Top Banner
Paper P1 Haroon Tabraze Haroon Tabraze www.ca.com.pk Page 1 Agency theory: Agency is a contract under which one party (the principal) engages another party (the agent) to perform some service on their behalf. As part of this, the principal will delegate some decision-making authority to the agent. There are two problems in such a delegation. The desires / goals of the principal and agent have a conflict; and It is difficult or expensive for the principal to verify what the agent is actually doing (whether he is working appropriately). Principal : are the share holders, who cannot run management due to: Wide ownership base, especially in companies listed on stock exchanges Lack of interest in the management due to limited risk and liability Possible short term motive of capital gains in stock market (have ability to simply sell shares if company is in trouble) Agent : is employed by Principal to manage the company (management) They are delegated the task to run the company Agent does not share the Principal's motive of profit maximization, and is more interested in his remuneration Agency Costs : are incurred by Principals to monitor working of their agents (because of lack of trust) i.e. Internal and External Audits Accountability : is the need to explain and justify any failure to fulfill responsibility Agent is accountable to the Principal (by whom he is employed) when he accepts to undertake the task given to him Fiduciary: The person on whom duty is imposed is called 'fiduciary Fiduciary responsibilities : A fiduciary is expected to be extremely loyal to the person to whom they owe the duty (Principal); They must not put their personal interests before the duty, and Must not profit from their position as a fiduciary, unless the principal consents. The fiduciary relationship is highlighted by good faith, loyalty and trust. Stakeholders : any person or group which get affected by the running of the organization Corporate governance includes the relationships among the many players involved (the stakeholders) and the goals for which the corporation is governed. The principal players are the shareholders , management and the board of directors . Other stakeholders include employees, suppliers, customers, banks and other lenders, regulators, the environment and the community at large. Corporate governance deals with issues of accountability and fiduciary duty , essentially advocating the implementation of guidelines and mechanisms to ensure good behavior and protect shareholders. Another key focus is the economic efficiency view, through which the corporate governance system should aim to optimize economic results, with a strong emphasis on shareholders welfare.
47
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 1

Agency theory: Agency is a contract under which one party (the principal) engages another party (the agent) to perform some service on their behalf. As part of this, the principal will delegate some decision-making authority to the agent. There are two problems in such a delegation.

� The desires / goals of the principal and agent have a conflict; and � It is difficult or expensive for the principal to verify what the agent is actually

doing (whether he is working appropriately). Principal: are the share holders, who cannot run management due to:

� Wide ownership base, especially in companies listed on stock exchanges � Lack of interest in the management due to limited risk and liability � Possible short term motive of capital gains in stock market (have ability to simply

sell shares if company is in trouble) Agent: is employed by Principal to manage the company (management)

� They are delegated the task to run the company � Agent does not share the Principal's motive of profit maximization, and is more

interested in his remuneration Agency Costs: are incurred by Principals to monitor working of their agents (because of lack of trust)

� i.e. Internal and External Audits Accountability: is the need to explain and justify any failure to fulfill responsibility

� Agent is accountable to the Principal (by whom he is employed) when he accepts to undertake the task given to him

Fiduciary: The person on whom duty is imposed is called 'fiduciary Fiduciary responsibilities:

� A fiduciary is expected to be extremely loyal to the person to whom they owe the duty (Principal);

� They must not put their personal interests before the duty, and � Must not profit from their position as a fiduciary, unless the principal consents. � The fiduciary relationship is highlighted by good faith, loyalty and trust.

Stakeholders: any person or group which get affected by the running of the organization Corporate governance includes the relationships among the many players involved (the stakeholders) and the goals for which the corporation is governed. The principal players are the shareholders, management and the board of directors. Other stakeholders include employees, suppliers, customers, banks and other lenders, regulators, the environment and the community at large. Corporate governance deals with issues of accountability and fiduciary duty, essentially advocating the implementation of guidelines and mechanisms to ensure good behavior and protect shareholders. Another key focus is the economic efficiency view, through which the corporate governance system should aim to optimize economic results, with a strong emphasis on shareholders welfare.

Page 2: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 2

Principal Agent Relationship:

� The nature of the relationship is that of Trust. Management has to act in the best interest of the shareholders

� Directors have fiduciary responsibility towards shareholders � Directors have Fiduciary responsibility as everyone below them in the organization

chart is monitored by them. The relationship works because:

� management is given incentives on good performance, and � the shareholders monitor their performance closely.

Agency Costs: Agency loss is zero when the agent takes actions that are entirely consistent with the principal’s interests. As the agent’s actions diverge from the principal’s interests, agency loss increases

Monitoring costs: are expenditures paid by the principal to measure, observe and control an agent’s behavior. They may include:

� Cost to provide data to shareholders (financial statements) � Cost of audits of financial statements, � Cost to hold Annual General Meetings, � Executive compensation contracts, remuneration schemes, incentives and

ultimately the cost of firing managers. � Too much monitoring will reduce managerial entrepreneurship

Certain aspects of monitoring may also be imposed by legislative practices. In the UK companies are required to provide statements of compliance with the Cadbury and Greenbury reports on corporate governance. Bonding Costs: Given that agents ultimately bear monitoring costs, they are likely to set up structures that will see them act in shareholder’s best interests, or compensate them accordingly if they don’t. The cost of establishing and adhering to these systems are known as bonding costs Residual Loss: Despite monitoring and bonding, the interest of managers and shareholders are still unlikely to be fully aligned. Therefore, there are still agency losses arising from conflicts of interest. These are known as residual loss. i.e. Directors furnishing themselves with expensive cars.

How to control Agency problems: � Management’s compensation should be based on market estimation of how

well they take care of shareholders interests (based on prior experience with other companies).

� If Directors do not perform well, they lose their job through resolution by shareholders in the annual meeting

� Board of Directors should largely be composed of independent directors (holding large blocks of shares in the company).

Page 3: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 3

� Holding regular meetings between stakeholders � Hiring independent auditors (agents of shareholders) to monitor shareholders

interest � Threatening management with Divestment as last resort.

Auditors:

� Have their own interest i.e. fee, reputation � When auditor is independent from management, only then he can serve

interest of shareholders � Auditor has to deal with management to conduct audit, and to get his fee, so

he may be perceived not to serve shareholders completely. � For effective monitoring, auditor should be technically competent and up-to-

date with current business approaches. Agent accountability:

� Directors are accountable to the shareholders � Directors should prove that they are discharging their duties efficiently (clean

audit report, good results, compliance with codes) � If shareholders are not satisfied with performance, they can remove the

management � There are number of Codes of Conduct issued by Government and Stock

Exchanges which needs to be complied (voluntarily)

Stakeholder theory: � Companies are large, and should discharge accountability to all stakeholders

(not only shareholders) � Typical stakeholders are employees, customers and suppliers, community,

government, environment, future generations � Stakeholders provide company with a contribution (infrastructure i.e. road)

and expect the company to satisfy their interest (give employment to locals).

Page 4: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 4

Directors and Board of Directors

"A company is an entity distinct alike from its shareholders and its directors. Some of its powers may, according to its articles, be exercised by directors; certain other powers may be reserved

for the shareholders in general meeting. If powers of management are vested in the directors, they and they alone can exercise these powers. The only way in which the general body of shareholders can control the exercise of powers by the articles in the directors is by altering the articles, or, if opportunity arises under the articles, by refusing to re-elect the directors of whose

actions they disapprove. They cannot themselves usurp the powers which by the articles are vested in the directors any more than the directors can usurp the powers vested by the articles in the general body of shareholders."

Shaw & Sons (Salford) Ltd v Shaw

� Board of Directors can exercise their powers in meeting of BOD � Sufficient notice has to be given to all directors of these meetings � A quorum must be present before any business may be conducted � Failure to give notice may negate resolutions passed at a meeting

Duties of Directors

1. Acting in Good Faith: the directors must act "bona fide" in what they consider—not what

the court may consider—is in the interests of the company. Difficult Questions arise i.e. it may be for the benefit of a corporate group as a whole for a company to guarantee the debts of a "sister" company. Similarly, conceptually at least, there is no benefit to a company in returning profits to shareholders by way of dividend

2. Proper Purpose: in many instances an improper purpose is readily evident, i.e. a director

looking to make money for himself, or divert an investment opportunity to a relative; such breaches usually involve a breach of the director's duty to act in good faith. Greater

difficulties arise where the director, whilst acting in good faith, is serving a purpose that is not regarded by the law as proper.

3. Unfettered Discretion: Directors cannot, without the consent of the company, fetter their discretion (in relation to the exercise of their powers), and cannot bind themselves to vote in a particular way at future board meetings. The company remains bound, if it made a specific contract, but the directors retain the discretion to vote against taking the future

actions (they may cancel the contract itself.)

4. Conflict of Duty and Interest: A) where a director enters into a transaction with a

company, there is a conflict between the director's interest (to do well for himself out of the transaction) and his duty to the company (to ensure that the company gets as much as it can out of the transaction). B) Directors must not, without the informed consent of the company, use for their own profit the company's assets, opportunities, or information.

C) Directors cannot compete directly with the company without a conflict of interests arising. Similarly, they should not act as directors of competing companies, as their duties to each company would then conflict with each other

5. Care and Skill: A director need not exhibit in the performance of his duties a greater degree of skill than may reasonably be expected from a person of his knowledge and experience

Companies Act:

� Approve interim dividend and recommend final dividend � Approve interim and final financial statements

� Approve significant changes in accounting policies � Approval and removal of key staff (company secretary) � Remuneration of Auditors

� Recommendation for appointment / removal of auditors

Page 5: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 5

The Combined Code states:

1. Every company should be headed by an effective board, which is collectively responsible for the success of the company.

2. The board's role is to provide entrepreneurial leadership of the company within a framework of prudent and effective controls which enables risk to be assessed and

managed. 3. The board should set the company's strategic aims, ensure that the necessary financial

and human resources are in place for the company to meet its objectives and review management performance.

4. The board should set the company's values and standards and ensure that its obligations to its shareholders and others are understood and met.

5. All directors must take decisions objectively in the interests of the company.

6. As part of their role as members of a unitary board, NED's should constructively challenge and help develop proposals on strategy.

7. NED's should scrutinize the performance of management in meeting agreed goals and objectives and monitor the reporting of performance.

8. NED's should satisfy themselves on the integrity of financial information and that financial control and systems of risk management are robust and defensible.

9. NED's are responsible for determining appropriate levels of remuneration of executive

directors and have a prime role in appointing, and where necessary removing, executive directors, and in succession planning.

Code Provisions

� The board should meet sufficiently regularly to discharge its duties effectively.

� There should be a formal schedule of matters specifically reserved for its decision. � The annual report should include a statement of how the board operates, including a high

level statement of which types of decisions are to be taken by the board and which are to

be delegated to management. � The annual report should identify the chairman, the deputy chairman (where there is

one), the chief executive, the senior independent director and the chairmen and members of the nomination, audit and remuneration committees.

� It should also set out the number of meetings of the board and those committees and individual attendance by directors.

� Where directors have concerns which cannot be resolved about the running of the company or a proposed action, they should ensure that their concerns are recorded in the board minutes.

� On resignation, a non- executive director should provide a written statement to the

chairman, for circulation to the board, if they have any such concerns. � The Company should arrange appropriate insurance cover in respect of legal action

against its directors.

Failures: � In a number of "corporate scandals" of the 1990s, one notable feature revealed in

subsequent investigations is that boards were not aware of the activities of the managers

that they hired, and the true financial state of the corporation. � Most boards largely rely on management to report information to them, thus allowing

management to place the desired 'spin' on information, or even conceal or lie about the true state of a company.

� Boards of directors are part-time bodies, whose members meet only occasionally and may not know each other particularly well. This unfamiliarity can make it difficult for board members to question management.

� CEOs tend to be rather forceful personalities. In some cases, CEOs are accused of exercising too much influence over the company's board.

Page 6: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 6

� Directors may not have the time or the skills required to understand the details of corporate business, allowing management to obscure problems.

� The same directors who appointed the present CEO oversee his or her performance. This makes it difficult for some directors to dispassionately evaluate the CEO's performance.

� Directors often feel that a judgment of a manager, particularly one who has performed well in the past, should be respected. This can be quite legitimate, but poses problems if

the manager's judgment is indeed flawed. � All of the above may contribute to a culture of "not rocking the boat" at board meetings.

Non Executive Directors (NED's)

� A non-executive director (NED, also NXD) or outside director is a member of the board of directors of a company who does not form part of the executive management team.

� He or she is not an employee of the company or affiliated with it in any other way.

� They are differentiated from inside directors, who are members of the board also serving as executive managers of the company (most often as corporate officers).

Strategy Role: contribute to development of strategy of the company; challenging the strategy

produced by Executive Directors and offering advice Scrutinizing Role: Review the performance of management. Hold management accountable for its

decisions taken and results obtained. Risk Role: Ensure Company has adequate system of internal controls and system of risk management in place.

People Role: Appointment, remuneration, appraisals of senior management, succession planning

� Lack of unity and trust can put pressure on board operation.

� The quality of NED willing to serve may be poor

Board Balance:

The board should include a balance of executive and NED's (and in particular independent non-executive directors) such that no individual or small group of individuals can dominate the board's decision taking.

