals such as Enron while principle-based more meticulously planned
PUBLIC-LISTED COMPANIES
No opportunism
Easy to compare across firms
Less meticulous scrutiny
Provide fair-level playing field
More disclosure
Lesser information asymmetry
Costs
Flexibility
Relative ease of
adoption
Developing country
mindset
Benefits of rules-based Benefits of principles-
based
Country Name of code/report
Italy Preda code
Spain Olivencia code
South Africa King report
France Vienot report
Netherlands Peters report culminated in Tabaksblat code
Germany Cromme code
Belgium Lippens code
UK Governance code (Combined code)
Countrys code of corporate governance
WHY CG VARY?
National culture
Laws (common/civil)
Concentrated/diffused ownership
Financing options (capital market/equity or
banks)
NATIONAL CULTURE - HOFSTEDE
Power-distance
Uncertainty avoidance
Individualism collectivism
Masculinity femininity
Power distance
Uncertainty Avoidance
Individualism collectivism
Masculinity femininity
High
High
High
High
Low
Low
Low
Low
High uncertainty
avoidance High individualism
Larger board size
(unitary)
Two-tier board for
continental Europe
Higher basic
component
remuneration
More risk averse
Smaller board size
More risk taking
board
Can have CEO duality
Variable or
performance-related
component
remuneration higher
NATIONAL CULTURE
HIGHER FEMININITY
Higher percentage of women in board
Greater quality of work life
Greater altruism
OWNERSHIP STRUCTURE
Diffused shareholder base very broad
Concentrated shareholder base narrower
DIFFUSED OWNERSHIP
Major shareholder not a controlling shareholder.
E.g. Steve Jobs wife is now the major shareholder of Walt Disney (with around 7.3%
shares)
Major shareholder cannot decide on CEO
selection nor non-executive director selection the other shareholders also need to vote therefore agents are not directly chosen by major
shareholder
Agency conflict and independent NED
CONCENTRATED OWNERSHIP
Exists controlling shareholder via dual/triple class shares or pyramidal structure
There exists principal-principal conflict and gray
NEDs
DUAL-CLASS SHARES (RESTRICTED VOTING
SHARES)
Type/class A Type/class B
Facebook type A 1 voting right; Type B 10 voting rights
TRIPLE-CLASS SHARES
Type A Type B
Type C
Zynga Type A 1 vote; Type B 10 votes; Type C 70 votes
PYRAMIDAL STRUCTURE
A
B C
D E F G
H
WHY CORPORATE GOVERNANCE CAN
CONVERGE?
Transnational entities (OECD, UN, ICGN,
CACG, IMF)
FDI
Cross-listing
Diffusion of corporate governance code Cadbury Code
Harmonization of accounting principles
TRANSNATIONAL ENTITIES
These organizations try to disseminate good
corporate governance values across the world
As a result, many countries have been influenced
by their works
Consequently, there is convergence
FDI
In the form of international JVs, international
M&As, international strategic investments
Through FDIs, countries corporate governance interact
Therefore, as time goes by, the corporate
governance will converge
CROSS-LISTING
Listing is more than one stock exchange board
As time goes by, the best practices with regards
to corporate governance will converge
CADBURY CODE
Research shows that Cadbury code triggered
many countries to realize the importance of CG
As a result, many countries adopted and adapted
the best provisions of CG using Cadbury code as
their benchmark
HARMONIZATION OF ACCOUNTING
PRINCIPLES
Most countries are moving towards IFRS
As countries financial statements become relatively similar, companies annual report will also become more similar
Eventually, this may also impact on CG and
therefore corporate governance can also converge
Hence one size does not fit all
CORPORATE GOVERNANCE
PRINCIPLES OF GOOD CG
Fairness
Independence
Transparency
Probity
Responsibility
Accountability
Judgment
Integrity
Reputation
PRINCIPLES OF GOOD CORPORATE
GOVERNANCE
Fairness the directors must practice proper deliberations; they should be unbias, non discriminatory, rational as well as objective
Independence Board of directors must have non-executive directors that are independent
Transparency - DATA
Probity/honesty telling the truth, not misleading stakeholders, honest, practice candour, directors should not mislead, or deceive
Responsibility directors (NEDs) have to monitor agents, attend regular meetings, give suggestive contributions, protecting shareholders/stakeholders interests
Accountability effective committees,
giving suggestive
contributions, attend
regular board meetings
Judgment adequate balance of knowledge,
skills, abilities, and
experience to contribute
towards organizational
prosperity
Integrity morally right, strong internal moral code, virtuous
Reputation reputation as an asset to the organization. By fulfilling other principles of corporate governance, the reputation of a firm can be enhanced
ACCOUNTABILITY
- Directors should explain in the annual report their responsibility for preparing the annual report, and state that they consider the annual report and accounts, taken as a whole, is fair, balanced, and understandable and provides the information necessary for shareholders to assess the companys performance, business model and strategy.
