Compliance
Foundations For Effective Corporate Governance
The author argues that UK regulatory expectations largely date back to the financial crisis. At that time corporate governance practices were not effective in safeguarding against excessive risk taking in a number of financial services companies and the results were very damaging.
Sally Rochester, director of Mourant Consulting, part of Mourant, the law firm, explores corporate governance practices in boardrooms. This news service has already examined the implications of the obligations that the UK government – and others – want to add to firms’ leaders, and this remains an important topic across the wealth management, private banking and financial services space in general. The editors are pleased to share these views and invite replies. Jump into the debate! Email tom.burroughes@wealthbriefing.com
In reviewing local and UK guidance on good corporate governance
with the Mourant Consulting team recently I was reminded that
current regulatory expectations largely date back to the
financial crisis. At that time corporate governance practices
were not effective in safeguarding against excessive risk taking
in a number of financial services companies and the results were
very damaging.
The boards in question only "knew what they knew" and they didn’t
have the systems and controls in place to ensure that excessive
risk taking was identified and dealt with.
In reviewing clients’ board effectiveness, there are a number of
red flags that we commonly come across. Those red flags cover a
broad number of topics including board composition, board and
organisational culture, governance structure, remuneration, board
assurance, conflicts of interest and beyond, but the focus
of this article is the adequacy of the information provided to
the board.
How can the board be confident that the information it receives
is what it should know?
Well, going back to first principles we are reminded that the
board exists to ensure the long-term sustainable success of the
company and to generate value for shareholders. It does this by
establishing the company’s purpose, values and strategy and
monitoring its performance against those benchmarks.
That can't be done on the upside alone. The board also needs to
manage the downside, that is manage the risk that something will
go wrong which prevents a successful outcome for the business. It
should do this, to use the words of the GFSC's Finance Sector
Code of Corporate Governance ("the code"), by maintaining a sound
system of risk measurement and control.
It follows that, with a well-established corporate governance
structure and effective systems and controls, the board should be
confident that its policies and processes will ensure that the
right information is escalated at the right time in the right
format.
Has your board gone back to the foundations of its reporting to
determine whether the information they are presented with is
the product of its systems and controls? Of course, the company's
executives and risk team have an important role to play in
interpreting the data presented and providing commentary and
suggested actions but too often boards are presented with a
narrative or round up of events edited by the responsible party.
The information presented may be correct but may not be complete.
This leads to the risk that the board only know what they have
been presented with rather than a complete picture.
Not only does the systematic provision of information provide a
consistent view on the business but it also helps the board to
focus on performance and risk management, including regulatory
risk management.
Industry preparation for the 2024 MONEYVAL onsite gives a good
opportunity to put this approach into practice. Boards should be
considering whether their financial crime risk management
frameworks are adequate and ensuring that they meet the
requirements set out in the law, regulation and guidance given.
This also gives an opportunity for boards to scrutinise whether
their systems of control generate valuable management information
which is escalated in an appropriate format to the board. Does
your MLRO/MLCO report contain a series of edited highlights from
the financial crime world or is it a structured commentary based
on a relevant and complete data set which can be compared from
the prior period with the current period?
With corporate governance expectations continuing to escalate if
you only know what you know then making sure you have the whole
picture is critical.