1. The board should not be so large as to be unwieldy. 2. The board should be of sufficient size that the balance of skills and experience is

appropriate for the requirements of the business and that changes to the board's composition can be managed without undue disruption.

3. To ensure that power and information are not concentrated in one or two individuals, there should be a strong presence on the board of both executive and non-executive

directors. 4. No one other than the committee chairman and members is entitled to be present at a

meeting of nomination, audit or remuneration committee, but others may attend at the invitation of the committee.

a) The board should identify in the annual report each NED it considers to be independent. b) The board should determine whether the director is independent in character and

judgment and whether there are relationships or circumstances which are likely to affect, or could appear to affect, the director's judgment.

c) The board should state its reasons if it determines that a director is independent notwithstanding the existence of relationships or circumstances which may appear

relevant to its determination, including if the director: � has been an employee of the company or group within the last five years;

Page 7: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 7

� has, or has had within the last three years, a material business relationship with the company either directly, or as a partner, shareholder, director or senior

employee of a body that has such a relationship with the company; � has received or receives additional remuneration from the company apart from a

director's fee, participates in the company's share option or a performance-related pay scheme, or is a member of the company's pension scheme;

� has close family ties with any of the company's advisers, directors or senior employees;

� holds cross-directorships or has significant links with other directors through involvement in other companies or bodies;

� represents a significant shareholder; � or has served on the board for more than nine years from the date of their first

election.

d) Except for smaller companies, at least half the board, excluding the chairman, should

comprise NED's determined by the board to be independent. A smaller company should have at least two independent NED.

e) The board should appoint one of the independent NED to be the senior independent director. The senior independent director should be available to shareholders if they have concerns which contact through the normal channels of chairman, chief executive or

finance director has failed to resolve or for which such contact is inappropriate.

Chairman and chief executive

There should be a clear division of responsibilities at the head of the company between the running of the board and the executive responsibility for the running of the company's business. No one individual should have unfettered powers of decision.

� The chairman is responsible for leadership of the board, ensuring its effectiveness on all

aspects of its role and setting its agenda. � The chairman is also responsible for ensuring that the directors receive accurate, timely

and clear information. � The chairman should ensure effective communication with shareholders. � The chairman should also facilitate the effective contribution of NED's in particular and

ensure constructive relations between executive and non-executive directors. � Chairman sets agenda of the Board Meeting and chair these meetings

1. The roles of chairman and chief executive should not be exercised by the same individual.

2. The division of responsibilities between the chairman and chief executive should be clearly established, set out in writing and agreed by the board.

3. The chairman should (on appointment) meet the independence criteria set out below.

4. A chief executive should not go on to be chairman of the same company. If exceptionally a board decides that a chief executive should become chairman, the board should consult major shareholders in advance and should set out its reasons to shareholders at the time of the appointment and in the next annual report.

� The chairman should hold meetings with the NED's without the executives present. � Led by the senior independent director, the NED's should meet (without the chairman

present) at least annually to appraise the chairman's performance.

CEO's Responsibility:

1. Take responsibility for the performance of the company

2. Report to the Chairman and Board of Directors 3. Manage Financial and physical resources 4. Build and maintain effective team 5. Put adequate operational, financial, planning and risk management systems

6. Represent the company to major suppliers, customers, professional associations

Page 8: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 8

Information and professional development of Directors

a) The chairman is responsible for ensuring that the directors receive accurate, timely and clear information.

b) Management has an obligation to provide such information but directors should seek clarification or amplification where necessary.

c) The company should provide the necessary resources for developing and updating its directors' knowledge and capabilities.

d) Under the direction of the chairman, the company secretary's responsibilities include ensuring good information flows within the board and its committees and between senior

management and NED, as well as facilitating induction and assisting with professional development as required.

e) The company secretary should be responsible for advising the board through the chairman

on all governance matters. f) The chairman should ensure that new directors receive a full, formal and tailored induction

on joining the board. As part of this, the company should offer to major shareholders the opportunity to meet a new non-executive director

g) The board should ensure that directors, especially non-executive directors, have access to independent professional advice at the company's expense where they judge it necessary to discharge their responsibilities as directors.

h) Committees should be provided with sufficient resources to undertake their duties. i) All directors should have access to the advice and services of the company secretary, who

is responsible to the board for ensuring that board procedures are complied with. j) Both the appointment and removal of the company secretary should be a matter for the

board as a whole. Performance evaluation of Directors

1. Individual evaluation should aim to show whether each director continues to contribute effectively and to demonstrate commitment to the role (including commitment of time for board and committee meetings and any other duties).

2. The chairman should act on the results of the performance evaluation by recognising the strengths and addressing the weaknesses of the board and, where appropriate, proposing new members be appointed to the board or seeking the resignation of directors.

3. The board should state in the annual report how performance evaluation of the board, its

committees and its individual directors has been conducted. 4. The NED's, led by the senior independent director, should be responsible for performance

evaluation of the chairman, taking into account the views of executive directors

Re-election of Directors

• All directors should be submitted for re-election at regular intervals, subject to continued

satisfactory performance. • The board should ensure planned and progressive refreshing of the board. • All directors should be subject to election by shareholders at the first annual general

meeting after their appointment, and to re-election thereafter at intervals of no more than

three years. • The names of directors submitted for election or re-election should be accompanied by

sufficient biographical details and any other relevant information to enable shareholders to

take an informed decision on their election. • NED should be appointed for specified terms subject to re-election and to Companies Acts

provisions relating to the removal of a director. • The board should set out to shareholders in the papers accompanying a resolution to elect

a NED why they believe an individual should be elected. • The chairman should confirm to shareholders when proposing re-election that, following

formal performance evaluation, the individual's performance continues to be effective and

to demonstrate commitment to the role.

Page 9: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 9

• Any term beyond six years (e.g. two three-year terms) for a non-executive director should be subject to particularly rigorous review, and should take into account the need for

progressive refreshing of the board. • NED may serve longer than nine years (e.g. three three-year terms), subject to annual re-

election. Serving more than nine years could be relevant to the determination of NED's independence.

Nomination Committee

There should be a nomination committee which should lead the process for board appointments and make recommendations to the board.

A committee that is a subset of a larger committee is called a subcommittee. [Where the larger group has a name other than "committee" - for example, "Board" or "Commission", the smaller group(s) would be called committee(s), not subcommittee(s)]

Nomination Committee is a Board committee. Board delegates certain responsibilities to its committees because:

It generally includes only those people who have expertise in the task; thereby reducing the

size of the committee and increasing efficiency in decision making It reduces Board's workload, as difficult tasks are delegated to Subcommittees

The nomination committee should make its terms of reference, explaining its role and the

authority available delegated to it by the board. 1. A majority of members of the nomination committee should be independent NED. 2. The chairman or an independent NED should chair the committee

3. The chairman should not chair the nomination committee when it is dealing with the appointment of a successor to the chairmanship.

4. The nomination committee should evaluate the balance of skills, knowledge and experience

on the board and, prepare a description of the role and capabilities required for a particular appointment

5. For the appointment of a chairman, the nomination committee should: a. Prepare a job specification, including an assessment of the time commitment

expected, recognizing the need for availability in the event of crises. b. A chairman's other significant commitments should be disclosed to the board before

appointment and included in the annual report.

c. Changes to such commitments should be reported to the board as they arise, and included in the next annual report.

d. No individual should be appointed to a second chairmanship of a FTSE 100 company. 6. For NED's:

a. The terms and conditions of appointment of NED's should be made available for inspection.

b. The letter of appointment should set out the expected time commitment. c. NED's should undertake that they will have sufficient time to meet what is expected of

them. d. Their other significant commitments should be disclosed to the board before

appointment, with a broad indication of the time involved and the board should be

informed of subsequent changes. e. The board should not agree to a full time executive director taking on more than one

non-executive directorship in a FTSE 100 company nor the chairmanship of such a company.

7. A separate section of the annual report should describe the work of the nomination committee, including the process it has used in relation to board appointments.

8. An explanation should be given if neither an external search consultancy nor open advertising

has been used in the appointment of a chairman or a NED.

Page 10: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 10

9. The chairman should arrange for the chairmen of the audit, remuneration and nomination committees to be available to answer questions at the AGM and for all directors to attend.

Duties of the nomination Committee

The committee should: 1. Be responsible for identifying and nominating for the approval of the board, candidates to

fill board vacancies as and when they arise; 2. Before making an appointment, evaluate the balance of skills, knowledge and experience

on the board and, in the light of this evaluation, prepare a description of the role and capabilities required for a particular appointment;

3. Review annually the time required from a non-executive director. Performance evaluation should be used to assess whether the non-executive director is spending enough time to fulfill their duties;

4. Consider candidates from a wide range of backgrounds and look beyond the "usual suspects";

5. Give full consideration to succession planning in the course of its work, taking into account the challenges and opportunities facing the company and what skills and expertise are

therefore needed on the board in the future; 6. Regularly review the structure, size and composition (including the skills, knowledge and

experience) of the board and make recommendations to the board with regard to any

changes; 7. Keep under review the leadership needs of the organization, both executive and non-

executive, with a view to ensuring the continued ability of the organization to compete effectively in the marketplace;

8. Make a statement in the annual report about its activities; 9. The process used for appointments and explain if external advice or open advertising has

not been used; the membership of the committee, number of committee meetings and attendance over the course of the year;

10. Make available its terms of reference explaining clearly its role and the authority delegated to it by the board;

11. And ensure that on appointment to the board, non-executive directors receive a formal

letter of appointment setting out clearly what is expected of them in terms of time commitment, committee service and involvement outside board meetings.

The committee should make recommendations to the board:

� As regards plans for succession for both executive and NED's; � As regards the re-appointment of any NED at the conclusion of their specified term

of office;

� Concerning the re-election by shareholders of any director under the retirement by rotation provisions in the company's articles of association;

� Concerning any matters relating to the continuation in office of any director at any time; and

� Concerning the appointment of any director to executive or other office other than to the positions of chairman and chief executive, the recommendation for which would be considered at a meeting of the board.

Induction Program: � Contain selected written text, and presentations about the Company structure,

subsidiaries, joint ventures

� Gives understanding about markets, people, suppliers, auditors � Annual accounts, interim financials, KPI's, treasury polcicies � Provide them company's vision and mission and an idea about strategy � Outline of director's duties and responsibilities

� Advice on share dealing and disclosure of sensitive information � Should not overload the director with excess information

Page 11: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 11

Terms of reference

The following are the terms of reference of the Nomination Committee ('the Nomination Committee') of HBOS and the HBOS Group.

1. Membership

1.1 Membership of the Nomination Committee will include the Chairman, the Chief Executive, the Deputy

Chairman, the Senior Independent Director, together with at least two further Non-Executive Directors. The membership will at all times consist of a majority of independent Non-Executive Directors.

1.2 The Chairman of the Nomination Committee will be the Chairman or an independent Non-Executive Director.

1.3 The Secretary of the Nomination Committee is appointed by the Chairman of the Committee.

A quorum of the Nomination Committee will comprise at least two members, one of whom shall be the

Chairman of the Committee or the Chairman (if different) or one further independent Non-Executive Director (if the same).

2. Attendance

The Nomination Committee may invite other persons to attend meetings where appropriate to assist in the effective discharge of the Nomination Committee's duties.

3. Frequency of Meetings

The Nomination Committee will meet as required but at least twice in each year. Any Nomination Committee member or the Secretary may call for meetings as necessary.

4. Authority

4.1 The Nomination Committee is authorized by the HBOS Board to undertake any activity within its terms of reference.

4.2 The Nomination Committee is authorized by the HBOS Board to seek appropriate professional advice inside and outside of the Group as and when it considers this necessary.

4.3 Although normally decisions are reached on a consensus, in the event of a disagreement, decisions on any matter are made by the majority, with the Chairman of the meeting having a second, casting vote in the event of a tie. A Nomination Committee member who remains opposed to a proposal after a vote can ask for his or her dissent to be noted in the minutes.

5. Principal Duties

The Nomination Committee is authorized by the Board to:

5.1 ensure that there is a formal, rigorous and transparent procedure for the appointments of new Directors to the Board;

5.2 review the composition of the HBOS Board and consider and advise the HBOS Board as to any changes, which may be required to achieve a balanced and appropriately experienced and qualified Board;

5.3 as necessary to make recommendations to the Board on the independence of any existing or proposed Non-Executive Director in line with the criteria set out in the Board Control Manual under the section Independent Non-Executive Directors;

Page 12: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 12

5.4 satisfy itself that plans are in place for orderly succession for appointments to the Board and other senior management (levels 7 and 8) positions, and will search for, consider and make recommendations to the HBOS Board in relation to the appointment of Directors of HBOS, including the position of Chairman;

5.5 ascertain, when required, the time commitments required of Non-Executive Directors, individually and collectively to fulfil the duties required;

5.6 make recommendations to the Chairman of HBOS as required in respect of the membership of the Board Committees of the HBOS Board, and the Chairmanships thereof;

5.7 make publicly available its terms of reference, explaining its role and the authority delegated to it by the Board;

5.8 be available in the person of the Chairman of the Nomination Committee to answer Shareholders’ questions about the activities of the Nomination Committee at the Annual General Meeting.