- There should be a statement by the auditor about their reporting responsibilities.
- The directors should explain in the annual report an explanation on how the company generates and preserves value over the longer term (the business model).
- The directors should report in annual and half-yearly financial statements that the business is a going concern, with supporting assumptions or qualifications as necessary.
AN EFFECTIVE BOARD (FROM GOVERNANCE CODE)
- Should have a chairman that demonstrates good leadership - Should have non-executive directors who are independent (including a
senior independent non-executive director (INED)) with the right balance of skills, knowledge and experience
- Excluding the chairman, at least half of the board must be INED (for small firms, below FTSE 350, at least two)
- Board members to meet regularly and attendance should be regular - No duality of posts between chairman and CEO - Formation of committees audit, nomination, remuneration, risk etc.
which has the right balance of skills, experience, knowledge and independence
- Should maintain a sound system of risk management and internal control systems
- Company should arrange appropriate insurance cover in respect of legal action against its directors
Against CEO duality reduce unfettered powers, improves monitoring role of
NEDs, improves organizational
performance, reduce conflict of interests,
reduces agent opportunism
For CEO duality single unified leader, no guarantee of significant improvement
in organizational performance (Dalton et
al.)
CHAIRMAN Provide leadership
Ensures directors receive accurate, clear and timely information
Setting boards agenda
Communication with shareholders (through annual report)
Promoting a culture of openness and debate
Facilitate effective contribution of NEDs
Ensure constructive relations between EDs and NEDs
Ensure sufficient communication with shareholders (to discuss governance and strategy issues)
Ensure that directors continually update their skills and knowledge
Ensure sufficient resources allocated
CRITERIA FOR INDEPENDENCE
Should NOT have been an employee of the company or group within the last five years
Should NOT have or had had within the last three years any material business relationship with the company either directly or as a partner, director, or senior employee of a body that has such a relationship with the company
Should NOT have received or receives additional remuneration from the company apart from a directors fee, should not participate in the companys share option or a performance-related pay scheme, should not be a member of the companys pension scheme
Should NOT have close family ties with any of the companys advisers, directors, or senior employees
Should NOT hold cross-directorships or has significant links with other directors through involvement in other companies or bodies
Should NOT represent a significant shareholder
Should NOT have served on the board more than nine years from the date of the first election
NEDS
Strategy NEDs should constructively challenge and help develop strategies
Performance NEDs should scrutinize the performance of management in meeting agreed goals and objectives and monitor the reporting of performance
Risk NEDs should satisfy themselves on the integrity of financial information and that financial controls and systems of risk management are robust and defensible
People NEDs are responsible for determining appropriate levels of remuneration of executive-directors and have a prime role in appointing, and where necessary removing, executive directors and in succession planning
For NEDs Higgs, improves organizational performance (Choi et al.), reduce group think
Against NEDs - costs (director fees, insurance,
induction, CPD), time, competencies, control (financial
vs strategic), independence
-Audit committees should have at least three members, who should all be
INEDs (or in the case of smaller companies, i.e. below FTSE 350, two)
-The chairman of the company should not be an audit committee member
(except for smaller firms, below FTSE 350)
-Appointments to the audit committee should be made by the board on
the recommendation of the nomination committee, in consultation with
the audit committee chairman
-Appointments should be for a period of up to one year, extendable
through re-election, so long as members continue to be independent
-At least one member of the audit committee should have significant,
recent and relevant financial experience, for e.g. as an auditor, or a
finance director of a listed company
-It is recommended that there should be not fewer than three meetings
during the year. No one other than audit committees chairman and members is entitled to be present at audit committee meetings. External
auditor will be invited regularly to attend meetings as well as the
finance director
-The audit committee should review and approve the internal audit
functions remit; should approve the appointment or termination of the head of internal audit; should ensure that the internal auditor has direct
access to the board chairman and to the audit committee and is
accountable to the audit committee; meet with the head of internal
audit at least once a year without the presence of management; review
and assess the annual internal audit plan
Audit Committee
AUDIT COMMITTEE ROLES
