Road To Strong Governance

On the Road to Good Corporate Governance Submitted by: Carl Burch, CMA, CIA Finance and Accounting Lecturer Moscow, Russia [email protected]

Introduction We have already touched upon the topics of internal control and risk management. We discussed how important these items are to the achievement of organizational objectives. Ultimately, successful companies are those companies that achieve their objectives. Now, we want to turn our attention to governance, particularly something called corporate governance. The past decade has seen the topic of corporate governance become increasingly important for all stakeholders (i.e., shareholders, management, board of directors, employees, suppliers, customers, banks, etc.). This has become particularly true since the dramatic collapse of a number of large US and international firms such as Enron, WorldCom, Parmalet, and others. Taking just Enron, more than $60 billion of shareholder wealth was erased from the books. Thus, we can see that this topic is not only important for company shareholders, but for the general health of a country’s economy as well.

What is corporate governance? There are many definitions of corporate governance, but it is most generally thought of as “the system by which businesses are directed and controlled.” Businesses are directed and controlled through the involvement of its executive management, board, shareholders and other stakeholders. Corporate governance also provides a structure through which objectives are set, and the means of achieving the objectives can be determined. Good governance is characterized by companies that: 1)

Comply with society’s legal and regulatory rules,

2)

Satisfy the generally accepted norms, ethical precepts, and social expectations of society,

3)

Provide overall benefit to society and enhances its interest of the specific stakeholders in both the long term and short term, and

4)

Report fully and truthfully to its owners, regulators, other stakeholders, and general public to ensure accountability for its decisions, actions, conduct, and performance.

Legislating Governance There have been times when the private sector failed to safeguard against corporate abuse such as what happened at Enron, WorldCom and others. When this happens it then becomes necessary for governments to step in and establish legislation that protects the public sector from such wanton abuse. In response to the crash of 1929 the Securities Act was established. The Foreign Corrupt Practices Act was in response to the illegal payoff of foreign government officials. Now, the most recent example of legislating corporate conduct is the Sarbanes-Oxley Act of 2002 (SOX).

1

It was the failings of Enron, WorldCom and others that directly led to the passing of SOX. The main aim of SOX was to restore public confidence in company financial statements. To further strengthen financial reporting, SOX legislation reduced the conflict of interest in auditing that arose in the consulting activities of the auditing firms. It has been argued that the main reason why Arthur Anderson failed to seriously monitor Enron’s accounts was because it was afraid to lose it as a consulting client. Thus, SOX legislation went after these basic conflicts by: 1)

Strictly limiting the consulting activities that the auditing firm can perform,

2)

Making the audit committee responsible for selecting the audit firm, not the CFO,

3)

Giving the Public Company Accounting Oversight Board (PCAOB), which was established by SOX, the authority to oversee the audits done by the public accounting firms, and

4)

Requiring greater disclosure of off-balance sheet transactions to reduce the risk of accounting manipulation. This particularly related to transactions called Special Purpose Entities (SPE). It was the use of these SPE transactions that finally brought down Enron.

What role should the Internal Audit Activity play in Corporate Governance? The internal audit activity (IAA) has often been described as the “window into the whole company” and thus serves as the “eyes and ears” of management, audit committee and external auditors. Thus, the IAA is in a unique position of being able to take a lead role in governance. Although SOX does not specifically address the role the IAA can play in the governance process, the expanded requirements of the audit committee, management and external auditors suggest an expanded role for internal auditors as well. For example, Section 302 of SOX requires that management certify the effectiveness of disclosure controls and procedures with respect to the quarterly and annual reports. Section 404, requires management to document, evaluate, and report on the effectiveness on internal control over financial reporting. It also requires the external auditor to evaluate and give an opinion on management’s assessment of internal control. These new requirements give the IAA an opportunity and expanded role in meeting these new regulatory requirements. For example, the internal auditor can expect to keep the audit committee up to date on the organization’s efforts to company with Sections 302 and 404. The IIA’s International Standards for the Professional Practice of Internal Auditing weighs in on internal auditing corporate governance role in Standard 2110. The Standard states, “the IAA must assess and make recommendations for improving the governance process in its accomplishment of the following objectives: 1)

Promoting appropriate ethics and value within the organization,

2)

Ensuring effective organizational performance management and accountability,

3)

Effectively communicating risk and control information within the organization, and

4)

Effectively coordinating the activities of and communicating information among the board, external and management.”

Standard 2130 further calls on the IAA to “evaluate the design, implementation, and effectiveness of the organization’s ethics related objectives, programs, and activities.” Standard 2130 C1 clarifies the auditor’s consulting role by saying that consulting objectives should be consistent with the overall values and goals.

2

Foundation of strong Corporate Governance It’s recognized that the general public, as a whole, is best served when organizations make a concerted effort to improve governance. This includes all organizations, whether they are public, private, non-profit, or governmental. It’s been recognized that there are 10 basic principles for the development of sound corporate governance. The following principles were issued in the IIA’s “Tone at the Top” June 2002 publication. These principles are: 1)

Interaction - Sound governance requires effective interaction among the board, management, the external auditor, and the internal auditor.

2)

Board Purpose - The board of directors should understand that its purpose is to protect the interests of the corporation's stockholders, while considering the interests of other stakeholders (e.g., creditors, employees, etc.).

3)

Board Responsibilities - The board's major areas of responsibility should be monitoring the CEO, overseeing the corporation's strategy, and monitoring risks and the corporation's control system. Directors should employ healthy skepticism in meeting these responsibilities.

4)

Independence - The major stock exchanges should define an "independent" director as one who has no professional or personal ties (either current or former) to the corporation or its management other than service as a director. The vast majority of the directors should be independent in both fact and appearance so as to promote arms-length oversight.

5)

Expertise - The directors should possess relevant industry, company, functional area, and governance expertise. The directors should reflect a mix of backgrounds and perspectives. All directors should receive detailed orientation and continuing education to assure they achieve and maintain the necessary level of expertise.

6)

Meetings and Information - The board should meet frequently for extended periods of time and should have access to the information and personnel it needs to perform its duties.

7)

Leadership - The roles of Board Chair and CEO should be separate.

8)

Disclosure - Proxy statements and other board communications should reflect board activities and transactions (e.g., insider trades) in a transparent and timely manner.

9)

Committees - The nominating, compensation, and audit committees of the board should be composed only of independent directors.

10)

Internal Audit - All public companies should maintain an effective, full-time internal audit function that reports directly to the audit committee.

Ultimately, corporate governance is strengthened when there is synergy among its four cornerstones: the board of directors, executive management, external auditors, and internal auditors. To make sure that there is consistent and effective governance processes, all four of these groups should be in place and working cohesively. These principles should provide an excellent format from which to develop effective governance. In addition to following these basic principles, companies have to make sure that inappropriate and unethical behavior is not tolerated. It’s been shown that successful companies are those who are able to foster a culture of integrity, which is dependent on the tone at the top. In other words, the tone at the top is put in place by the board, top management, and the audit committee.

3