5.9 make a statement in the Company's Annual Report and Accounts detailing its activities and the process it has used to make any recommendations in respect of appointments to the Board;

5.10 for the appointment of a Chairman of the Board, the Nomination Committee should prepare a job description, including an assessment of the time commitment expected, recognising the need for availability in the event of crises. A Chairman's other significant commitments should be disclosed to the Board before appointment and included in the Annual Report. Changes to such commitments should be disclosed to the Board as they arise and included in the next Annual Report;

5.11 ensure that on appointment to the Board, Non-Executive Directors receive a formal Letter of

Appointment setting out a job description and clearly what is expected of them in terms of time commitment, committee service and involvement outside Board meetings.

5.12 Appointment (and removal) of Director Trustees and (subject to the requirements of the Pensions

Act 1995) other Trustees of the Group's Pension Schemes in place from time to time in particular, where necessary, in accordance with the Definition of Independence of Director Trustees set out in the Terms of Reference of the Nomination Committee

Remuneration Committee

1. The remuneration committee should judge where to position their company relative to

other companies. 2. They should use such comparisons with caution, in view of the risk of an upward ratchet

of remuneration levels with no corresponding improvement in performance.

3. They should also be sensitive to pay and employment conditions elsewhere in the group, especially when determining annual salary increases

4. The performance-related elements of remuneration should form a significant proportion of the total remuneration package of executive directors and should be designed to align

their interests with those of shareholders and to give these directors keen incentives to perform at the highest levels.

5. Executive share options should not be offered at a discount save as permitted by the

relevant provisions of the Listing Rules. 6. Levels of remuneration for NED's should reflect the time commitment and responsibilities

of the role. 7. Remuneration for NED's should not include share options.

8. If, exceptionally, options are granted, shareholder approval should be sought in advance and any shares acquired by exercise of the options should be held until at least one year after the NED leaves the board.

9. Holding of share options could be relevant to the determination of a NED's independence.

Page 13: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 13

10. Where a company releases an executive director to serve as a NED elsewhere, the remuneration report should include a statement as to whether or not the director will

retain such earnings and if so, what the remuneration is. Service Contracts and Compensation

• The remuneration committee should carefully consider what compensation commitments (including pension contributions and all other elements) their director's terms of appointment would entail in the event of early termination.

• The aim should be to avoid rewarding poor performance. They should take a robust line

on reducing compensation to reflect departing directors' obligations to mitigate loss. • Notice or contract periods should be set at one year or less. If it is necessary to offer

longer notice or contract periods to new directors recruited from outside, such periods

should reduce to one year or less after the initial period. • The remuneration committee should consult the chairman and/or chief executive about

their proposals relating to the remuneration of other executive directors.

• The remuneration committee should also be responsible for appointing any consultants in respect of executive director remuneration.

• Where executive directors or senior management are involved in advising or supporting

the remuneration committee, care should be taken to recognize and avoid conflicts of interest.

• The chairman of the board should ensure that the company maintains contact as required with its principal shareholders about remuneration in the same way as for other matters.

a) The board should establish a remuneration committee of at least three, or in the case

of smaller companies two, members, who should all be independent NED's. b) The remuneration committee should make available its terms of reference, explaining

its role and the authority delegated to it by the board. c) Where remuneration consultants are appointed a statement should be made available

of whether they have any other connection with the company.

d) The remuneration committee should have delegated responsibility for setting remuneration for all executive directors and the chairman, including pension rights and any compensation payments.

e) The committee should also recommend and monitor the level and structure of

remuneration for senior management. f) The definition of "senior management" for this purpose should be determined by the

board but should normally include the first layer of management below board level.

g) The board itself or, where required by the Articles of Association, the shareholders should determine the remuneration of the NED within the limits set in the Articles of Association.

h) Where permitted by the Articles, the board may however delegate this responsibility to

a committee, which might include the chief executive. i) Shareholders should be invited specifically to approve all new long-term incentive

schemes (as defined in the Listing Rules) and significant changes to existing schemes, save in the circumstances permitted by the Listing Rules.

Page 14: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 14

Purpose of the remuneration system: • pays for work performed by the employee

• attracts, motivates and retains the right employees • provides pay equity for different groups of employees • supports developing careers

• supports growing from within the organization Remuneration includes base salary (basic), bonuses, economic benefits (other than cash), share

options, pension contributions etc. Remuneration should be sufficient to:

• keep the board motivated to increase performance • give rewards when someone show good results • board feels they are being paid appropriately for their efforts • their remuneration is at pace with the market rates

Linking remuneration to company strategy: To achieve maximum return, an organization's remuneration strategy must be integrated with business and human resource strategies.

Basic Salary:

• It is usually set in relation to peer groups (industry specific, equal size ventures)

• High basic salary gives a guaranteed payment without any regard to performance. • High basic salary may reduce incentive for any improvements • Low basic salary with performance bonuses, urges board to work with more productivity • If the basic salary is too low, it will de-motivate the board

Performance related elements (bonus, incentives):

• Measurement criteria needs to be established

• If the market is in recession, directors will be penalized without any fault of theirs. Shares / share options:

• It is long term incentive scheme, enabling to retain directors

• Director's make profit if share value increases (sharing the shareholders goal) • This alignment in goals overcomes the agency problem • Options can be phased, instead of given in one block, to increase time duration

Legal issues: • Compensation commitments (including pension) should be considered for the case of early

termination

• Compensation package should not reward poor performance Ethical issues:

• In high profile corporate failures, directors were perceived to receive excessive

remuneration in relation to their performance • In underperforming, or privatized utilities, public perception of excess pay rises

Regulatory issues (UK Directors Remuneration Report Regulation 2002): • Directors to submit remuneration report to members in AGM • Report must provide full details of director's remuneration • Report is clear, transparent, and understandable to shareholders

After the high profile corporate scandals:

• Directors are given extra responsibilities, and have more potential liabilities • They require more remuneration to compensate the extra demand on them

Page 15: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 15

Activity 1

Flick plc (quoted on LSE) is planning to acquire 20% stake in UUL (also listed on LSE). Flick plc is

considered to be adhering to the principles of good corporate governance. UUL is predominantly a family owned concern, with 51% shares vested with the Johnson family. Mr. Johnson is the Chairman board of directors, while Mr. Smith (son of Mr. Johnson) is the CEO.

There are 8 members in the board of director of UUL (including Chairman and CEO), of which 5 belong to the Johnson family and work as full time paid directors. Other 3 directors are representative of Global Bank Limited, which leads the consortium of the lender institutions.

Required: 1. Comment on the board structure of UUL? Does it comply with the Code? 2. How can Flick plc insist on putting their director on the board? Describe whether

the director should be a paid director or NED? 3. What role does a NED play in a company? Describe? 4. What effect will the acquisition have on Flick plc, if it acquires UUL in current state,

without any change? Consider the case where Flick plc requires more funds for the

acquisition.

Corporate Governance is: The system by which companies are directed and controlled, in the interests of shareholders and stakeholders

Purpose of Corporate Governance:

• Monitor those parties which control resources owned by investors in a company • To improve corporate performance and accountability

• To improve long term shareholder value Fairness: sense of equality in dealing with internal and external stakeholders, and ability to reach

equitable judgment in a given ethical situation Openness / transparency: transparent relationship with shareholders to reduce their agency cost. Development of systems and procedures to form an appropriate culture in organization

Independence: between executive and non-executive directors and from personal influence of one party

Probity / honesty: honestly reporting financial position, and providing perception of honesty to all stakeholders

Responsibility: willingness to accept liability on decisions made, defining clear roles Accountability: Developing risk management and control systems

Reputation: developing personal reputation, reputation of company and reputation of profession Judgment: Ability to reach conclusions after weighing issues and giving them consideration

Integrity: Highest standard of honesty and observing strict moral and ethical code. Non-Profit Organizations:

• Stakeholders are fund providers, regulators, general public • Volunteer trustees manage alongwith paid or unpaid management team • Donors demand information – accountability

Page 16: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 16

Corporate Social Responsibility (CSR) is a concept which encourages organizations to consider the interests of society by taking responsibility for the impact of the organization's

activities on customers, employees, shareholders, communities and the environment in all aspects of its operations. This obligation is seen to extend beyond the statutory obligation to comply with legislation and

sees organizations voluntarily taking further steps to improve the quality of life for employees and their families as well as for the local community and society at large. Companies complying with good CSR practices:

• Are rewarded with extra customers • Attract better and committed employees; and retain these employees • Get independence from government legislations (by voluntarily compliance)

• Reduce risk of getting 'bad reputation' by doing right things Criticism to CSR:

• Free market operation: Company's principal motive is to maximize profit. Company does

not have moral responsibility for its actions • Image building: Companies put up CSR programs to build their image only

Stakeholders:

Traditional stakeholders were four parties: investors, employees, suppliers, and customers.

Stakeholder theory argues that there are other parties involved, including governmental bodies, political groups, trade associations, trade unions, communities, associated corporations, prospective employees, prospective customers, and the public at large. Sometimes even competitors are counted as stakeholders.

Motivation for companies to act in relation to concern of stakeholders:

• Possible impact on profit: company believes not reacting to stakeholders input will

decrease their profits. • Moral responsibility: Company accepts a responsibility to sustain social cohesion

Impact on Corporate Governance:

Social accounting disclosures are made in the annual report • Ethical accounting: internal code of practices at an individual level, and how company

maintains it

• Environmental accounting: organization's impact on the environment • Social Accounting: Impact on employee condition, health and safety, equal opportunities,

human rights etc. • Sustainable accounting: incorporating all of the above

Ownership and property:

• Owner has right to use property in any way he like • Owner has right to regulate anyone else's use of his property (land – right of way)

• Owner has right to sell his property • Owner is responsible that his use of property does not damage others

Shareholders are owners, but company is a separate legal entity Shareholders participate in the risk and reward of ownership to a limited extent Shareholders are responsible for company's action to a small extent:

• Large shareholders (institutional) can influence greater corporate accountability • Making other shareholders aware of the company policies and its consequences • Choosing to invest in companies with proven ethical track record only.

Muhammed Uzair
Highlight
Muhammed Uzair
Highlight
Muhammed Uzair
Highlight
Muhammed Uzair
Highlight
Muhammed Uzair
Highlight
Muhammed Uzair
Highlight
Page 17: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 17

Disclosure and communication to shareholders

• Shareholders are owners, therefore have a right to obtain sufficient information to enable

them to make investment decisions • AGM is the only opportunity where directors interact with shareholders • Annual report is the only means of communication of information to shareholders

Best Practice Corporate Governance

Annual report should include • A statement from the BOD regarding how it operates and the type of decisions it takes. • Identify Chairman, CEO, Senior NED, Committee members, and attendance of all directors

• Explain reason for Chairman and CEO to be same person • All NED's which board considers to be independent to be identified • Director's other commitments

• Details of the work of the nomination committee • How board's, committee's and individual directors performance is evaluated • Remuneration report by the committee • Explanation by directors of their responsibility to prepare accounts and report business as

going concern • Report on effectiveness of internal controls • Work of the audit committee

• Committee recommendations and reasons for not implementing them • How audit objectivity and independence are safeguarded when non-audit services are

provided • Measures taken in order to promote institutional shareholder's dialague

Mandatory disclosure: This is required to be made by law Voluntary disclosure: The company choose to disclose information if they wish Annual report is the tool to make voluntary disclosures

Why companies make voluntary disclosures:

• To become accountable to shareholders

• Provide more information to shareholders (in terms of agency theory) • To increase investment in the company, as investors are attracted by increase disclosures

and transparency • To give assurance to shareholders that management is competent and loyal to their

interests • To provide information to various stakeholders • To improve public understanding

• to act as marketing tool

Provisions of the Combined Code

• The board should present a balanced and understandable assessment of the company's

position and prospects. • The board's responsibility to present a balanced and understandable assessment extends

to interim and other price-sensitive public reports and reports to regulators as well as to information required to be presented by statutory requirements.

• The directors should explain in the annual report their responsibility for preparing the accounts and there should be a statement by the auditors about their reporting responsibilities.

• The directors should report that the business is a going concern, with supporting assumptions or qualifications as necessary.

Dialogue with Shareholders

• The board as a whole has responsibility for ensuring that a satisfactory dialogue with shareholders takes place

• Whilst recognizing that most shareholder contact is with the chief executive and finance

director, the chairman (and the senior independent director and other directors as

Page 18: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 18

appropriate) should maintain sufficient contact with major shareholders to understand their issues and concerns

• The chairman should ensure that the views of shareholders are communicated to the board as a whole.

• The chairman should discuss governance and strategy with major shareholders. • Non-executive directors should be offered the opportunity to attend meetings with major

shareholders. • The senior independent director should attend sufficient meetings with a range of major

shareholders to listen to their views in order to help develop a balanced understanding of the issues and concerns of major shareholders

• The board should state in the annual report the steps they have taken to ensure that the members of the board, and in particular the non-executive directors, develop an understanding of the views of major shareholders about their company, for example

through direct face-to-face contact, analysts' or brokers' briefings and surveys of shareholder opinion.