To provide advice to the board on whether the annual reports and accounts taken as a whole is fair, balanced, and understandable and provides the information necessary for shareholders to assess companys performance, business model and strategy
To monitor the integrity of the financial statements
To review the companys internal financial control systems
To review the companys internal control and risk management systems (if there is no risk committee)
To monitor and review the effectiveness of the companys internal audit function (if no internal audit function, then the need to consider annually whether there is a need for internal audit function and make recommendations to the board, and the reasons for the absence of such a function)
To recommend to the board for it to put forward to the shareholders in relation to the appointment, re-appointment and removal of external auditors (if board does not accept, then board must explain why in annual report or in any relevant papers) as well as their remuneration and terms of engagement
For FTSE 350 companies, the audit committee should put the external audit contract out to tender at least every ten years (if the board does not accept audit committees recommendation, it should include in annual report or in any papers the reasons for not accepting)
To review and monitor the external auditors independence and objectivity and the effectiveness of the audit process
To develop and implement a policy on the engagement of the external auditor to supply non-audit services
Be an avenue for whistle-blowers
Advantages of external auditor providing non-
audit services to audit client reduce client costs (economies of scope for client), external auditor
has better holistic understanding, reduce fraud
and internal controls
Problems increase threat of economic bonding, affect external auditors I&O, self-review threat, reduce share price
- Should ideally be made up of INEDs (however, EDs may also be
members)
- Ideally should be chaired by an INED
- Some recommends majority should be insiders from operations
Risk committee
RISK COMMITTEE ROLES
Approving the organizations risk management strategy and risk management policies
Reviewing reports on key risks prepared by business operating units, management and auditor
Assessing overall exposure to risk and ensuring it remains within limits set by the board
Reviewing the firms internal control systems
Assessing the effectiveness of the organizations risks management systems
Providing early warning to the board on emerging risk issues and significant changes in the companys exposure to risks
Problems of combining audit committee with risk
management committee competency, time, focus (finance matters)
Advantages of combining audit committee with
risk management committee holistic, effective
Some organizations therefore have separate audit
and risk management committee
NOMINATION COMMITTEE
Appointments to the board must be made on merit and against a set of objective criteria and with due regard for the benefit of diversity, including gender
Care must be taken to ensure that appointees have enough time, that there is an appropriate balance of skills and experience within the company and the board
To encourage the use of external advice or open advertising (and to explain if it was not used)
A majority of members must be INEDs and is chaired by either the chairman of the board or an INED (but chairman of board must not chair the meeting if it is concerning the succession of board chairman)
NOMINATION COMMITTEE ROLES
Prepare job description for a particular post (after evaluating the balance of skills, knowledge, and experience needed)
Prepare a job specification for the post
Plans for orderly succession for both executive and NEDs; reviewing regularly the leadership needs of the organization, both EDs and NEDs
Regularly review the size, structure and composition of the board and make recommendations, when necessary
Any NED beyond six years should be subject to a particularly rigorous review
To make recommendations to the re-appointment of any NED
To monitor and convey to the board to ensure that a full time ED does not take more than one NED or chairmanship of a company (normally a large company, e.g. FTSE 100 company
BOARD SIZE
Problems unwieldy (3Cs, free-rider), costs, time, decreased organizational performance
Benefits improves organizational performance (Dalton et al.), greater stakeholder representation,
do not need to use same persons for committees
Remuneration committee should consists of at
least three (or in the case of smaller
companies, two) INEDs
The company chairman may also be a member
of the remuneration committee but may not
chair the committee
Remuneration Committee
REMUNERATION COMMITTEE ROLES
Setting remuneration for EDs, chairman, and company secretary (the remuneration of NEDs shall be a matter for the chairman and EDs or shareholders)
To ensure level of remuneration is sufficient to attract, retain,
and motivate directors to run the company; however, should avoid paying more than what is necessary
Should ensure that remuneration of executive directors be
aligned to corporate and individual performance Determining targets for any performance-related pay schemes Determining the policy for and scope of pension arrangements
for each ED Determining the total individual remuneration package of
each ED
Fixed/basic component salary, contractual bonuses, allowances, perks (company car, insurance coverage etc.)
