Chapter 4 Flashcards
Corporate Governance Framework
Rules and practices that ensure accountability, fairness and transparency in a company’s relationship with stakeholders
UK Levels of Governance
- Legislation (Companies Act 2006)
- Regulation (LSE, FCA)
- UK Corporate Governance Code
- Equivalent approaches for non-LSE companies
Audit, Reporting and Governance Authority
ARGA is set to replace the FRC as part of UK government legislation
The Cadbury Report 1992
Introduced the first corporate governance code after corporate failures exposed weaknesses in financial transparency and internal controls
The FRC Mission
The Financial Reporting Council promotes transparency and integrity, set governance and stewardship codes
UK Corporate Governance Code 2018 Sections
- Board leadership and purpose
- Division of responsibilities
- Composition, succession, evaluation
- Audit, risk and internal control
- Remuneration
Chair’s role in a board
Lead board effectiveness, encourage openness and ensure balanced decision-making
The board and managing risks
Setting transparent procedures, overseeing interwoven controls and determining acceptable risk levels
“Going Concern” in Accounting
A company has the resources to continue operating indefinitely unless proven otherwise
Risk Management
- Assess principal risks and explain how they’re managed
- Monitor and review risk management and internal control systems annually
FRC Risk Guidance
- unite best practices for risk management
- encourage boards to address principle and emerging risks
- embed risk management in achieving business objectives
FRC Guidance on Audit Committees 2003
- manage non-audit relationships with audit firms
- oversee tender processes for external auditors
- ensure the external auditor’s independence and objectivity
FRC 2018 Board Effectiveness Guidance
- leadership and responsibilities
- succession and evaluation
- audit and risk control
International Corporate Governance Codes
Germany : Deutscher Corporate Governance Kodex
Australia : ASX Corporate Governance Principles
OECD : Southeast Asia Corporate Governance Initiative
Sarbanes-Oxley Act
Focuses on auditor independence, corporate responsibility and enhanced financial disclosures
Section 302
- signing offices must certify responsibility for internal controls
- internal controls must ensure material information is disclosed during report preparation
Section 404
The management and external auditors must report on the adequacy of internal financial controls
Companies Act 2006
Regulates
- company formation
- statutory reporting
- company meetings
- responsibilities of directors and officers
Companies House Functions
- incorporate and dissolve limited companies
- examine and store company information
- make this information available to the public
What is required for a company to gain legal recognition?
Registration with Companies House
Private Vs Public Companies
- private companies can be formed by individuals meeting basic registration requirements
- public companies must issue shares to the public and have at least £50k in allotted share capital
Registration Document Information
- Company name
- Private or public status
- Member liability details
- Registered office location
- Statement of proposed officers
- Proposed articles of association
Confirmation Statement
- Registered office address
- Principal business activities
- Details about directors and company secretary
- Shareholders and share capital information
How often must a confirmation statement be delivered to Companies House?
At least once every 12 months, with a 28-day window from the ‘made up date’
Annual Accounts Requirements
- Show and explain transactions
- Disclose the company’s financial position accurately
- Comply with the Act’s requirements
Contents of Annual Accounts
- Income statement
- Balance sheet
- Directors’ report
Directors’ Report
- Business review of performance, risks and uncertainties
- Key trends and factors for future business development
- Environmental, employee and community-related disclosures
Directors’ Remuneration Report
- Directors’ remuneration policy and performance conditions
- Salaries, bonuses, pensions and other benefits
- Adjustments for performance and potential “clawback” provisions
Chairman’s Statement
Provides a broad overview of the company’s activities, attributed to the chairman
It it optional and not required by the Companies Act
Filing Annual Accounts with Companies House Deadlines
Private Companies : 9 months after the year-end
Public Companies : 6 months after the year-end
Penalties apply for late filing, and directors may face prosecution
Company Secretary
Required for public companies, not mandatory for private
Responsibilities:
- guide the chairman and board on regulatory responsibilities
- support efficient board functionality
- ensure good information flow
- oversee compliance
- monitor legislative changes
Board Responsibility from FRC Guidance
- Risk management and internal control
- Determining principal risks to achieve strategic objectives
- Embedding an appropriate culture throughout the organisation
Role of Risk Management Systems
Ensure robust and effective processes that account for risks, though these systems cannot eliminate all risks
Three Lines Defence Model
- First Line - operational managers identify and control risks
- Second Line - risk management teams advise, monitor and coordinate improvements
- Third Line - internal audit reviews risk management compliance and effectiveness
Typical Risk Controls in Insurance
Underwriting : authority limits, senior review, pricing schedule
Claims : peer review of payments, claim validity checks
Finance : bank reconciliation, anti-money laundering measure
IT : daily backups, anti-virus software
Reputation Risks
Reputation loss can driver customers to competitors
Strategic Risks
Takeovers, new ventures, branch expansions and distribution policies
Investment/Market Risks
Losses due to portfolio-specific or market-wide downturns
Risk Appetite
The level of risk a company is willing to seek in pursuit of its business objectives
Risk Tolerance
Insurance : <70% of premium
Investment : <5% of book value per year
Credit : <1% of premium income, 3% of reinsurance recoverable
Operational : 0% for staff injuries or theft by employees
ISO 31000
An international standard providing a framework for managing risks in organisations of any size
The Audit Committee
- assess the robustness of the control framework
- should be at least three directors
- answers shareholder questions on audit matters
Who requires a Statutory External Audit
- Turnover > £10.2m
- Net Assets > £5.1m
- More than 50 employees
Internal Audit Contribute to Governance
- reviewing risk management processes
- ensuring balanced board reports
- liaising with external auditors for a unified approach
- updating directors on new accounting/auditing standards
Climate Risk Reporting
- to support the UK’s net-zero 2050 goal
- companies with more than 500 employees and £500m turnover must disclose climate-related financial information
Climate-Related Disclosures
- Climate risk and opportunities
- Management methods (target and KPIS)
- Corporate governance of climate change
- Impact of climate risk on strategy
Data Quality Challengers
- Inconsistent data collection
- Mergers leading to non-matching data fields
- AI reliance on inaccurate data, causing unjust outcomes
Insider Dealing
The misuse of confidential information to make investment decisions, a criminal offence under the Financial Services and Markets Act 2000
UK Market Abuse Regulation
Prohibits using inside information to deal or recommend transactions, and disclosing inside information unlawfully
UK Data Protection Legislation
UK General Data Protection Regulation (GDPR)
Data Protection Act 2018 (DPA 2018)
Sensitive Personal Data
- race or ethnic origin
- political opinions
- religious beliefs
- trade union membership
- genetic and biometric data
- health information
- sexual orientation
- sex life
Data Protection Principles
- lawfulness, fairness and transparency
- purpose limitation
- data minimisation
- accuracy
- storage limitation
- integrity and confidentiality
Lawful Processing of Data
Consent : freely given, informed and specific
Contract : necessary for fulfilling a contract
Legal Obligation : compliance with laws
Vital Interests : protecting someone’s life
Public Task : tasks in the public interest
Legitimate Interests : balancing interests
Rights under Data Protection Legislation
- right to be informed
- right of access
- right to rectification
- right to erasure
- right to restrict processing
- right to data portability
- right to object
Data Controllers
- demonstrate compliance with data protection laws
- maintain a risk register and implement security measures
- document processing activities and assess high-risk personal data
- have written agreements with data processors
Information Commissioner’s Office (ICO)
- oversee compliance with UK data protection laws
- promote data privacy and openness by public bodies
- levy fines up to £17.5m or 4% of global turnover