Constructive Use of the AGM

• The board should use the AGM to communicate with investors and to encourage their participation.

• The company should count all proxy votes and, except where a poll is called, should

indicate the level of proxies lodged on each resolution, and the balance for and against the resolution and the number of abstentions, after it has been dealt with on a show of hands.

• The company should ensure that votes cast are properly received and recorded. • The company should propose a separate resolution at the AGM on each substantially

separate issue and should in particular propose a resolution at the AGM relating to the report and accounts.

• The chairman should arrange for the chairmen of the audit, remuneration and nomination committees to be available to answer questions at the AGM and for all directors to attend

• The company should arrange for the Notice of the AGM and related papers to be sent to shareholders at least 20 working days before the meeting.

Evaluation of Governance Disclosures

• Institutional shareholders should consider carefully explanations given for departure from this Code and make reasoned judgments in each case.

• They should give an explanation to the company, in writing where appropriate, and be

prepared to enter a dialogue if they do not accept the company's position. • They should avoid a box-ticking approach to assessing a company's corporate

governance.

• They should bear in mind in particular the size and complexity of the company and the nature of the risks and challenges it faces.

INTERNAL CONTROL AND REVIEW

• Management should ensure that company's objectives are achieved • Management places policies and procedures to minimize risk of failure to achieve

company's objectives • Control Environment is the overall philosophy of management for internal controls • Control Environment is part of the company culture, style and employee attitudes

Muhammed Uzair
Highlight
Muhammed Uzair
Highlight
Muhammed Uzair
Highlight
Page 19: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 19

Importance of Internal Controls

• A sound system of internal control contributes to safeguarding the shareholders’

investment and the company’s asset • Effective financial controls including the maintenance of proper accounting records, are an

important element of internal controls • They help ensure that the company is not unnecessarily exposed to avoidable financial

risks and that financial information used within the business and for publication is reliable. • They also contribute to the safeguarding of assets, including the prevention and detection

of fraud.

The system of internal control should: • be embedded in the operations of the company and form part of its culture; • be capable of responding quickly to evolving risks to the business arising from factors

within the company and to changes in the business environment; and • include procedures for reporting immediately to appropriate levels of management any

significant control failings or weaknesses that are identified together with details of corrective action being undertaken

A sound system of internal control reduces, but cannot eliminate, the possibility of poor judgment in decision-making; human error; control processes being deliberately circumvented by

employees and others; management overriding controls; and the occurrence of unforeseeable circumstances. Risk Management:

The process by which executive management, under board supervision, identifies the risk arising from business and establishes the priorities for control and particular objectives. Code Provisions:

• The board should, at least annually, conduct a review of the effectiveness of the group's system of internal controls and should report to shareholders that they have done so.

• The review should cover all material controls, including financial, operational and

compliance controls and risk management systems • The board should establish an audit committee of at least three, or in the case of smaller

companies' two, members, who should all be independent non-executive directors. • The board should satisfy itself that at least one member of the audit committee has recent

and relevant financial experience. The main role and responsibilities of the audit committee should be set out in written terms of

reference and should include: • to monitor the integrity of the financial statements of the company, and any formal

announcements relating to the company's financial performance, reviewing significant financial reporting judgments contained in them;

• to review the company's internal financial controls and, unless expressly addressed by a separate board risk committee composed of independent directors, or by the board itself, to review the company's internal control and risk management systems;

• to monitor and review the effectiveness of the company's internal audit function;

• to make recommendations to the board, for it to put to the shareholders for their approval in general meeting, in relation to the appointment, re-appointment and removal of the external auditor and to approve the remuneration and terms of engagement of the

external auditor; • to review and monitor the external auditor's independence and objectivity and the

effectiveness of the audit process, taking into consideration relevant UK professional and regulatory requirements;

• to develop and implement policy on the engagement of the external auditor to supply non-audit services, taking into account relevant ethical guidance regarding the provision of non-audit services by the external audit firm;

Muhammed Uzair
Highlight
Muhammed Uzair
Highlight
Muhammed Uzair
Highlight
Page 20: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 20

• and to report to the board, identifying any matters in respect of which it considers that action or improvement is needed and making recommendations as to the steps to be

taken.

1. The terms of reference of the audit committee, including its role and the authority delegated to it by the board, should be made available.

2. A separate section of the annual report should describe the work of the committee in discharging those responsibilities.

3. The audit committee should review arrangements by which staff of the company may, in confidence, raise concerns about possible improprieties in matters of financial reporting or

other matters. 4. The audit committee's objective should be to ensure that arrangements are in place for

the proportionate and independent investigation of such matters and for appropriate

follow-up action. 5. The audit committee should monitor and review the effectiveness of the internal audit

activities. Where there is no internal audit function, the audit committee should consider annually whether there is a need for an internal audit function and make a

recommendation to the board, and the reasons for the absence of such a function should be explained in the relevant section of the annual report.

6. The audit committee should have primary responsibility for making a recommendation on

the appointment, reappointment and removal of the external auditors. 7. If the board does not accept the audit committee's recommendation, it should include in

the annual report, and in any papers recommending appointment or re-appointment, a statement from the audit committee explaining the recommendation and should set out

reasons why the board has taken a different position. 8. The annual report should explain to shareholders how, if the auditor provides non-audit

services, auditor objectivity and independence is safeguarded.

GUIDANCEONINTERNALCONTROL

(The Turnbull Guidance)

The guidance is based on the adoption by a company's board of a risk- based approach to establishing a sound system of internal control and reviewing its effectiveness. This should be incorporated by the company within its normal management and governance

processes. It should not be treated as a separate exercise undertaken to meet regulatory requirements

• A company's objectives, its internal organization and the environment in which it operates are continually evolving and, as a result, the risks it faces are continually changing.

• A sound system of internal control therefore depends on a thorough and regular evaluation of the nature and extent of the risks to which the company is exposed.

• Since profits are, in part, the reward for successful risk- taking in business, the purpose of internal control is to help manage and control risk appropriately rather than to eliminate it.

The board must ensure that the system of internal control is effective in managing risks. It should consider:

• the nature and extent of the risks facing the company;

• the extent and categories of risk which it regards as acceptable for the company to bear; • the likelihood of the risks concerned materializing; • the company's ability to reduce the incidence and impact on the business of risks that do

materialize; and

• the costs of operating particular controls relative to the benefit thereby obtained in managing the related risks.

Muhammed Uzair
Highlight
Muhammed Uzair
Highlight
Muhammed Uzair
Highlight
Muhammed Uzair
Highlight
Muhammed Uzair
Highlight
Page 21: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 21

Internal Control Guideline:

1. It is important that risk management and control are not seen as a burden on business, rather the means by which business opportunities are maximized and potential losses associated with unwanted events reduced.

2. Companies set themselves strategic and business objectives, then manage risks that

threaten the achievement of those objectives. 3. Internal control and risk management should supplement entrepreneurship, but not

replace it. 4. Increased shareholder value is the reward for successful risk taking and the role of

internal control is to manage risk appropriately rather than to eliminate it.

Risk can be defined as real or potential events which reduce the likelihood of achieving business

objectives. Or, put another way, uncertainty as to the benefits. The term includes both the potential for gain and exposure to loss.

Internal control is one of the principal means by which risk is managed. Other devices used to manage risk include:

• The transfer of risk to third parties,

• Sharing risks, • Contingency planning and the withdrawal from unacceptably risky activities.

Of course companies can accept risk too. Getting the balance right is the essence of successful

business – to knowingly take risk, rather than be unwittingly exposed to it.

Example: the objective of a coal miner is to maximize coal output. More digging, means more

output, resulting in a risk of mine collapse, resulting in injury and delayed outputs. Pit props (wooden supports) can manage risk of mine collapse. Too many props (over control) can delay digging, and few props (under control) will not be able to manage the collapse.

Responsibility for the Internal Control system:

• The board is ultimately responsible for the system of internal controls • The board will normally delegate to the management, the task of establishing, operating

and monitoring of the system of internal controls • The responsibility of the board cannot be delegated

• The management should identify and evaluate the risks faced by the company, and design and operate appropriate internal controls

• The operation and monitoring of internal controls should be undertaken by individuals who possess necessary skills and competences.

Internal controls commonly comprise of:

1. Control Environment: Tone of the organization, control consciousness by its people,

managements philosophy and working style, and the way management assigns authority and responsibility

2. Identification and evaluation of risks and control objectives: Objectives should be internally consistent and linked at different levels. Risk assessment should include effect

of both internal and external factors 3. Control activities: are policies and procedures that help ensure the management directives

are being followed. They include approvals, authorizations, verifications, reconciliations

and segregation of duties. 4. Information and communication process: Information must be identified, captured and

communication in the required time frame. Reports containing information are required to be generated.

5. Monitoring the effectiveness of internal control system: regular management and supervisory activities where internal control deficiencies are reported upstream.

Muhammed Uzair
Highlight
Page 22: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 22

Control should be capable of responding quickly to evolving risks.

Resilience refers to company's capability to respond and adapt to unexpected risks and

opportunities, and to make decisions. Control needs to be close to the associated risks – the shorter the chain, the quicker the action. Cost of control should be balanced against the benefits, including the risk it is designed

to manage. When SONY was designing its WALKMAN, the CEO stated that in order to achieve 50% reduction in size, he would be willing to accept higher level of failure in R&D projects, and he had to visibly demonstrate its acceptance.

Internal Controls should include procedures of reporting immediately to appropriate

levels of management, with details of corrective action.

It should not be assumed that breakdown of controls is an isolated instance. Often major disasters are accumulation of small insignificant events, which if analyzed correctly, would have given indication of the problem and necessary warning.

Control can help minimize errors, but cannot provide absolute assurance that they will

not occur.

A control system cannot be designed to provide protection with certainty.

The system of control should be embedded in the operations of the company and

should form part of its culture.

People, who are accountable to achieve objectives, should also be accountable to maintain

effective controls to achieve those objectives. By making individuals accountable, likelihood of effective operation of controls increases.

Activity 2

A photocopier salesman was offered a bonus for meeting a particular sales target. The copiers were sold with a standard three years warranty. The salesman was able to provide the purchaser extended warranty cover by inaccurately putting dates on the warranty card. This gave him

advantage over his competitors in selling, and he sold the required number of copiers every month.

Most common weaknesses in control system:

1. Philosophy: Understood, but not written, open to misinterpretation

2. Roles and responsibilities: absence of clear responsibilities in the organization 3. Performance appetite: lack of understanding of organizations' appetite of risk taking 4. Information reporting: Boards either get too much information (overload), or too little

(under informed)

5. Behavior: Disincentives for employees to behave properly

Reviewing the effectiveness of Internal Control

Responsibilities:

• Reviewing the effectiveness of internal control is an essential part of the board's responsibilities. The board will need to form its own view on effectiveness after due and careful enquiry based on the information and assurances provided to it.

• Management is accountable to the board for monitoring the system of internal control and for providing assurance to the board that it has done so.

• The role of board committees in the review process, including that of the audit committee, is for the board to decide and will depend upon factors such as the size and composition of

the board; the scale, diversity and complexity of the company's operations; and the nature of the significant risks that the company faces.

• The board takes responsibility for the disclosures on internal control in the annual report

and accounts.

Page 23: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 23

Board responsibilities

• Effective monitoring on a continuous basis is an essential component of a sound system of

internal control. The board cannot, however, rely solely on the embedded monitoring processes within the company to discharge its responsibilities.

• It should regularly receive and review reports on internal control. • Internal controls considered by the board should include all types of controls including

those of an operational and compliance nature, as well as internal financial controls • The board should define the process to be adopted for its review of the effectiveness of

internal control. • This should encompass both the scope and frequency of the reports it receives and

reviews during the year, and also the process for its annual assessment. • When reviewing reports during the year, the board should:

a) consider what are the significant risks and assess how they have been

identified, evaluated and managed; b) Assess the effectiveness of the related system of internal control in managing

the significant risks, having regard, in particular, to any significant failings or weaknesses in internal control that have been reported;

c) Consider whether necessary actions are being taken promptly to remedy any significant failings or weaknesses; and

d) Consider whether the findings indicate a need for more extensive monitoring of

the system of internal control.

Annual Assessment by Board: • In addition, the board should undertake an annual assessment for the purposes of making

its public statement on internal control to ensure that it has considered all significant aspects of internal control for the company for the year under review and up to the date of approval of the annual report and accounts.

• The assessment should consider issues dealt with in reports reviewed by it during the year

together with any additional information necessary to ensure that the board has taken account of all significant aspects of internal control for the company for the year under review and up to the date of approval of the annual report and accounts.

• Should the board become aware at any time of a significant failing or weakness in internal control, it should determine how the failing or weakness arose and re-assess the effectiveness of management's ongoing processes for designing, operating and monitoring the system of internal control.

Management Responsibilities: • The reports from management to the board should, in relation to the areas covered by

them, provide a balanced assessment of the significant risks and the effectiveness of the system of internal control in managing those risks.

• Any significant control failings or weaknesses identified should be discussed in the reports, including the impact that they have had, could have had, or may have, on the company

and the actions being taken to rectify them. • It is essential that there be openness of communication by management with the board

on matters relating to risk and control.

