Corporate Governance is the system by which entities should be directed and controlled (definition from the Cadbury Report in the UK).
Code of best practice
Internationally the 2010 UK Corporate Governance Code ( CGC ) is seen as a good code to follow for listed entities. The principles of good corporate governance are contained in the CGC. These can be split between those applicable to directors, those applicable to relations with shareholders and those applicable to the financial statements and the audit.
ACCA P7 Lecture Index
1 Rules of Professional Conduct
2 Professional Responsibility and Liability
3 Regulatory Environment
4 Practice Management
5 Audit Process
7 Evaluation and Review
8 Audit of Financial Statements
9 Group Audits
10 The external audit report
11 Audit Related Services (Non Audit Services)
12 Assurance Services
13 Prospective Financial Information (PFI)
14 Internal Audit
15 Outsourced Finance and Accounting Functions
16 Social and Environmental Audits
The recommendations applicable to directors are as follows:
There should be a division of duties at the head of the entity. The role of chairman and chief executive officer should be separated.
At least a half of the board should be non-executive directors who are independent of management and free from any business or other relationship which could interfere with the exercise of their independent judgement.
The chairman should ensure that all directors are properly briefed on issues arising at the board meetings.
Directors should be re-appointed every 3 years and they should receive appropriate training when they are first appointed. (FTSE 350 company? All directors should be appointed every year)
Levels of remuneration should be sufficient to attract, retain and motivate directors. A proportion should be linked to corporate performance.
A remuneration committee should be established. This should be comprised of non-executive directors. Details of remuneration policy and remuneration paid should be included in the financial statements.
Those applicable to relations with shareholders are as follows:
Entities should be ready to enter into dialogue with institutional investors.
The AGM should be used to communicate with private investors and encourage their participation.
Institutional investors have a responsibility to make considered use of their votes.
The recommendations applicable to the financial statements and audit are as follows:
The board should present a balanced and understandable assessment of the entity’s position and prospects.
The board should maintain a sound system of internal control to safeguard shareholders’ investment and the entity’s assets.
The board should establish formal and transparent arrangements to consider how they should apply financial reporting and internal control principles and for maintaining an appropriate relationship with the auditors. This will involve the establishment of an audit committee.
The CGC is now part of the UK Stock Exchange listing rules. Listed entities must make a statement on how they apply the principles in the Code. The entity is also required to confirm that it complies with the Code provisions or, where is does not, to provide an explanation. Auditors are required to review these matters.
At present there is no International Code. In comparison, there is no code for entities listed in the United States. However, the SEC (Securities and Exchange Commission) have their own strict rules and, in addition, each of the stock exchanges also have their own rules which embody corporate governance principles.
Provisions that auditors are required to review
Auditors are required to review seven areas of the Code in the UK only as follows.
The board should have a formal schedule of matters specifically reserved to it for decision.
There should be a procedure agreed by the board for directors to take independent professional advice, if necessary, at the entity’s expense.
Non-executive directors should be appointed for specified terms, subject to re-election and to Companies Act provisions relating to the removal of a director, and re-appointment should not be automatic.
All directors should be subject to election by shareholders at the first opportunity after their appointment, and to re-election thereafter at intervals of no more than three years. The names of the directors submitted for election or re-election should be accompanied by sufficient biographical details to enable shareholders to take an informed decision on their election.
The directors should explain their responsibility for preparing the financial statements and there should be a statement by the auditors about their reporting responsibilities.
The directors should, at least annually, conduct a review of the effectiveness of the system of internal controls and should report to the shareholders that they have done so.
The board should establish an audit committee of at least three independent, non-executive directors. The members of the audit committee should be named in the annual report.
Auditors must obtain appropriate evidence to support the compliance statement made by the directors. The following procedures will normally be performed to obtain that evidence.
Review of board minutes and minutes of relevant board committees.
Review of relevant supporting documents prepared for the board.
Making enquiries of certain directors and the company secretary regarding procedure and its implementation.
Attending meetings of the audit committee (or the full board if there is no audit committee) at which the annual financial statements are considered and approved.
