4. Main aspects of corporate governance Flashcards
What is corporate governance?
A system by which organisations are
directed and controlled.
What are the 2 most important elements of good corporate governance?
Transparency and accountability
What is a corporate governance framework?
Rules and practices through which a board of directors ensures accountability, fairness, and transparency in a company’s relationship with all its stakeholders.
How is corporate governance operated through legislation?
By the Companies Act 2006
How is corporate governance operated through regulation?
By the London Stock Exchange (LSE) listed companies, and the FCAs Listing Rules
What is the UK Corporate Governance Code?
general principles and more detailed
provisions relating to the corporate governance of all companies listed on the LSE.
Who manages the UK Corporate Governance Code?
The Financial Reporting Council (FRC)
What are the 5 key sections to the UK Corporate Governance Code?
- Board Leadership and Company Purpose
- Division of Responsibilities
- Composition, Succession, and Evaluation
- Audit, Risk, and Internal Control
- Remuneration
Is compliance with the UK Corporate Governance Code legally required?
No, but it is a part of the Stock Exchange Listing Rules.
Who are the Financial Reporting Council (FRC)?
The UK’s independent regulator responsible for overseeing corporate governance, financial reporting, and audit practices.
Who provided corporate governance guidance to mutual companies?
The Association of Financial Mutuals (AFM)
According to the FRC, what are the responsibilities of Audit Committees?
- Ensure fair auditor selection and support market diversity.
- Oversee auditor appointments, fees, and terms.
- Engage shareholders on audit scope.
- Ensure auditors access staff and records.
- Address auditor feedback and adjust statements.
- Monitor auditor independence and objectivity.
What are Listing Rules?
The Listing Rules require quoted companies to produce half-yearly financial reports as well as annual reports.
What legislation covers limited companies?
The Companies Act 2006
What 4 areas does the The Companies Act 2006 affect?
- Company formation
- Statutory reporting
- Company meetings
- Responsibilities of a company’s directors and officers
What is ‘Companies House’?
The public records of companies registered in the UK
What are the 3 functions of ‘Companies House’?
- Incorporate and dissolve limited companies
- Examine and store company information delivered under the Companies Act and related legislation
- Make this information available to the public.
If a company wants to issue shares to the public what is it required to do?
It must register as a public company and
comply with certain additional rules such as having allotted share capital of at least £50,000.
Provide 7 company registration documents.
- Company name.
- Private or public status.
- Member liability type.
- Registered office location (country).
- Registered office address.
- Proposed officers.
- Articles of Association.
What is a confirmation statement (annual return)?
A statement includes the company’s registered office address, principal business activities, details of its directors, company secretary (if applicable), shareholders, and share capital.
How often should companies deliver a confirmation statement to Companies House?
Companies must deliver a confirmation statement to Companies House at least once every 12 months, within 28 days of the ‘made-up date,’ which is the anniversary of the previous statement or the company’s incorporation.
What must a company’s accounting records be sufficient to do?
- Show and explain the company’s transactions.
- Disclose the company’s financial position with reasonable accuracy at any time.
- Enable directors to ensure compliance with the Act when preparing accounts.
By Law what should a companies annual accounts give?
A true and fair view of it economic state.
What should most companies annual accounts include?
- an income statement (profit and loss)
- a balance sheet signed by a director
- a directors’ report signed by a director or the company secretary
What is a director report?
A required fair review
of the company’s business and a description of the principal risks and uncertainties facing
the company
What must be included in a director’s report?
- Key trends and factors likely to influence the company’s future development, performance, and position.
- Information on environmental matters
- Information on employees
- Information on social and community issues
- Essential contractual arrangements
What is a directors’ remuneration report?
A report detailing the company’s policy on directors’ pay, including performance conditions, salaries, bonuses, share options, pensions, and other benefits. It must be approved at the annual general meeting.
What is the chairman’s statement?
An optional broad statement about the company’s activities attributed to the company’s chairman
When do companies have to submit annual accounts to Companies House?
- Private companies: Within 9 months of the year-end.
- Public companies: Within 6 months of the year-end.
- Quoted companies: Must also make their report and accounts available on a website.
Do private companies need a company secretary?
No
Give 8 responsibilities of the company secretary.
- Advise the board on responsibilities and compliance.
- Support the chairman and board operations.
- Manage information flow and professional development.
- Maintain shareholder relations and update the board.
- Ensure legal and regulatory compliance.
- Monitor and act on relevant changes.
- Handle administration, records, and meetings.
- Oversee facilities, HR, and investor relations.
According to the FRC who is responsible for risk management and internal control?
The Board
What are the 3 lines of defence of risk management in corporate governance?
- Front line of defence: Managers identify and control risks, supported by risk specialists, with control assigned to those closest to the activity.
- Second line of defence: The risk management department advises, but operational managers remain accountable for controls.