Process of reviewing effectiveness of Internal Controls

a) Identify Company's business objectives b) Identify and assess the risks which threatens achievement of these business objectives

c) Design internal controls to manage those risks d) Operate the internal controls with their design specification e) Monitor the controls to ensure they are operating properly f) Directors should review effectiveness of these internal controls

g) Report to the shareholders that they have done the review.

Page 24: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 24

Sarbanes Oxley Act (Responsibilities)

1. Board is likely to delegate the authority to obtain information on internal controls to

the Audit Committee. 2. CEO and CFO have to attest that the control system has been reviewed. 3. Independent auditor has to express an opinion on management's assessment of the

effectiveness of the Internal Controls.

4. Auditors have to verify management's assessment by independent testing

Internal Audit

Internal audit is one of the most influential and value added service available to the Board. The scope of internal auditing within an organization is broad and may involve internal control topics such as:

• Efficacy of operations, • Reliability of financial reporting, • Deterring and investigating fraud, • Safeguarding assets, and

• Compliance with laws and regulations. Internal auditors are not responsible for the execution of company activities; they advise

management and the Board of Directors (or similar oversight body) regarding how to better execute their responsibilities. Code provisions:

• Companies which do not have an internal audit function should from time to time review the need for one.

• The need for an internal audit function will vary depending on company specific factors including:

a) Scale, diversity and complexity of the company's activities, b) number of employees, and c) Cost/benefit considerations

d) any trends or current factors relevant to the company's activities, markets or other aspects of its external environment, that have increased, or are expected to increase the risks faced by the company

e) Internal factors such as organizational restructuring or from changes in

reporting processes or underlying information systems. f) adverse trends evident from the monitoring of internal control systems g) an increased incidence of unexpected occurrences

• Senior management and the board may desire objective assurance and advice on risk and control

• An adequately resourced internal audit function (or its equivalent where, for example, a third party is contracted to perform some or all of the work concerned) may provide such

assurance and advice. • There may be other functions within the company that also provide assurance and advice

covering specialist areas such as health and safety, regulatory and legal compliance and environmental issues

• If the company does not have an internal audit function and the board has not reviewed the need for one, the Listing Rules require the board to disclose these facts.

Audit Committee (internal audit)

1. The audit committee should approve the appointment or termination of appointment of the head of internal audit.

2. In its review of the work of the internal audit function, the audit committee should:

a. ensure that the internal auditor has direct access to the board chairman and to the audit committee and is accountable to the audit committee;

b. review and assess the annual internal audit work plan;

c. receive a report on the results of the internal auditors' work on a periodic basis;

Page 25: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 25

d. review and monitor management's responsiveness to the internal auditor's findings and recommendations;

e. meet with the head of internal audit at least once a year without the presence of management;

f. monitor and assess the role and effectiveness of the internal audit function in the overall context of the company's risk management system.

Organizational structure of Internal Audit

• Internal audit function reports to the audit committee • In large organizations internal audit function will be a separate department

• In small companies it may be the responsibility of individuals to perform some specific tasks related to internal audit.

• Some companies may outsource their internal audit function

Independence requirements:

• Internal auditors should be independent of executive management and should not have any involvement in the activities of the system they audit.

• Head of internal audit should directly report to a senior independent non-executive director, or the audit committee

• The head of the internal audit should have direct access to the chairman

• The audit committee should approve appointment, termination and remuneration of the internal audit head.

Threats to auditors (both internal auditors and external)

These threats generally apply to external auditors

1. Self-interest Threats: where financial interest is involved • Direct financial interest in clients business

• Loan or guarantee to or from audit client or any of its directors/ officers • Undue dependence on total fee from an audit client • Concern about possibility of losing the engagement

• Potential employment with the audit client • Contingent fees relating to audit engagement

2. Self review threats: where auditor reviews a matter which he was previously responsible • Member of audit team being a previous director, officer or an employee of the audit

client and is in a position to influence the engagement • Performing services for an audit client which affect the current engagement • Preparing original data used to generate financial information or preparing other

records 3. Advocacy threats: where auditor is perceived to promote interests of the client

• Dealing in shares, or other securities of the client • Acting as advocate on behalf of client in a litigation or in resolving disputes

4. Familiarity threats: where auditor has a close relationship with the client • A member of audit team having a close family member who is a director, or officer

of the client • A former partner of the firm being director or officer of the client

• Long association of a senior member of the team with the audit client • Acceptance of gifts and hospitality form the audit client or its directors

5. Intimidation threats: where auditor receives some sort of threat

• Threat of replacement over a disagreement • Pressure to reduce extent of work to be performed in order to reduce fee • Dominant personality in a senior position, controlling dealings with the auditor

Ethical threats to independence

1. Pressure from an overbearing director / officer not to report adverse findings 2. Audit team member misleading about his experience and competence (expert required)

3. Auditor asked to act contrary to a technical or professional standard

Page 26: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 26

Audit Committee and External Audit (Code Provisions)

• The audit committee should have primary responsibility for making a recommendation on

the appointment, reappointment and removal of the external auditors. • If the board does not accept the audit committee’s recommendation, it should include in

the annual report, and in any papers recommending appointment or reappointment, a statement from the audit committee explaining its recommendation and should set out

reasons why the board has taken a different position. • If the audit committee recommends considering the selection of possible new appointees

as external auditors, it should oversee the selection process. • The audit committee should assess annually the qualification, expertise and resources,

and independence of the external auditors and the effectiveness of the audit process. • The assessment should cover all aspects of the audit service provided by the audit firm,

and include obtaining a report on the audit firm’s own internal quality control procedures.

• If the external auditor resigns, the audit committee should investigate the issues giving rise to such resignation and consider whether any action is required.

Terms and Remuneration:

• The audit committee should approve the terms of engagement and the remuneration to be paid to the external auditor in respect of audit services provided.

• The audit committee should review and agree the engagement letter issued by the

external auditor at the start of each audit, ensuring that it has been updated to reflect changes in circumstances arising since the previous year.

• The scope of the external audit should be reviewed by the audit committee with the auditor.

• If the audit committee is not satisfied as to its adequacy it should arrange for additional work to be undertaken

• The audit committee should satisfy itself that the level of fee payable in respect of the audit services provided is appropriate and that an effective audit can be conducted for

such a fee. Independence, including the provision of non-audit services

1. The audit committee should have procedures to ensure the independence and objectivity of the external auditor annually, taking into consideration relevant UK professional and regulatory requirements.

2. This assessment should involve a consideration of all relationships between the company

and the audit firm (including the provision of non-audit services). 3. The audit committee should consider whether, those relationships appear to impair the

auditor’s judgment or independence.

4. The audit committee should seek reassurance that the auditors and their staff have no family, financial, employment, investment or business relationship with the company (other than in the normal course of business).

5. The audit committee should seek from the audit firm, on an annual basis, information

about policies and processes for maintaining independence and monitoring compliance with relevant requirements, including current requirements regarding the rotation of audit partners and staff

6. The audit committee should agree with the board the company’s policy for the

employment of former employees of the external auditor, paying particular attention to the policy regarding former employees of the audit firm who were part of the audit team and moved directly to the company.

7. The audit committee should monitor application of the policy, including the number of former employees of the external auditor currently employed in senior positions in the company, and consider whether in the light of this there has been any impairment, or appearance of impairment, of the auditor’s judgment or independence in respect of the

audit. 8. The audit committee should monitor the external audit firm’s compliance with applicable

United Kingdom ethical guidance relating to the rotation of audit partners, the level of fees

Page 27: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 27

that the company pays in proportion to the overall fee income of the firm, office and partner, and other related regulatory requirements

9. The audit committee should develop and recommend to the board the company’s policy in relation to the provision of non-audit services by the auditor.

10. The audit committee’s objective should be to ensure that the provision of such services does not impair the external auditor’s independence or objectivity.

11. In this context, the audit committee should consider: a. whether the skills and experience of the audit firm make it a suitable supplier of

the non audit service; b. whether there are safeguards in place to ensure that there is no threat to

objectivity and independence in the conduct of the audit resulting from the provision of such services by the external auditor;

c. the nature of the non-audit services, the related fee levels and the fee levels

individually and in aggregate relative to the audit fee; d. the criteria which govern the compensation of the individuals performing the audit.

12. The audit committee should set and apply a formal policy specifying the types of non-audit work:

a. from which the external auditors are excluded; b. for which the external auditors can be engaged without referral to the audit

committee;

c. for which a case-by-case decision is necessary. 13. In determining the policy, the audit committee should take into account relevant ethical

guidance regarding the provision of non-audit services, and in principle should not agree to the auditor providing a service if:

a. the external auditor audits its own firm’s work; b. the external auditor makes management decisions for the company; c. a mutuality of interest is created; d. the external auditor is put in the role of advocate for the company.

14. The annual report should explain to shareholders how, if the auditor provides non-audit services, auditor objectivity and independence is safeguarded.

Annual audit cycle

1. At the start of each annual audit cycle, the audit committee should ensure that appropriate plans are in place for the audit.

2. The audit committee should consider whether the auditor’s overall work plan, including

planned levels of materiality, and proposed resources to execute the audit plan appears consistent with the scope of the audit engagement, having regard also to the seniority, expertise and experience of the audit team.

3. The audit committee should review, with the external auditors, the findings of their work. 4. In the course of its review, the audit committee should:

a. discuss with the external auditor major issues that arose during the course of the audit and have subsequently been resolved and those issues that have been left

unresolved; b. review key accounting and audit judgments; c. review levels of errors identified during the audit, obtaining explanations from

management and, where necessary the external auditors, as to why certain errors

might remain unadjusted. 5. The audit committee should also review the audit representation letters before signature

by management and give particular consideration to matters where representation has

been requested that relate to non-standard issues. 6. The audit committee should consider whether the information provided is complete and

appropriate based on its own knowledge. 7. As part of the ongoing monitoring process, the audit committee should review the

management letter (or equivalent). 8. The audit committee should review and monitor management’s responsiveness to the

external auditor’s findings and recommendations.

Page 28: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 28

9. At the end of the annual audit cycle, the audit committee should assess the effectiveness of the audit process. In the course of doing so, the audit committee should:

a. review whether the auditor has met the agreed audit plan and understand the reasons for any changes, including changes in perceived audit risks and the work undertaken by the external auditors to address those risks;

b. consider the robustness and perceptiveness of the auditors in their handling of the

key accounting and audit judgments identified and in responding to questions from the audit committees, and in their commentary where appropriate on the systems of internal control;

c. obtain feedback about the conduct of the audit from key people involved, e.g. the

finance director and the head of internal audit; and d. review and monitor the content of the external auditor’s management letter, in

order to assess whether it is based on a good understanding of the company’s

business and establish whether recommendations have been acted upon and, if not, the reasons why they have not been acted upon.

Communication with shareholders:

• The terms of reference of the audit committee, including its role and the authority delegated to it by the board, should be made available.

• A separate section in the annual report should describe the work of the committee in

discharging those responsibilities. • The audit committee section should include:

a) a summary of the role of the audit committee; b) the names and qualifications of all members of the audit committee during the

period; c) the number of audit committee meetings; d) a report on the way the audit committee has discharged its responsibilities;

• The chairman of the audit committee should be present at the AGM to answer questions,

through the chairman of the board, on the report on the audit committee’s activities and matters within the scope of audit committee’s responsibilities.

Risk and Risk Management

• Financial risk is often defined as the unexpected variability or volatility of returns. It

includes both potential worse-than-expected as well as better-than-expected returns. • Means of assessing risk vary widely between professions. For example, a doctor manages

medical risk, while a civil engineer manages risk of structural failure.

• A professional code of ethics is usually focused on risk assessment and mitigation (by the professional on behalf of client, public, society or life in general).

Risk management

• Risk management is the human activity which integrates recognition (identification) of risk, risk assessment (analysis), development of strategies to manage it (planning), and monitoring of risk using managerial resources.

• The strategies include transferring the risk to another party, avoiding the risk, reducing

the negative effect of the risk, and accepting some or all of the consequences of a particular risk.

• Some traditional risk managements are focused on risks stemming from physical or legal

causes (e.g. natural disasters or fires, accidents, death and lawsuits). Financial risk management, on the other hand, focuses on risks that can be managed using traded financial instruments.

• Objective of risk management is to reduce different risks related to a preselected domain

to the level accepted by society. It may refer to numerous types of threats caused by environment, technology, humans, organizations and politics.

Page 29: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 29

• Risk management is the process of reducing the possibility of adverse consequences either by reducing the likelihood of an event or its impact.

• Management needs to monitor risks on ongoing basis: a) To identify new risks that may affect the company b) To identify changes to existing and known risks (amend strategy) c) To ensure best use is made of the opportunities

Strategic Risks

These are risks associated with adopting a particular strategy • A company aiming to achieve growth by acquisitions have more risk compared to the

company growing through slow and gradual increase in sales • Developing new products is more risky than to enhance the existing ones. • Strategic risks should be identified by the senior management

Operational Risks

These are risks arising from business operations • Potential loss in business (through failed or inadequate internal processes, people and

systems) • Risk of fraud by employee • Poor quality of production / lack of production (stock out)

Activity 3

A new mobile phone company has recently launched operations. What are its strategic and operational risks?