Variable/performance-related component options of shares, restricted share grants (also used in golden parachute), performance bonuses, any long term incentive plans
Combined code recommends that variable component should be of a significant proportion than fixed component
WHY REMUNERATION CAN DIFFER
ACROSS COMPANIES AND COUNTRIES
National culture
Organizational life cycle small, large, public-listed, delisted etc.
Costs direct, indirect, reputation
Shareholders
Motivation
gender
Hence, one size does not fit all
INSTITUTIONAL SHAREHOLDERS INTERVENTION
Companys strategy acquisition or disposal strategy too risky
Companys operational performance Independent directors failing to hold
executive management properly to account
Internal control failings
Inadequate succession planning
Unjustifiable failure to comply with combined code
Inappropriate remuneration levels, incentive or severance packages
NED ORIENTATION
Business nature of the firms business and operations
People the people in the organization; whos who
Stakeholders major shareholders, key customers, suppliers etc.
BPS
OECD FRAMEWORK FOR GOOD CG
Ensuring the basis for an effective corporate
governance framework
The rights of shareholders and key ownership
functions
The equitable treatment of shareholders
The responsibilities of the board
Disclosure and transparency
The role of stakeholders in corporate governance
Traits Public-listed firm Private firm NGOs (charities,
foundations etc.)
Family business
Owner Shareholders Shareholders Founder and perhaps
descendent
Patriarch/
matriarch
Board Ideally, BODs have
the right balance of
KSA,
competencies, and
there is
independence;
professionally
managed
BODs consist of
shareholders/owners
Consists of Board of
governors/trustees
Made up mainly
of family
members
Committees Ideally proper
committees
May or may not have
committees
May or may not May or may not
Succession planning Ideally proper
succession
planning with NC;
properly managed;
sometimes
difficulties in
finding the right
candidate
Succession planning not
formal
Succession planning
not important as the
board will ensure that
the ideology of the
founder lives on even
after the demise of
founder
Successor will
be another
family member
and therefore
succession
planning
generally not a
big issue
Governance Based on LR and
CG perspective principles-based or
rules-based
Based on requirements of
shareholders
Based on founders ideologies and culture
of the NGO
Based on family
member needs
Feud/conflict AGMs, EGMs professionally
managed
Reconciled among owners
may be violent and not professionally managed
Addressed by reverting
to founders values Feud could be
family rivalry to
wrest control of
board decisions
RULES-BASED APPROACH SARBANES-OXLEY ACT
Title number Description
I Public Company Accounting Oversight Board (Sec. 101-109)
II Auditor independence (Sec. 201-209)
III Corporate Responsibility (Sec. 301-308)
IV Enhanced financial disclosure (Sec. 401-409)
V Analyst conflict of interest (Sec. 501)
VI Commission resources and authority (Sec. 601-604)
VII Studies and reports (Sec. 701-705)
VIII Corporate and criminal fraud accountability (Sec. 801-807)
IX White-collar crime penalty enhancement (Sec. 901-906)
X Corporate tax returns (Sec. 1001)
XI Corporate fraud and accountability (Sec. 1101-1107)
EXTERNAL AUDITOR INDEPENDENCE
- Section 201 SOA prohibits external auditor from providing internal audit outsourcing services, financial IS
design and implementation, bookkeeping and financial
statement services, management and HR functions,
actuarial services, investment advisor, appraisal or
valuation services, audit-related legal services.
- Section 203 lead audit partner and reviewing partner to rotate the audit engagement every 5 years
- Section 207 audit firm rotation
SECTION 302
The CEO and CFO must certify in a statement that
accompanies the audit report: the appropriateness of the
financial statements and disclosures; that the statements
fairly present, in all material respects, the operations and
financial conditions of the company; and that all significant
deficiencies in internal controls have been disclosed to the
auditors and audit committee.
Also states that the officers are responsible for internal controls, have evaluated its effectiveness in the last 90 days,
have presented in their report their conclusions about the
effectiveness of their internal controls and have discussed any
changes in internal controls, including corrective actions
during the period under review.
