The author argues that UK regulatory expectations largely date back to the financial crisis. At that time corporate governance practices were not effective in safeguarding against excessive risk taking in a number of financial services companies and the results were very damaging.
Sally Rochester, director of Mourant Consulting, part of Mourant, the law firm, explores corporate governance practices in boardrooms. This news service has already examined the implications of the obligations that the UK government – and others – want to add to firms’ leaders, and this remains an important topic across the wealth management, private banking and financial services space in general. The editors are pleased to share these views and invite replies. Jump into the debate! Email firstname.lastname@example.org
In reviewing local and UK guidance on good corporate governance with the Mourant Consulting team recently I was reminded that current regulatory expectations largely date back to the financial crisis. At that time corporate governance practices were not effective in safeguarding against excessive risk taking in a number of financial services companies and the results were very damaging.
The boards in question only "knew what they knew" and they didn’t have the systems and controls in place to ensure that excessive risk taking was identified and dealt with.
In reviewing clients’ board effectiveness, there are a number of red flags that we commonly come across. Those red flags cover a broad number of topics including board composition, board and organisational culture, governance structure, remuneration, board assurance, conflicts of interest and beyond, but the focus of this article is the adequacy of the information provided to the board.
How can the board be confident that the information it receives is what it should know?
Well, going back to first principles we are reminded that the board exists to ensure the long-term sustainable success of the company and to generate value for shareholders. It does this by establishing the company’s purpose, values and strategy and monitoring its performance against those benchmarks.
That can't be done on the upside alone. The board also needs to manage the downside, that is manage the risk that something will go wrong which prevents a successful outcome for the business. It should do this, to use the words of the GFSC's Finance Sector Code of Corporate Governance ("the code"), by maintaining a sound system of risk measurement and control.
It follows that, with a well-established corporate governance structure and effective systems and controls, the board should be confident that its policies and processes will ensure that the right information is escalated at the right time in the right format.
Has your board gone back to the foundations of its reporting to determine whether the information they are presented with is the product of its systems and controls? Of course, the company's executives and risk team have an important role to play in interpreting the data presented and providing commentary and suggested actions but too often boards are presented with a narrative or round up of events edited by the responsible party. The information presented may be correct but may not be complete. This leads to the risk that the board only know what they have been presented with rather than a complete picture.
Not only does the systematic provision of information provide a consistent view on the business but it also helps the board to focus on performance and risk management, including regulatory risk management.
Industry preparation for the 2024 MONEYVAL onsite gives a good opportunity to put this approach into practice. Boards should be considering whether their financial crime risk management frameworks are adequate and ensuring that they meet the requirements set out in the law, regulation and guidance given. This also gives an opportunity for boards to scrutinise whether their systems of control generate valuable management information which is escalated in an appropriate format to the board. Does your MLRO/MLCO report contain a series of edited highlights from the financial crime world or is it a structured commentary based on a relevant and complete data set which can be compared from the prior period with the current period?
With corporate governance expectations continuing to escalate if you only know what you know then making sure you have the whole picture is critical.