Some common business risks:

1. Market Risk: a. Market saturation

b. A new product not being accepted in market c. Competitors offering better product d. Sales / demand of product may fall due to change in technology / or taste

e. Increase in price of raw materials (where price of company’s product is inelastic) f. Change in economic condition of the country (growth / recession) g. Change in international market conditions

2. Credit Risk

a. Non-payment by customers b. Organization’s credit policy (terms / credit limits / credit period) c. Credit rating / Assessment procedures

3. Liquidity: a. Poor cash flow management b. Difficulty in raising new finances (due to problems in operations) c. High gearing (debt to equity ratio)

d. Company may not meet its commitments e. Fluctuation in interest rates

4. Technology Risk a. Products change quickly due to change in technology

b. Low investment in R&D c. Competitors have better products

5. Legal or litigation risk

a. Breach of legal statutes by the company (Companies Act etc) b. Breach of contract by company or third parties

6. Health/ Safety/ Environmental Risk a. Safety of workers

b. Safety of the community (pollution, toxic wastes) c. R&D (testing on animals)

Page 30: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 30

7. Product Reputation Risk a. Quality of production

b. Product recalls due to quality c. Business in sectors perceived to be bad (e.g. tobacco)

8. Business Probity (decency) Risk a. Directors getting increases while company is in loss

b. Questionable transactions (bribes, kickbacks) c. Active lobbying (e.g. arms and ammunition / tobacco)

9. Currency Risk a. Transactions in foreign currencies

b. Change in currency rate c. Competitors price getting attractive due to change in rate

10. Derivative Risk

a. Dealing in derivatives (financial instruments) b. Not using hedging and continuing with open positions

Activity 4

A telecommunication company has announced to launch WiFi based service. WiFi is a new technology, which enables voice and data to be exchanged on wireless network, at speeds upto

1GB per second. This speed limit has been tested in labs only, and a commercial deployment is yet to be made. Equipment manufacturers (phone sets, computer cards) are in the R&D stage and hope to start commercial production by middle of 2008. Price and quality of equipment is not

yet confirmed.

Activity 5

Due to power shortage, and rising fuel prices, Government of Pakistan has decided to provide incentives to the alternative power generation sector. Electricity can be generated through wind, and solar processes. Cost of generating equipment is three times the cost of conventional

generating equipment (using fossil fuel). Due to rapid R&D in the sector, it is estimated that cost of alternative energy equipment will decrease by 1/3rd by end of 2008.

Activity 6

A young designer, just out of Fashion College, has decided to launch her own clothing line. She perceives the current fashion to change within the next 6 months, and believes if she launches her clothing line now, she will have a head start.

Generic Risk: that affects all businesses in the market. i.e. increase in interest rate will affect all

business with borrowings. Sector Specific Risk: that is specific to an industry sector. i.e. environmental legislation effecting oil exploration companies

Impact of risk on stakeholders:

• Business risk initially affects the company • Consequently, stakeholders will also be affected

• Stakeholders can reduce the risk to them by distancing from the company Shareholders: loss of value of their investment / income

Directors: loss of income / poor reputation Managers/ employees: loss of income / poor reputation / demotivation Customers: sale returns / warranties / guarantees / loss in sale Suppliers: loss in volume of purchases / price / quality

Government: Lower taxes / employment / exports / infrastructure

Page 31: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 31

Probability and Severity (Impact) of Risk

This tool is used to quantify the likelihood (or frequency) and impact (or consequence) of

identified risks in order to prioritize risk response activities. Experts advise that the probability should be evaluated first, followed by estimating the potential severity of the consequences. It helps identify the risks that are most urgent or must be avoided, those that should be transferred or reduced, and those it is reasonable to retain.

Activity:

For each event listed below, rate the potential financial severity and the probability or frequency of the event at this time in your life. We are concerned only with negative financial impacts. Use these definitions to help you rate the severity of an event:

1 Financially devastating, possibly resulting in bankruptcy 2 A huge financial impact that would radically change your lifestyle

3 An uncomfortable but manageable financial impact 4 Very little financial impact; you could cover it with an emergency fund

Use these guidelines to categorize the probability or frequency of an event:

1 Almost certain to happen, or happens very frequently 2 More likely to happen than not to happen, or happens often 3 Could happen, or happens infrequently 4 Unlikely to happen, or almost never happen

Let's look at one event as an example. If you are a young parent with pre-school children, you are the major breadwinner in your family, and you have no life-threatening health problems,

then you will probably rate the financial impact of your death as a 1 or 2 (ignoring for the moment any life insurance you have) and the probability a 3 or 4. However, if you are 90, in poor health, and have no financial dependents, you will likely consider the financial severity of your death either a 3 or 4 and the probability a 1 or 2.

How to manage / handle the risk

In the above activity, take example of the risk of totaling car in accident. The risk of accident can

be handled as follows: a) Bear the financial risk and do not seek to reduce it. For example, continue driving car

without taking any insurance.

b) Transfer the risk to another party. For example take insurance for the car. c) Reduce or control the risk. For example wear seat belts / drive at slow speed (reduce injury) d) Remove the risk and avoid it entirely. For example you sell the car and use public transport.

Page 32: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 32

Page 33: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 33

External reporting of risk

• Identify reporting situation: i.e. internal control failure

• Check compliance with legislation (companies act) or ethical guidance (code) o Reporting may be voluntary or required by statute

• Make report if required (for third parties), and document the reasons o In extreme case third parties will make a report (auditors) if the company is

unaware of a reporting situation o Some reporting systems are geared towards internal reporting (audit committee)

Reporting by Directors:

a) Overall responsibility of maintaining control systems b) Appoint internal auditors and internal audit committee to review and maintain internal

controls

c) Internal auditors test controls on regular basis and report their findings to the board d) Review the report on internal controls and suggest improvements e) Report to shareholders that a review of internal control has been done

Reporting by Auditors: a) Identify and document internal controls b) Test those controls

c) Report material deficiencies in the audit report Role of Risk Committee

a) Raise awareness about risk within the organization

b) Ensure adequate and efficient risk management processes are in place to identify, monitor and report risks

c) Report to the board, and make recommendations about the risk appetite of the company d) Develop and review the risk management policy of the company

e) Appropriate communication to all employees and management levels regarding the Risk Policy and their responsibilities.

f) Where applicable, obtain expert advice on risk management processes.

• In most companies board will establish Risk Management Committee (based on size) • Where no such committee is formed, audit committee will perform similar duties

Risk Manager: • Is a member of Risk Management Committee, and reports directly to the committee and

the board

• His role is more operational rather than strategic • Policies are set by the Risk Management Committee and implemented by the risk manager

Responsibilities of Risk Manager:

1. Identifies and evaluate risks affecting the organization and its operation and business.

2. Designs appropriate internal controls to manage identified risks 3. Monitors the status of internal controls through internal audit reports

4. Develops and implements a risk awareness program within the organization 5. Maintain good working relationship between the committee and the board 6. Provide assurance to external auditors in appraising risks and internal controls

within the organization 7. Produce reports (based on jurisdictions) on risk management , including statutory

reports (SOX)

Risk Auditing (SOX requirement)

• Can be external or internal • An auditor reviews the risk monitoring process and identifies and deficiencies

• He makes recommendations for improvement of the process

Page 34: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 34

Importance of Risk Awareness:

a) Risk awareness should be at all levels in the organization:

i. Strategic Level: Awareness of risk at the highest level. It includes identifying new threats (competitors, technology), and monitoring of the existing risk management function of the organization.

ii. Tactical Level: Awareness of risk at department / division level. It includes

monitoring the business functions of each department and identifying threats, which may impede the business at middle management level (credit policy)

iii. Operational Level: Awareness of risk at a day-to-day business running basis. Individual threats on their own may not be significant at this level, but may add

up over time, and disrupt business (customer dissatisfaction, stock out). b) In absence of risk awareness, organization and its people are not geared up to identify

new risks

c) Continued monitoring of existing risks is required to ensure business runs smoothly

⇒ Risk and uncertainty are so pervasive in our lives that we deal with them all the time. ⇒ Risk management already exists, in some form, before risk managers and auditors

come along to try to "implement" it. Embedding risk management system within the Internal Control System

� A sound system of internal control reduces but cannot eliminate risk. � An organization should not have a separate system of risk management; they

should include the risk management processes into their system of internal controls

� The risks to business are ever changing because of evolving and expanding operations. An effective internal control system would be able to identify existing and new threats to business with similar efficiency.

� In USA it is a statutory requirement (SOX)

� Risk manager (or a risk expert) needs to work closely with management while they design the internal control system

� Risk manager should regularly review reports on monitoring of internal control to

identify whether controls are capable to identify all risks.

Embedding risk management system within the Culture and Values of Organization

Culture is: • Commonly held and relatively stable set of attitudes, values and norms • Basic assumptions and beliefs that are shared by members of an organization.

� Risk management needs to be incorporated in the policies and procedures of the

organization � Employees should be aware of the importance of risk management system,

otherwise they will not be able to identify potential threats or monitor risks � The “tone at the top” gives a significant message of awareness to the staff � An open culture (open to new ideas) will significantly increase efficiency of risk

management

� Risk management function may be included in individual job descriptions, and aligned with performance indicators expected at time of appraisals

Diversifying Risk

• Spreading risk effectively reduces it • Operational risk may be diversified by producing in different geographical regions • Poor performance of one division / product may be offset by good performance of the

other • Diversification only works where returns are negatively correlated (move opposite) • Financial risk can be diversified by investing in different sectors or by hedging (it can

decrease potential for loss, along with potential for gain).

Page 35: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 35

• Risk cannot be eliminated entirely, it can only be reduced • Diversification into different segments / operations may reduce focus of the senior

management on business issues. • With diversification, monitoring may become ineffective.

Activity 7

A service department has been challenged to improve its performance by a certain amount on

various metrics. The improvement cannot be achieved without innovation as new resources are not available.

To meet this challenge, a plan is devised with over 30 improvement actions, some more specific than others. The plan is extensively circulated and the plan document is formally approved at a high level.

A monitoring group meets regularly to assess progress against the plan and deal with problems.

Measures of progress have been identified. Actions have been prioritized rigorously. What risk managing activities do you see here, and what could be improved?

Risk Avoidance: A risk strategy where organization avoids risk.

⇒ It is the most effective way to manage risk, especially when the risk appetite of the

organization is low ⇒ It means not entering into a new project because of the risks that will arise ⇒ For continuing business, risk avoidance will not be a good decision, because competitors

may increase their product range, or market share.

⇒ Risk avoidance may be feasible when risk cannot be transferred to another party, or activities have a very high chance of failure.

Risk Retention: The organization decides to retain risk ⇒ The organization may have a higher risk appetite ⇒ Risk may be retained when the consequences of risk taking are less than the cost to

manage it

⇒ Organization may estimate a very low probability of the event happening, and may take a chance by assuming risk

⇒ When the cost of transferring risk to another party is higher than the benefit, organizations may choose to take the risk.

Attitudes towards risk taking

⇒ The overall approach towards risk management determines formulation of risk strategy

⇒ The risk appetite, and risk capacity indicates how much risk can organization take. ⇒ Organizations may take risky projects if they have large risk appetite ⇒ Once risk capacity has been reached, organizations may refuse to take more risk and try

to transfer risk, or avoid it altogether.

⇒ Organization may make a portfolio of projects (to diversify risk) ⇒ Size, structure of organization does not correlate with its risk appetite ⇒ A small, newly formed company may take more risk to get its product in the market, and

an old business may become risk averse to protect its market share ⇒ A new business, a new product carries more risk ⇒ Small product range carried more risk (product failure) ⇒ A developed company (with functioning board and senior management) will carry less risk

than a newly formed company ⇒ Divisionilized structure carries less risk as loss of one division may be offset by others ⇒ A business operating in different geographical areas would face higher risk ⇒ A large organizations would face many problems (due to large number of stakeholders,

and interaction with environment), and will face emerging risks all the time.

Page 36: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 36

Answer to activity 7:

a. The plan has been documented (reducing risk of miscommunication), has been reviewed widely, and has formal approval;

b. There is a monitoring group that meets regularly and they have measures of progress (needed because things may not go according to plan); and

c. Actions have been prioritized (reflecting an awareness of uncertainty as to how many of the actions can be carried out).

d. Bearing in mind that innovation was required, group seems over-confident that their improvements will be effective and that their prioritization is correct.

e. More should have been said in the plan about using experience to find out as early as possible which actions appear to be effective, and to generate improved actions

f. The monitoring group is only assessing progress against the plan, and this again

reflects an assumption that the plan is correct. Progress should be assessed against the most recent forecasts and revised plans that reflect what has been learned so far.

Necessity of risk taking

• A risk avoidance approach may lead to stagnation, or decline of business • Transferring risk has associated costs, which needs to be accounted for.

• Incurring an acceptable amount of risk makes the business more competitive. • Taking higher risk projects may provide higher returns, which may enable the business to

have extra surplus to invest elsewhere

Professional Values and Ethics

Relativism:

• There are many sets of moral rules. Rules change over time. • An action is right or wrong depends on the moral norms of the society in which it is

practiced. Different societies have different rules. • The same action may be morally right in one society but be morally wrong in another.