Non compliance with code provisions in the UK
Where there is a departure from a Code provision specified for the auditors’ review, but there is proper disclosure of this fact and the reasons for the departure, the auditors do not refer to this in their report.
However, where there is not proper disclosure of a departure, the auditors must report this in the opinion section of their audit report.
Audit committees (common internationally)
Listed entities should have an audit committee of at least 3 non-executive directors and the committee should have written terms of reference which deal clearly with its authority and duties.
The duties of the audit committee should include reviewing the scope and results of the audit, its cost effectiveness and the independence and objectivity of the auditors. The committee is also responsible for overseeing on behalf of the board, and reporting to the board on:
the financial reporting process and the audit thereof
the internal control of the business and the review thereof, usually by internal audit.
The external auditors should be open and honest in their communication with the audit committee. They should ensure that all relevant and significant issues are brought to the committee’s attention and openly discussed.
Prior to the audit, matters such as the scope of the audit, role of internal auditors, audit fees and other services provided should be discussed with the audit committee.
On completion of the audit, the auditors’ discussion with the audit committee should cover:
all matters on which they are required by regulation or standards to report
the control environment
any differences of opinion between the auditors and the management and how these have been resolved
significant adjustments made to the financial statements and any unadjusted amounts
observations on other information to be published with the financial statements.
The Turnbull working party, updated by the Flint review in 2004
The Turnbull Working Party published “Internal Control: Guidance for Directors on the CGC” in September 1999. This gives directors guidance on the scope, extent, nature and review of internal controls to which the Code refers. Again, internationally, similar codes will be introduced over time.
In order to have effective internal controls, an entity needs to:
identify its business objectives
identify and assess the risks which threaten the achievement of those objectives
design and operate internal controls to manage those risks
monitor controls to ensure they are operating properly.
The annual report should contain a narrative statement of how the entity has applied the Code in respect of internal controls. The auditors should read this statement and seek to resolve any misstatements or material inconsistencies with the audited financial statements.
The objective of the auditors’ work is to assess whether the entity’s summary of the process that the board adopted in reviewing the effectiveness of the system of controls is supported by documentation prepared by the directors and reflects that process.
The auditors may report by exception if problems arise such as:
The board’s summary of the process of review of internal control is not supported or does not reflect the auditors’ understanding of that process.
The board have not made an appropriate disclosure if it has failed to conduct an annual review, or the disclosure made is not consistent with the auditors’ understanding.
The audit opinion would be as follows:
the auditor is now required to communicate with those charged with governance about:
an explanation of why significant accounting practice, acceptable according to financial reporting requirements, are not appropriate to the circumstances of the entity
documentation of matters communicated orally
communication of difficulties encountered during the audit
Consideration of law and regulations
Auditors should plan and perform their audit procedures, and evaluate and report on the results thereof, recognising that non-compliance by the entity with law or regulations may materially affect the financial statements.
Responsibility of the directors
To take appropriate steps to provide reasonable assurance that the entity complies with law and regulations applicable to its activities.
To establish arrangements for preventing any non-compliance with law or regulations and detecting any that occur; and
To prepare financial statements that give a true and fair view of the state of affairs of an entity or group and of its profit or loss for the financial year.
The following steps may assist the directors in discharging their responsibilities for the prevention and detection of non-compliance with law or regulations:
Maintaining an up-to-date register of significant laws and regulations with which the entity has to comply within its particular industry.
Monitoring legal requirements and any changes therein and ensuring that operating procedures are designed to meet these requirements.
Instituting and operating appropriate systems of internal control.
Developing a code of conduct, ensuring employees are properly trained in, and understand, its provisions, maintaining compliance and taking appropriate action in cases of non-compliance.
Engaging legal advisers to assist in monitoring legal requirements; and
Maintaining a record of complaints.
Procedures when possible non-compliance is discovered
When the auditors become aware of information which indicates that non-compliance with law and regulations may exist, they should obtain an understanding of the nature of the act and the circumstances in which it has occurred and sufficient other information to evaluate the possible effect on the financial statements.
Any non-compliance with law or regulations should be documented and discussed with the appropriate level of management. Auditors should consider the implications in relation to other aspects of the audit, particularly the reliability of written representations.