- Third line of defence: Internal audit reviews risk processes, and external bodies provide feedback on risk management.
Give 4 risk management controls for underwriting
- Limits on individual underwriter authority.
- Senior underwriter reviews quotations.
- Regularly reviewing pricing schedules.
- Monitoring risk accumulation practices.
Give 3 risk management controls for claims
- Second staff member reviews all claim payments.
- Claim validity is checked.
- Senior management reviews reinsurance coverage.
Give 3 risk management controls for finance
- Daily reconciliation of ledgers and bank accounts.
- Limited authority for approving accounts payable.
- Anti-money laundering measures in place.
Give 4 risk management controls for HR
- Reference checks for new hires.
- Regular staff training and development.
- Audit of expense claims.
- Monitoring of absences.
Give 4 risk management controls for IT
- Daily back-up of records.
- Relocation contingency plans.
- Anti-virus and security software.
- Data security and quality management.
What are the 6 key risks for insurance companies?
- Strategic
- Underwriting and Reserving
- Investment/Market 4. Credit
- Operational
- Group
What is the role of the risk committee?
TO scrutinise the robustness of the control framework and to assess its application in practice. The
Who should a risk committee consist of according to the UK Corporate Governance Code?
A minimum of three directors, with independent directors
forming a majority.
What are the requirements for a company to have a full statutory audit?
The company must meet two of the following criteria:
- Turnover exceeding £10.2m
- Net assets exceeding £5.1m
- More than 50 employees
What must the external auditor’s report clearly state about the annual accounts?
The report must state if, in the auditor’s opinion:
- The accounts give a true and fair view of the company’s or group’s financial position
and performance. - The accounts are properly prepared according to financial reporting standards.
- The accounts comply with legal requirements and, if applicable, the IAS Regulation.
How can an internal audit assist directors with implementing good corporate governance?
- Reviewing risk management and internal controls.
- Ensuring clear and balanced board reports.
- Keeping directors updated on accounting and auditing issues.
- Coordinating with external auditors.
- Ensuring the board receives key information from auditors.
What is the purpose of a compliance function?
To ensure that processes and activities carried out in the firm are in compliance with established operational procedures and meet the requirements of the regulator.
Which companies are required to report on climate risk in the UK?
Companies with more than 500 employees and more than £500m annual turnover.
What 4 things should climate-related disclosures include?
- Climate risks and opportunities.
- Management through targets and KPIs.
- Climate change in corporate governance.
- Impact of climate risk on strategy.
What strategy, processes, and due diligence are companies required to discuss under ESG?
- The environment
- The company’s employees
- Social matters
- Respect for human rights
- Anti-corruption and anti-bribery
How should confidential paper records be handled and disposed of?
Marked as “private and confidential,” stored securely, and restricted access.
Shred or disposed of with confidential waste contractors and never left in general waste bins.
What is ‘insider dealing’ and ‘improper discloser’?
- Insider dealing – when an insider deals, or tries to deal, based on inside information.
- Improper disclosure – where an insider improperly discloses inside information to another person.
What are 2 data protection legislations?
UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA 2018)
Who do UK GDPR and DPA 2018 apply to?
All persons in the UK who process personal data other than for domestic purposes.
What information do UK GDPR and DPA 2028 apply to?
Personal Data - Information from which a living individual can be identified, either directly or indirectly.
Give 9 categories of sensitive data.
- Race or ethnic origin
- Political opinions
- Religious or philosophical beliefs
- Trade union membership
- Genetic data
- Biometrics (where used for ID purposes)
- Health information
- Information about sex life
- Sexual orientation
Personal data must be processed in accordance with the six Data Protection Principles. What are they?
- Lawfulness, fairness, and transparency
- Purpose limitation
- Data minimisation
- Accuracy
- Storage limitation
- Integrity and confidentiality
What are the legal bases for the lawful processing of personal data?
- Consent – Freely given, specific, and opt-in.
- Contract – Necessary to fulfil or pre-contractual steps.
- Legal obligation – Required by law.
- Vital interests – To protect life.
- Public task – For public authorities or public interest.
- Legitimate interests – For business purposes, after balancing with individual rights.
Wha 8 rights to individuals have under data protection legislation?
- Right to be informed
- Right of access
- Right to rectification
- Right to erasure
- Right to restrict processing
- Right to data portability
- Right to object
- Rights in relation to automated decision-making and profiling
If an organisation experiences a breach who must they inform?
The Information Commissioner’s Office (ICO)
Who oversees data protection legislation in the UK?
The Information Commissioner’s Office (ICO)
What powers does the ICO have to regulate and enforce data protection laws?
-Impose fines of up to £17.5 million or 4% of annual global turnover for serious data breaches.
- Bring criminal proceedings against data controllers or processors who alter records following a SAR to prevent disclosure.