SECTION 404
Internal control over financial reporting (ICOFR)
Managements report a. Describe framework used to evaluate internal controls COSO, CObIT b. An assessment of its ICOFR effectiveness
Auditors report (3 reports) 1. Assessment of the effectiveness of the framework used 2. Attest on managements assessment of ICOFR effectiveness 3. Presentation of financial statements: true and fair
WHISTLEBLOWING
Section 301 Audit committee should be the avenue for whistleblowers
Section 806 no public company or any officer, employee, contractor, or agent of such company may discharge, demote, suspend, threaten, harass or in any other manner discriminate against any whistleblowers
Section 1107 makes it a crime for anyone knowingly with the intent to retaliate, to interfere with the employment or livelihood of any person a whistleblower who provides a law enforcement officer any truthful information relating to the possible commission of a SOA violation offense fines and imprisonment of up to 10 years
Benefits of SOA Problems of SOA
Accounting and financial scandals still persists post-SOA
Costs of compliance increased
Reduce IPOs
Reduce economic growth of company
Alteration of business practices, e.g. IS
Improves auditors independence
Improve internal controls
CEO and CFO must certify financial statements increased accountability
Improvements in ICOFR
All companies that are public listed must have code of ethics (Section 406)
Improvements in risk management (Section 409)
Whistleblower protection
BOARD STRUCTURE
One-tier/unitary board
Chairman
NEDs
EDs
Two-tier board
Supervisory board
Chairman
NEDs
Bank representatives,
Controlling shareholder
representatives, employee
representatives
EDs
Management board
EDs
Works
council
Advantages Disadvantages
All directors have equal legal
and executive status all are held responsible and can be
held accountable for board
decisions
Uncomfortable tidiness in
having one group of directors
supervising or controlling
another group on the same
board
More viewpoints are likely to
be expressed in board
deliberations and discussions
No employee representation;
no banks involved as in
German model
Intellectual strength of the
board increased
Time requirements both in board meetings and
committee meetings for NEDs
Strategies can be more
robustly scrutinized
More free-flow of information
can take place resulting in
better decision-making
Improves relationship and
cooperation between different
types of directors
Unitary board
Advantages Disadvantages
Two-tier board clearly
separates the role of the
chairman and CEO
Management board can
only nominate directors
to supervisory boards but
cannot oppose inequality
Employee, shareholders
and banks
representation in
supervisory boards and
employee representation
in works council
All the above advantages
for unitary board can
somehow be lacking in
two-tier boards
Two-tier board
RISKS A POSSIBILITY/CHANCE THAT AN UNFAVOURABLE EVENT WILL OCCUR
Sources of risks exogenous and
endogenous
ICAEW financial risks, operational
risks, compliance
risks,
business/strategic
risks, any other risks
(FOCBA)
Any other risks:
Legal
Political
Technological
Natural disaster
Health, safety and environmental
Probity
Reputational
Credit risks is the risk to a company from the failure of its debtors to meet their obligations on time
Liquidity risks is the risk of loss to a mismatch between cash inflows and cash outflows
Currency risks is the possibility of loss or gain due to future changes in exchange rates
Market risks also known as systematic risk (or non-diversifiable risk) occurs due to external events such as political (wars), economic (inflation, recession, high interest rates) etc. Company-specific risks are also known as diversifiable or unsystematic risks
Derivative risks CDOs, CDS
Risks that can affect day-to-day businesses, such as:
Errors or omissions by employees
Product failure
Health and safety
Failure of IT systems
Fraud
Loss of key people
Loss of suppliers etc.
Financial risks Operational risks
Failing to follow all
requirements of the
laws, regulations,
policies and
procedures
Strategic risks are risks that relate to the fundamental and key decisions that the directors take about the future of the organization. Strategic risks occurs if the decisions made by board and top management fails to improve organizational performance, losing out in terms of competitive advantage, failing to create new markets etc. Can lead to strategic drift.
Compliance risks Strategic/business risks
If correlation is positive, then risks covary,
i.e. risk A increases then risk B also
increases and vice-versa.
Some risks can covary, for example,
environmental risks and reputational risks
If correlation is negative, then risks are
inversely proportional, for example,
reputational risks and share price
Risks correlation
Risk identification nature/source of risks
Risk assessment likelihood and impact of each risk
Risk review analyse the controls the organization has in the event the risk
materializes
Risk reporting prepare reports on risks and submit to the board
Risks audit
Selim and McNamee:
- Risk assessment risk identification, risk measurement, and risk prioritization.
