Corporate governance failure, especially within financial institutions, has been at the core of many of the problems during the global financial crises and numerous corporate and organizational scandals and failures. Many governments have responded by issuing louder calls for increased regulation.
However, a principles-based, stakeholder-driven approach to governance―implementing governance guidelines in accordance with the “apply or explain” principle―usually has a stronger chance of success than a heavy legislative approach. In this light, it is positive that the Basel Committee on Banking Supervision is currently improving its Principles for Enhancing Corporate Governance via the consultation paper, Corporate Governance Principles for Banks.
IFAC has responded to this consultation from the perspective of the global accountancy profession. Overall, we welcome the enhancements to the Basel Principles as they specifically aim to strengthen risk governance, clarify the role of the board of directors, emphasize board competence, provide guidance for bank supervisors, and point out the influence of compensation systems.
However, the guidelines provided under the Principles are typically very detailed and prescriptive, which might promote a compliance culture rather than a values-based and behavioral route to better governance, risk management, and internal control across, and throughout, the organization. Arguably, such compliance efforts might draw attention and resources away from those areas where they should more appropriately be directed (i.e., form over substance). In this light, we have suggested that consideration be given to presenting the guidelines at a higher level, describing principles more focused on desired outcomes and less on detailed implementation guidance to achieve those outcomes.
The proposed Principles also provide a detailed set of risk management terms, concepts, and guidelines rather than describing the desired outcomes with reference to already existing international frameworks, standards, or guidelines. This potentially creates confusion for institutions that already have established formal risk management arrangements.
The consultation paper also emphasizes the importance of the “three lines of defense” model, but the subsequent principles and detailed guidelines pay little attention to the first line of defense—the business line—which is arguably the most important line of defense. Instead, they elaborate mainly on the risk management function (second line) and compliance and internal audit (third line). Therefore, we have suggested the Basel Committee place greater emphasis on the roles and responsibilities of the first line of defense to help governing bodies, management, and staff assume and discharge their governance and risk management duties.
Last but not least, we believe that the management of risk is an integral part of the governance and management of an organization, and, as such, a specific/separate risk governance framework should not be defined, as proposed by the Basel Committee. Instead, the principles could better promote integration of risk management tools and processes into existing approaches to managing an organization—with a special focus on integration into the first line of defense!
Proof of the pudding
Having an adequate governance code, updated to the latest insights, is a good start. However, the quality of governance in an organization is mainly dependent on how well a corporate governance code, such as the Basel Code, is implemented and how effective the various principles and guidelines are applied in a specific organization. The question, therefore, is: how can we best ensure that the revised code will be adopted in spirit rather than in form?
As professional accountants, we don’t have to passively monitor this process as we can actively support our organizations in governance, including risk management and internal control. Many professional accountants are in a position of strategic or functional leadership or are otherwise well placed to partner with colleagues to evaluate and improve governance in their organizations. In the variety of roles that professional accountants perform in organizations, we are typically involved in the planning, implementation, execution, evaluation, or improvement of governance in our organization. In addition, many professional accountants in business have a responsibility to provide objective and accurate information and analyses to support all of these activities, and may have overall responsibility in governance areas, such as external business reporting.
The proof of the pudding is in the eating, which in this context means only time will tell how well financial institutions digest this new guideline. Professional accountants, however, should be able make the pudding more digestible! Your additional suggestions how to do to help organizations understand and adopt better governance are always welcome.