• For the ethical relativist, there are no universal moral standards (standards that can be universally applied to all peoples at all times).

• The only moral standards against which a society's practices can be judged are its own. • It is the opposite of moral absolutism

Absolutism:

• It is the view that moral rights are absolute and never change

• There is one set of rules which is always true. • Moral rights will hold true in all situations and are common to all societies. • Moral “truth” of once society can be imposed on another

� Directors, auditors have a set of rules to follow (legislation). They may choose to interpret it differently (relativism).

Kohlberg’s stages of human moral development

These are planes of moral adequacy conceived by Lawrence Kohlberg to explain the development of moral reasoning. His theory holds that moral reasoning, which is the basis for ethical behavior,

has six identifiable developmental constructive stages - each more adequate at responding to moral dilemmas than the last. Level 1 (Pre-Conventional): Reasoners in the pre-conventional level judge the morality of an

action by its direct consequences.

1. Obedience and punishment orientation

Individuals focus on the direct consequences that their actions will have for themselves. For example, an action is perceived as morally wrong if the person

Page 37: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 37

who commits it gets punished. The worse the punishment for the act is, the more 'bad' the act is perceived to be. Employee take ethical decision because they will

get rewarded, or they think company will punish them. 2. Self-interest orientation

Right behavior being defined by what is in one's own best interest. Stage two

reasoning shows a limited interest in the needs of others, but only to a point where it might further one's own interests. Employee covers a colleague in understanding that colleague will cover him when required

Level 2 (Conventional): Persons who reason in a conventional way judge the morality of actions by comparing these actions to societal views and expectations

3. Interpersonal accord and conformity Individuals are receptive of approval or disapproval from other people as it reflects society's accordance with the perceived role. They try to be a good boy or good girl to live up to these expectations, having learned that there is inherent value in

doing so. Stage three reasoning may judge the morality of an action by evaluating its consequences in terms of a person's relationships, which now begin to include things like respect and gratitude.

4. Authority and social-order maintaining orientation

It is important to obey laws, dictums and social conventions because of their importance in maintaining a functioning society. A central ideal or ideals often

prescribe what is right and wrong, such as in the case of fundamentalism. If one person violates a law, perhaps everyone would - thus there is an obligation and a duty to uphold laws and rules. When someone does violate a law, it is morally wrong. i.e. Employee gets an increase in salary due to pressure groups.

Level 3 (Post-Conventional): Realization that individuals are separate entities from society now becomes salient. One's own perspective should be viewed before the society.

5. Social contract orientation

Individuals are viewed as holding different opinions and values. Along a similar vein, laws are regarded as social contracts rather than rigid dictums. Those that do

not promote the general welfare should be changed when necessary to meet the greatest good for the greatest number of people. This is attained through majority decision, and inevitably compromise. In this way democratic government is

ostensibly based on stage five reasoning. 6. Universal ethical principles

Moral reasoning is based on abstract reasoning using universal ethical principles. Laws are valid only insofar as they are grounded in justice, and that a commitment

to justice carries with it an obligation to disobey unjust laws. This can be done by imagining what one would do being in anyone's shoes. While Kohlberg insisted that stage six exists, he had difficulty finding participants who consistently used it. It appears that people rarely if ever reach stage six of Kohlberg's model. i.e.

Purchasing manager stops purchasing from a company which does not comply with environmental regulations

• Individuals move from stage 1 to 6, as they mature from a child to adult. Each level is further divided into two levels.

• Higher levels provide more ethical methods of reasoning • Most individuals operate at level 3 and 4, and decisions are made in accordance with what

the individual perceives others to believe and expect from him. • Whistleblowers would be at the last level (6).

Page 38: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 38

A woman was near death from a special kind of cancer. There was one drug that the doctors thought might save her. It was a form of radium that a druggist in the same town had recently

discovered. The drug was expensive to make, but the druggist was charging ten times what the drug cost him to produce. He paid $200 for the radium and charged $2,000 for a small dose of the drug. The sick woman's husband, Heinz, went to everyone he knew to borrow the money, but he could only get together about $ 1,000 which is half of what it cost. He told the druggist that

his wife was dying and asked him to sell it cheaper or let him pay later. But the druggist said: "No, I discovered the drug and I'm going to make money from it." So Heinz got desperate and broke into the man's store to steal the drug for his wife.

Should Heinz have broken into the laboratory to steal the drug for his wife? Why or why not?

Stage one (obedience): Heinz should not steal the medicine because he will consequently be put in prison which will mean he is a bad person. Or: Heinz should steal the medicine because it is only worth $200 and not how much the druggist wanted for it; Heinz had even offered to pay for it and was not stealing anything else.

Stage two (self-interest): Heinz should steal the medicine because he will be much happier if he saves his wife, even if he will have to serve a prison sentence. Or: Heinz should not steal the

medicine because prison is an awful place, and he would probably languish over a jail cell more than his wife's death. Stage three (conformity): Heinz should steal the medicine because his wife expects it; he wants

to be a good husband. Or: Heinz should not steal the drug because stealing is bad and he is not a criminal; he tried to do everything he could without breaking the law, you cannot blame him.

Stage four (law-and-order): Heinz should not steal the medicine because the law prohibits stealing, making it illegal. Or: Heinz should steal the drug for his wife but also take the prescribed punishment for the crime as well as paying the druggist what he is owed. Criminals cannot just run around without regard for the law; actions have consequences.

Stage five (human rights): Heinz should steal the medicine because everyone has a right to choose life, regardless of the law. Or: Heinz should not steal the medicine because the scientist has a right to fair compensation. Even if his wife is sick, it does not make his actions right.

Stage six (universal human ethics): Heinz should steal the medicine, because saving a human life is a more fundamental value than the property rights of another person. Or: Heinz should not

steal the medicine, because others may need the medicine just as badly, and their lives are equally significant.

Approaches to ethics

1. Deontological approach:

a) is an approach to ethics that focuses on the rightness or wrongness of actions themselves,

as opposed to the rightness or wrongness of the consequences of those actions b) It is sometimes described as "duty"- or "obligation"-based ethics, because deontologists

believe that ethical rules "bind you to your duty. c) Action is only right or wrong when morals for taking the action are known

d) For example to end starvation, someone may suggest to kill all people. The Divine Command Theory (The most famous deontological theory)

In his theory, Kant claimed that an action is morally wrong if it is inconsistent with the status of a

person as a free and rational being, and that, conversely, acts that further the status of people as free and rational beings are morally right. Therefore, Kant claimed, we all have a duty to avoid the first type of act and perform the second type of act.

Muhammad Uzair
Highlight
Muhammad Uzair
Highlight
Page 39: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 39

• Act only according to that maxim by which you can also will that it would become a universal law. (exploitation of labor – managers in developed countries may not want

themselves to be exploited elsewhere) • Act in such a way that you always treat humanity, whether in your own person or in the

person of any other, never simply as a means, but always at the same time as an end. (child labor – right of children to safe upbringing being ignored)

• Act as though you were through your maxims a law-making member of a kingdom of ends.

2. Teleological approach:

a) Teleological' theories are those that are concerned with outcomes or consequences. b) The rightness of an action is determined by its consequences c) A teleologist, explains the rightness of actions in terms of the goodness of the state of

affairs that occurs because of that action.

d) If some action genuinely brings about greater good in the world, then it is a right action, and this rightness is independent of the nature of the action or the intentions of the person carrying out the action.

e) As long as outcome is right, action itself is irrelevant

Egoism:

a) A view stating “what is best for me”? Egoist will pursue his own goal and interests

b) Egoist will also do what appears to be right in society Utilitarianism

a) A view stating “what is good for most of people”?

b) Action is right if it does the greatest amount of good to greatest number of people c) It is highly subjective, because it introduces concept of utility – economic value of action

International Accounting Education Standards Board ethics framework

There are four levels of learning to be imparted to accountants a) Ethics knowledge: knowledge about fundamental theories, professional values, and

attitudes.

b) Ethics sensitivity: Application of ethics knowledge gathered in stage 1 to actual work performed by accountants (using case studies)

c) Ethics Judgment: Application of knowledge and practical situations to form reasoned judgments

d) Ethical behavior: explaining how an accountant should behave in different situations. American Accounting Association Model

It is a framework within which decisions could be made 1) What are facts of the case? 2) What are the ethical issues in the case? 3) What are norms, principles, and values related to the case?

4) What are the alternative courses of action? 5) What is the best course of action consistent with norms, principles and values? 6) What are consequences of each possible course of action?

7) What is the decision? Tuckers 5 question model: The decision should be

1) Profitable?

2) Legal? 3) Fair? 4) Right? 5) Sustainable or environmentally sound?

Muhammad Uzair
Highlight
Muhammad Uzair
Highlight
Muhammad Uzair
Highlight
Page 40: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 40

Social Responsibility:

a. Social responsibility is an ethical or ideological theory that an entity whether it is a

government, corporation, organization or individual has a responsibility to society. b. This responsibility can be "negative," in that it is a responsibility to refrain from acting

(resistance stance) or it can be "positive," meaning there is a responsibility to act (proactive stance).

c. It involves an idea that it is better to be proactive toward a problem rather than reactive to a problem

d. While primarily associated with business and governmental practices, activist groups and local communities can also be associated with social responsibility, not only business or

governmental entities. Social responsibility is voluntary; it is about going above and beyond what is called for by the law (legal responsibility).

Businesses can use ethical decision making to strengthen their businesses in three main ways: a) The first way is to use their ethical decision making to increase productivity.

� This can be done through programs that employees feel directly enhance their benefits given by the corporation, like better health care or a better pension program.

� When the company is perceived to feel that their employees are a valuable asset and the employees feel they are being treated and such, productivity increases.

b) A second way is by making decisions that affect its health as seen to those stakeholders that are outside of the business environment. � Customers and Suppliers are two examples of such stakeholders. � For example, when people realized that some bottles of Tylenol contained cyanide they

quit buying Tylenol, stocks dropped and Johnson & Johnson lost a lot of money. But they chose to loose even more money and announced a major recall of their product. They lost money to be socially responsible, but in the long run they gained the trust of their customers.

c) A third way that business can use ethical decision making to secure their businesses is by making decisions that allow for government agencies to minimize their involvement with the corporation.

� For instance if a company is proactive and follows the EPA guidelines for admissions on dangerous pollutants and even goes an extra step to get involved in the community and address those concerns that the public might have; they would be less likely to have the EPA investigate them for environmental concerns.

� “A significant element of current thinking about privacy, however, stresses "self-regulation" rather than market or government mechanisms for protecting personal information”.

� Most rules and regulations are formed due to public outcry, if there is not outcry there

often will be limited regulation. Seven positions on social responsibility (Gray, Owen and Adams):

1) Pristine Capitalist: Needs of shareholders are most important, and company strives for

maximum profits. a. There is no concept of CSR. b. Business has no moral responsibility except to their shareholders c. Share holders expect maximum profits

2) Expedients: Business needs some ethical guidance (legislative, or self-imposed) a. Social responsibility is to the extent that it serves an interest to the business b. Business cannot use resources without taking consideration on impact on society,

otherwise it will loose profits 3) Proponents of social contract: People give up some rights to receive

a. Decisions made by companies are justified if they serve public interest b. Companies must serve requirements of society to some extent

c. Companies behave according to society's norm. If society wants more reporting (through legislation), then company provides it.

Page 41: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 41

4) Social ecologist: recognition of the overall concern for environment that companies have caused.

a. Companies can help in eliminating the problems caused by them, if possible. b. Policies and procedures change in areas where resources are used.

5) Socialist: Capital should not be allowed to dominate society and human life, and its influence should be decreased.

a. Change the system where capitalists manipulate resources (workers) & make profit b. Economic system becomes secondary objective, primary objective being welfare

6) Radical feminist: Business run on masculine views (aggression, achievement). a. Introducing feminist views of compassion, co-operation

b. Radical change in the structure of society in order to move to feminist views 7) Deep ecologist: Human beings do not have more rights to resources than other life forms

a. Environmental considerations have to be accounted for

b. Business cannot run if it destroys environment Short term shareholders interest:

� Business to provide annual return to shareholders

� Small shareholders require annual dividend � Large shareholders may be interested that business retain its earnings to expand, and

provide long term capital growth

Long term shareholders interest:

� The business continues and expands � Long term shareholders are also concerned with security of their investment

Multiple stakeholder obligations:

� Organizations need to involve all stakeholder groups in decision making � This may create a conflict situation, as different stakeholders will have different

priorities. (employees want more benefits, at the cost of shareholders profits) � Involving stakeholders will create a pressure on the organization to meet their

obligations

Shaper of society:

� Businesses have power to change society by applying their positioning power (increase in fast food chains have changed eating habits)

� Individuals cannot change society by themselves, however they can exert force if they act in a group.

� Organizations must strive to improve the society (R&D in solar powered cars).