- Risk response acceptance, transference, avoidance or reduction.
- Risk communication internal and external stakeholders.
Risk management process
Risk assessment: - Selim and McNamee IMP - COSO - Turnbull
Risk management
Risk assessment
Identify risks
Categorize the risks
Acceptable risks Unacceptable risks
Likelihood? (H, M, L)
Ability? (Y/N) Impact? (H, M, L)
Costs Benefits
Risk assessment - Turnbull
Risk assessment
Turnbull:
- Identifying the nature and the extent of risks facing the company - Categorising the risks which it regards as acceptable for the company to
bear - Assessing the likelihood (probability) of the risks concerned materializing - Assessing the companys ability to reduce the incidence/risks and impact
on the business of risks that do materialize - Assess the costs of operating particular controls relative to the benefits
thereby obtained in managing the related risks
Risk assessment
COSO:
- Estimating the significance of the risk - Assessing the likelihood of the risk occurring - Considering how the risk should be managed, and assessing what
actions to be taken
Consequences
Low High Low
Likelihood
High
Acceptance Transference Risks are not significant. Insure risks, outsource and implement contingency plans to pass to 3
rd parties
Keep under view.
Reduction Avoidance Take some action, e.g. Take immediate action e.g. insurance, contingency terminate operations etc. planning, internal controls, culture of ethics, code of ethics, risk management, HRP, HRD, internal audit
Risk management strategy/response/treatment
Risk terms and expressions: 1. Dynamic nature of risk assessment
- Risks are not static
- Risk assessment therefore should not be one-off but continual
2. Importance and nature of management responses to changing risk assessments
- Since risk assessment is continual, some risks can change in likelihood
and importance
- Therefore, proper responses will be needed
3. Risk appetite and risk policy - If the board or firm has a higher appetite for risks, then the risk policies
would reflect this higher risk appetite
4. External reporting on internal controls and risks - Less information asymmetry
- Improve investor confidence (more transparent)
5. ALARP principle in risk assessment - Some risks are subjective and cannot be eliminated; others cant even
be imagined
- At best, one should try to minimize the risks as much as possible, given
the constraints of costs versus benefits through transference and
reduction
- Some risks have to be accepted as the costs of eliminating the risks
exceeds its benefits
6. Difficulties of risk perception - Some risks are harder to quantify and therefore more difficult to
perceive its likelihood and impact
- If risks are objective/quantifiable, risk perception becomes easier and
vice-versa
7. Covariant risk - Risks are positive correlated
8. Techniques and policies to mitigate business and financial risk - TAR approaches such as insurance, outsourcing, strategies (JV,
franchising, licensing); hedging
Turnbull guidance: A system that encompasses the policies, processes, tasks, behaviours and other aspects of a company that, taken together:
Facilitate its effective and efficient operation by enabling it to respond appropriately to significant business, operational, financial, compliance and other risks to achieving the companys objectives. This includes the safeguarding of assets from inappropriate use or from loss and fraud and ensuring that liabilities are identified and managed;
Help ensure the quality of internal and external reporting. This requires the maintenance of proper records and processes that generates a flow of timely, relevant and reliable information from within and outside the organization;
Help ensure compliance with applicable laws and regulations, and also with internal policies with respect to the conduct of business
Internal controls
CHARACTERISTICS/
BENEFITS/OBJECTIVES/PURPOSES/AIMS OF INTERNAL
CONTROL
Operations can proceed efficiently and effectively
Respond to risks in a timely manner
Safeguarding assets
Reliable/quality reporting both financial and non-financial, external and internal reporting
Proper data/record collection, processing and
maintenance
Compliance to laws, regulations, policies and
procedures
Achieving strategic objectives
Internal controls and risk management Review/approve BOD/committee Design
DIOM CEO Some responsibility all employees Embed in culture
COSO:
Control environment
Risk assessment
Control activities
Information and communication
Monitoring
CRAIM
Elements of internal control
CONTROL ENVIRONMENT
Strategies for dealing with risks
Structure assigning the right people to the right tasks, having a proper organizational structure (matrix, flat/tall, centralized/decentralized etc.), authority, responsibility and accountability clearly defined, proper communication so that employees are aware what is expected of them
Systems proper risk policies in place, process/activities adjusted to reflect changes in risks, proper internal audit in place
Staff competent personnel through HRP, orientation/induction, HRD, rewards, performance appraisal, promotion and discipline, proper BOD and committees
Style right management style (setting tone at the top), commitment to competence, integrity, and fostering a climate of trust
Skills competent personnel (knowledge, skills)
Super-ordinate goals integrity and ethical values, code of conduct, proper culture based on trust
CONTROL ACTIVITIES
All activities, processes, systems, policies,
procedures in place to ensure no internal control
failing
Examples: SPAM-SOAP:
Segregation of duties, physical controls,
authorization and approval, management
controls, supervision controls, organization
controls, arithmetic and accounting controls,
personnel controls
INFORMATION AND COMMUNICATION
Proper information systems in place to provide real-time information about internal and
external events
Information is relevant, accurate, reliable,
sufficient, complete, concise etc. and IS
constantly reassessed to ensure functionality
Information must be about the firm as well as
about the environment
Information must flow vertically, laterally,
inside-out and outside-in
Proper channels of communication in place for
whistleblowers
MONITORING
Monitoring can be done periodically as well as
ongoing (control self assessment etc.)
