Chapter 2 Flashcards
2.1: Corporate governance is concerned with how organisations are directed and controlled. Explain how risk
management can be used to support the control and direction of organisations
In terms of how organisations are controlled, effective risk management should help an organisation to achieve its
strategic objectives. Many risks may affect the achievement of an organisation’s objectives. These might be external risks,
such as political or technical change; they may also be internal risks, such as systems and process failures; or people-related risks such as misconduct, negligence, fraud and so on. Risk management provides a range of tools and techniques that organisations can use to identify, assess, monitor and ultimately control these risks to ensure that they do not disrupt the achievement of an organisation’s objectives, whatever they are (profit, social or environmental objectives and so on).
In terms of how organisations are directed, effective risk management can help organisations to make better strategic decisions. All organisations need a strategy to help them create value into the long term. Developing an appropriate strategy will involve exploiting opportunities and avoiding highly damaging threats. In both cases, an organisation needs to
understand the risks to which it is exposed, their significance and its ability to manage these risks. Organisations should be
able to develop a strategy that helps them to exploit the best possible opportunities, while remaining a going concern.
2.2: Explain the advantages and disadvantages of a ‘comply or explain’ approach to corporate governance regulation
The primary advantage of a ‘comply or explain’ approach is that it allows organisations a degree of flexibility when
deciding how to implement specific regulations.
Organisations often differ in size, organisational structure, corporate form and ownership (public or private limited
companies), stakeholder needs, strategic objectives and so on. This means that a single set of prescriptive rules may not
be appropriate for all organisations. It may even create unnecessary compliance costs.
A ‘comply or explain’ approach also makes the board and associated senior management responsible for deciding how
to comply. Prescriptive approaches can hinder creativity and lead to a ‘tick box’ style of corporate governance and risk management.
However, the ‘comply or explain’ may also allow organisations to avoid complying with specific regulations to the
detriment of their stakeholders. A ‘comply or explain’ approach can only work where stakeholders have the necessary skills and authority to assess compliance and enforce change where necessary. This may not always be the case.
Organisations may also find that ‘comply or explain’ approaches create uncertainty. It may be hard for an organisation to
decide not to comply when it is unsure how stakeholders will react.
2.4: Why do organisations such as the EU and OECD need to provide regulations on corporate governance and risk
management?
As markets, organisations and their stakeholders become globalised, there is a need to ensure consistent corporate
governance arrangements around the world. Organisations operating in countries with comparatively weak corporate
governance and related risk-management regulations can have significant negative effects on organisations,
stakeholders and markets in other countries and this can make for an uneven playing field. The global financial crisis is an example of this.
Effective corporate governance and related risk-management regulations also help to raise the quality of management
in organisations. This should support global value creation and stakeholder equality. For example, effective regulation
should help to prevent managerial opportunism and misconduct, which may lead to the loss of financial capital,
health-and-safety risk events, environmental risk events or some other form of exploitation (for example, human rights
violations).
2.5: What are the problems with a voluntary corporate governance code?
Voluntary codes are not legally enforceable, either by criminal or by civil sanction. This means that where an organisation
chooses not to comply with some or all of the contents of a voluntary code, stakeholders may not be able to take
effective enforcement action. The ability of stakeholders to take action will depend on the degree of market power that
they possess. For example, large institutional shareholders that hold a significant percentage of company shares may be able to enforce compliance with voluntary codes via a vote at an annual general meeting or by simply threatening to
sell their shares and devalue the company. Minority shareholders will have much less power. Other stakeholder groups may find it hard to take enforcement action (such as employees concerned about their health and safety, or creditors concerned about loan repayment) where an organisation is large and powerful.