Cultural context of ethics and CSR: The extent of application of ethics and CSR varies according to society's culture

a) Economic considerations: i. These relate to ability of organization to stay in business and give returns ii. In some countries emphasis is on profitability and interest of shareholders iii. In some countries, loss making companies may be bailed out by

governments in the interest public b) Legal considerations:

i. An organization will follow the laws of the jurisdiction in which it operates.

ii. In some countries, government role is minimized, giving wider liberty to organizations to operate

iii. Some governments impose laws even when they are perceived to be excessive (minimum wages, working hours)

c) Ethical considerations: i. It is what society expects from the organizations ii. In some countries businesses are perceived to operate ethically

Page 42: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 42

iii. In some countries environmental activists and consumer societies are very active and vocal

d) Philanthropic: i. These are activities which organizations do because they believe it will be

for welfare of people ii. In some countries individuals and organizations have shown big

philanthropic acts iii. In some countries, governments provide funding for most of the welfare

schemes (partly due to large tax collections)

Profession:

� It is an occupation, vocation or career where specialized knowledge of a subject, field, or science is applied

� It is usually denoted to occupations that involve prolonged academic training and a formal qualification

� Professions are usually regulated by professional bodies that may set examinations of competence, act as an licensing authority for practitioners, and enforce adherence to

an ethical code of practice. � Professions are at least to a degree self-regulating, in that they control the training

and evaluation processes that admit new persons to the field, and in judging whether

the work done by their members is up to standard. � This differs from other kinds of work where regulation (if considered necessary) is

imposed by the state, or where official quality standards are often lacking � A profession tends to dominate, police and protect its area of expertise and the

conduct of its members, and exercises a dominating influence over its entire field which means that professions can act monopolist

Professional:

� It is a worker required to possess a large body of knowledge derived from extensive academic study (usually tertiary), with the training almost always formalized.

� Professionals usually have autonomy in the workplace—they are expected to utilize

their independent judgment and professional ethics in carrying out their responsibilities

� This holds true even if they are employees instead of working on their own. Typically a professional provides a service (in exchange for payment or salary), in accordance

with established protocols for licensing, ethics, procedures, standards of service and training / certification.

Public interest:

� The public interest refers to the "common well-being" or "general welfare." � While nearly everyone claims that aiding the common well-being or general welfare is

positive, there is little, if any, consensus on what exactly constitutes the public

interest. � There are different views on how many members of the public must benefit from an

action before it can be declared to be in the public interest � It is also possible that in some cases advancing the public interest will hurt certain

private interests. � There is risk of "tyranny of the majority" in any democracy, since minorities' interests

may be overridden. � One view is that individuals are free to act, as long as they do not harm others

� Actions of a majority of shareholders may affect the minority shareholders � Actions of the organization itself may harm the public i.e. pollution

Page 43: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 43

Influence of Accounting as a profession

Overall influence of accounting is limited to:

a) Extent of organizational reporting b) Conflicts of interest between accounting firms in selling their services c) Long term relationship with client d) Overall size of the accounting firms

e) Focus on growth and profit Accounting is seen in the society as a profession involved with accountability

a) Accountants are not seeking new methods of fulfilling the accountability role

b) Profession has various barriers to new initiatives i. Accountants are rule followers, rather than rule makers (they serve

capitalists – by checking their financial numbers according to a set of rules)

ii. Education is geared towards explaining rules, rather than finding faults iii. Accountants employed by organizations are constrained by their employers

(discouraged from undertaking those activities) iv. Accountants enjoy the status-quo because breaking it may result in loosing

their position v. Minority of accountants responsible for corporate scandals have implied a

lack of trust in the accountancy profession

c) In many situations accountancy does not require expertise in any specific field d) Accountants should be involved in new initiatives because

i. They will be business opportunities ii. They may compliment the existing skills of the accountants (i.e. MIS)

iii. Any development in accountability will be in public interest, and will increase the public perception (image) about accountants

Provision of services may pose many ethical challenges such as:

• If organization is in financial difficulties, auditor needs to ensure that accounts do not show a favorable picture

• Showing a negative picture (qualifications) may push organization into bankruptcy

• Not qualifying the report of the organization may still lead it to bankruptcy (slowly) • Deciding on what type of modified report is to be issued is difficult • Providing additional services may jeopardize independency of auditors • Auditor may become too dependant on the fee from a single client

• It is cost beneficial (for shareholders) that auditor provides additional services (because of his knowledge about clients business)

• Long term relationship with the client may cause familiarity to the audit firm, which

may increase detection risk • Many countries limit length of time a audit partner can provide a specific service (5

years in USA, and 7 years in UK). • Larger accountancy firms gain economies of scale, and reduce training and other

costs • Large firms may not be able to provide personalized services to clients, and actual

quality of service may fall • The big 4 audit firms are competitive, and attempt to reduce cost and increase

revenues, which may be detrimental to public interest • Possibility of legal action inhibits cost cutting measures.

Influence of accounting – power and wealth

a) Accountants have specialist skills, which can be used in public interest b) Society have an objective of distributing power and wealth, and accountants can assist

in fulfilling that objective

i. They can ensure that organizations disclose emoluments of directors (preventing directors to give themselves large emoluments)

ii. Advising Government on tax regimes which are more equitable (lower taxes on

lower salaries)

Page 44: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 44

iii. Advising on the contents of company law for increased creditor protection

Accounting and public interest

a) Accountants do not generally act against public interest b) In some situations, lack of proper disclosure in financial statements may be against

public interest. For example, not providing information on illegal actions of the

company (ENRON) may allow actions to continue and harm public interest c) In some situations disclosing too much information may be harmful to the public

interest, and keeping it confidential may be a requirement (disclosing price sensitive information before it has been authorized to be issued)

d) Accountants need to evaluate each situation and act accordingly Corporate ethics

• It includes many areas from board strategies to how company negotiates with employees and suppliers

• Many companies provide details of their ethical approach in a CSR report • Corporate ethics will cover the following

i. Purpose and value of business: it provides reason of continuing the business (mission statement)

ii. Employees: policies regarding rights of employees in relation to working

conditions, recruitment, development and training, rewards, health and safety, retirement, redundancy, and discrimination

iii. Customer relations: policies regarding responsibility towards customers (past, current and future) in relation to product quality, pricing, after sales service

iv. Shareholders and investors: investors require a fair return on their investment and the company must commit to provide timely and accurate information to enable investors to make their decisions

v. Suppliers: policies relating to settling invoices, co-operating with suppliers to

maintain quality, not using bribery to secure contracts, and attempting selection of suppliers on basis of ethical criterion i.e. 'not using child labor'

vi. Society / community: explaining in the CSR report how the company complies

with law, how it protects obligations relating to environment, policy on making donations (to educational or charitable organizations)

Purpose of a code of ethics:

• Provides a framework for conflict resolution. It provides guidelines for settling disputes • It is a code, therefore may be interpreted in different ways • It may be ambiguous

• It may not provide effective punishment for breaching it • Effective code has participation from all groups effected by it • It has stringent disciplinary proceedings in case of breach • Publicity is made for a disciplinary actions to deter other members from taking unethical

decisions

Page 45: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 45

Professional codes of ethics

1. Professional bodies issue codes of ethic to be adhered by their members / students

2. These codes of ethics are constantly revised / modified 3. Professional codes are aimed to discourage members / students from indulging in

unethical practices 4. Incase where unethical practices are proven, disciplinary action is taken

5. Maintenance of professional code of ethics helps accountancy profession to be acting in public interest

Contents of a professional code:

a) Introduction: Background / enforcement / who it affects b) Fundamental principle: key principle to be followed by members / students c) Conceptual framework: how principles are to be applied / spirit of the principle

d) Detailed application: examples / scenarios

Fundamental Principles:

1. Integrity: straightforwardness / honesty / fair dealing / not misleading

2. Objectivity: unbiased / not involving conflict of interest 3. Competence: Professional knowledge / skills. Due care 4. Confidentiality: information of clients not to be disclosed without authority

5. Professional behavior: comply with laws / regulations, avoid actions to discredit profession (marketing, treating people with courtesy)

These principles apply to all members (whether in industry or practice)

Conflict of Interest:

1. Framework is needed because it is impossible to define all situations where threats to fundamental principles exist

2. Different assignments create various threats requiring mitigating actions 3. Framework uses guidance (principles based) to identify threats 4. This approach is preferable to rules based approach

5. where conflict arises in application of fundamental principle, code of ethics provides guidelines on how to resolve those conflicts

Potential threats

1. Self-interest Threats: where financial interest is involved

• Direct financial interest in clients business

• Loan or guarantee to or from audit client or any of its directors/ officers • Undue dependence on total fee from an audit client • Concern about possibility of losing the engagement • Potential employment with the audit client

• Contingent fees relating to audit engagement 2. Self review threats: where auditor reviews a matter which he was previously responsible

• Member of audit team being a previous director, officer or an employee of the audit client and is in a position to influence the engagement

• Performing services for an audit client which affect the current engagement • Preparing original data used to generate financial information or preparing other

records

3. Advocacy threats: where auditor is perceived to promote interests of the client • Dealing in shares, or other securities of the client • Acting as advocate on behalf of client in a litigation or in resolving disputes

4. Familiarity threats: where auditor has a close relationship with the client

• A member of audit team having a close family member who is a director, or officer of the client

• A former partner of the firm being director or officer of the client

• Long association of a senior member of the team with the audit client

Page 46: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 46

• Acceptance of gifts and hospitality form the audit client or its directors 5. Intimidation threats: where auditor receives some sort of threat

• Threat of replacement over a disagreement • Pressure to reduce extent of work to be performed in order to reduce fee • Dominant personality in a senior position, controlling dealings with the auditor

Conceptual Framework

a) Provides initial set of assumptions / values / definitions which are agreed upon by all stakeholders

b) It is easy to understand

c) Provides generalized guidance Ethical conflict resolution:

1. Obtain facts about ethical issues 2. Obtain understanding of relevant fundamental principles 3. Obtain knowledge about alternate courses of action available 4. Consider consequences of each course of action

5. Consider consultation: a. From colleagues with more experience b. With those in charge of governance

c. Advice from professional body 6. Decide the best ethical course of action (including withdrawing)

Ethical Threats: situation where a person / organization is tempted not to follow code of ethics

a) Requirements of employer to act contrary to rules / regulations b) Pressure to prepare false / misleading information c) Employee misleading his employer about his level of expertise / experience

(including time planning)

d) Employee or his close family members holding financial interest in the company e) Incentives (inducements) offered to encourage unethical behavior f) Pressure on employee to offer inducements to other accountants / employees

g) Pressure on employees to disclose confidential information h) Whistle blowing situations

Ethical Safeguards: provides guidance to remove ethical threats

a) Professional knowledge • Education / Training / CPD • Corporate Governance regulations

• Monitoring of work / Quality Control b) Work environment

• Internal Control System • Review / Monitoring procedures

• Disciplinary procedures • Organizational code of ethics • Risk procedures

c) Individuals (staff)

• Mentoring • Recording contentious issues • Professional standards

Threats to independence: (including, not limiting to)

1. Financial Interest (holding shares / substantial fees from one client) 2. Close family members

3. Self interest threats 4. Overdue fees 5. Gifts / bribes

6. Self review (being on board of an assurance client)

Page 47: P1_notes Haroon Tabraze

Paper P1 Haroon Tabraze

Haroon Tabraze www.ca.com.pk Page 47

Ethical Decision Making (Kohlberg's theory): 1. Recognize moral issue (lying about product will increase sales)

2. Make moral judgment ( lying is wrong) 3. Establish Moral Intent (decide to be honest) 4. Engage in moral behavior (tell the truth)

Moral decisions will depend on: a) Individual factors i.e. gender / age / experience b) Situational patterns: causes which make individual decide to do something

Issue related factors: a) How important is the decision to the decision maker b) The higher importance, higher chance of making an ethical decision

Moral intensity: 1. Concentration of efforts: how many people are affected by the decision 2. Proximity: Relationship between decision maker and the people who are affected

by his decisions 3. Timing: How soon the consequences of decision will arise 4. Magnitude: what will be the magnitude of consequences of the decision

5. Consensus: How other people perceive the decision to be 6. Probability: likelihood of the consequences happening in result of the decision

Moral framing: How the issue is related to the work force

• Use of moral words (integrity, honesty, lying, stealing) • 'Toning down' the impact of ethical decisions

Context related factors

a) System of rewards and punishment: rewards based on achievements b) Authority: junior managers follow instructions c) Bureaucracy: employee follow rules, and seldom thinks of consequences

d) Work roles: job position expected to have integrity (internal audit) e) Organizational group norms: culture of the organization f) National context: culture of the society

Economic activity: 1. Social footprint: sustainability in three areas is measured

a. Social capital: social network and mutually held knowledge

b. Human capital: Individual skills and knowledge c. Constructed capital: physical infrastructure

2. Environmental footprint: measures sustainability in terms of: a. Resources consumed by the company

b. Harm brought to environment due to pollution by the company Environmental reporting

a) Resource consumption and pollution should be measured (quantitatively or

qualitatively) b) Transparency, openness and responsibility dictates that environmental footprint

should be measured and reported

c) External stakeholders should be aware of the impact on environment by the company

d) Investors should be aware of the potential loss arising from environmental legislation happening in future

----- The End -----