Aim:
Emerging risks
Deficiencies in internal controls and risk
management systems
So as to make the necessary
adjustments/modifications to ensure
sound/robust internal controls and risk
management systems
A sound system of internal control reduces, but cannot
eliminate, the possibility of poor judgment in decision-making;
human error; control processes being deliberately
circumvented by employees and others; management
overriding controls; and the occurrence of unforeseeable
circumstances.
A sound system of internal control therefore provides
reasonable, but not absolute, assurance that a company will
not be hindered in achieving its business objectives, or in the
orderly and legitimate conduct of its business, by circumstances
which may reasonably be foreseen. A system of internal control
cannot, provide protection with certainty against a company failing
to meet its business objectives or all material errors, losses, fraud,
or breaches of laws or regulations.
INTERNAL AUDIT
IIA:
A systematic and disciplined approach to provide an independent and objective:
assurance and
consulting activity on
risk management, internal controls and governance
that is designed to add value to an organizations operations
OBJECTIVES/FUNCTIONS/SCOPE OF INTERNAL
AUDIT
Evaluate and improve risk management process
Evaluate and improve internal controls
Social and sustainability audits
External audit assistance
Corporate takeovers and mergers
Project management
The operation of the organizations corporate governance arrangements
Examination of financial and operating information check for suitability, reliability and integrity, financial audits
Review of the economy, efficiency and effectiveness of operations operations audit
Review of the safeguarding of assets
Review of the implementation of corporate objectives
Special investigations, e.g. suspected fraud
Review of compliance with legislation, regulations and codes of practices
Follow-up action taken to remedy weaknesses identified by internal audit reviews
and ensuring that good practice is identified and communicated widely
Testing to ensure robustness stress-, compliance-, load testing; security issues
NEED FOR INTERNAL AUDIT
The scale, diversity and complexity of the
companys activities
The number of employees
Cost-benefit considerations
Changes in organizational structures, reporting
processes or underlying information systems
Changes in key risks
Problems with internal control systems
An increased number of unexplained or
unacceptable events
RECRUITMENT OF INTERNAL AUDITOR
Advantages
Fresh perspective
Emotionally
detached independent and
objective
May transfer best
practice from
outside
Disadvantages
May not understand
organization
initially and
therefore may take
time to contribute
Possibly lack
cooperation from
others
Costly
OUTSOURCING INTERNAL AUDIT
Improve focus and cost
Outsourcer may have more expertise improve efficiency
Less subject to high turnover of staff from internal audit
Skills of internal audit may be only be required for a short time in each year
Conflict of interest if outsourced service is
provided by external
auditor illegal in US
Lack of knowledge or
awareness of the
organization objectives,
culture or business
High costs
perhaps poor quality
Advantages Disadvantages
has access to
Reports to and accountable to
Approves or terminate
Duty
approve consulting &
& review IA remit assurance
Reviews and
Approve IC and I,O,M IC & RM
RM
Develops/design
IC & Risk management
Recommends the appointment, re-appointment and removal
Decides on engagement policies and remuneration
Reviews the effectiveness of the audit process
Audit
committee CEO
Internal
Auditor Chairman
External
auditor