p1 - governance, risk and ethics

Frances Aggrey

aggrey limited London, UK

CONTENTSPage

CHAPTER 1 Theory of governance 2 – 4

CHAPTER 2 Development of corporate governance 4 – 6

CHAPTER 3 The Board of Directors 6 – 12

CHAPTER 4 Directors’ remuneration 13 – 14

CHAPTER 5 Relations with shareholders and disclosure 15 – 16

CHAPTER 6 Corporate governance approaches 16 – 19

CHAPTER 7 Corporate social responsibility & corporate governance 19 – 23

CHAPTER 8 Internal control systems 24– 29

CHAPTER 9 Audit and compliance 30 – 34

CHAPTER 10 Risk and the risk management process 34 – 40

CHAPTER 11 Controlling risk 40– 44

CHAPTER 12 Ethical theories 44 – 46

CHAPTER 13 Professional and corporate ethics 47 – 51

CHAPTER 14 Ethical decision making 52 – 52

CHAPTER 15 Social and environmental issues 53 - 56

1

CHAPTER 1: THEORY OF GOVERNANCE

DEFINITION OF GOVERNANCE: system by which companies are directed and controlled in the best interest of shareholders and stakeholders.

WHY WE NEED GOVERNANCE

1. AGENCY THEORY: occurs when one party (principal) appoints another party (agent) to perform a task on their behalf.

KEY CONCEPTS OF AGENCY THEORY

An agent is employed by a principal to carry out a task on their behalf Agency refers to the relationship between a principal and their agent Agency costs are incurred by principals in monitoring agency behaviour because of a lack of trust in the good

faiths of agents. By accepting to undertake a task on their behalf, an agent becomes accountable to the principal by whom

they are employed. The agent is accountable to that principal Directors (agents) have a fiduciary responsibility to the shareholders (principal) of their organisation

(‘operating in the best interests of the shareholders) Stakeholders are any person or group that can affect or be affected by the policies or activities of an

organisation Agent objectives (such as a desire for high salary, large bonus and status for a director) will differ from the

principal’s objectives (wealth maximisation for shareholders).

Agency theory can help to explain the actions of the various interest groups in the corporate governance debate. COMPANIES OWNED AND MANAGED BY SAME PEOPLE EXPANSION REQUIRED INVESTORS (SHAREHOLDERS – LIMITED LIABILITY) DELEGATED RUNNING OF COMPANY TO MANAGERS (AGENTS) SEPARATION OF GOALS AGENCY PROBLEMS.

PROBLEMS!

Different objectives between:

Shareholders and Directors

Return - ego/power Dividends (high share price) - money

LEADS TO 1. AGENCY COST: arises largely from principals monitoring activities of agents, and may be viewed in monetary

terms, resources consumed or time taken in monitoring. Agency costs exist due to the trust placed by shareholders on directors to operate in their best interests. These costs will rise when a lack of trust exists, although misplaced trust in a relationship will have hidden costs that may lead to poor management and even corporate failure. Costs are borne by the principal, but may be indirectly incurred as the agent spends time and resources on certain activities.

Examples include: Cost of monitoring the executive directors Recruiting NEDs Audits AGMs Incentive schemes and remuneration packages for directors Cost of meetings with financial analysts

2

2. RESIDUAL LOSS: an additional type of agency cost which relates to directors furnishing themselves with expensive cars, and planes, nice lunches, severance pay etc. these costs are above and beyond the remuneration package for the director, and are a direct loss to shareholders. Ensuring incentives

MEASURES TO RESOLVE AGENCY PROBLEMS include:

Meetings between the directors and key institutional investors Proposing resolutions for vote by shareholders at AGMs Voting rights at the AGM in support of, or against, resolutions Accepting takeovers Divestment of shares is the ultimate threat.

NEED FOR COPPORATE GOVERNANCE

If the market mechanism and shareholder activities are not enough to monitor the company then some form of regulation is needed. There are a number of codes of conduct and recommendations issued by governments and stock exchanges. Although compliance is voluntary, the fear of damage to reputation arising from governance weaknesses and the threat of delisting from stock exchanges renders it difficult not to comply.

Examples of codes of conduct include:

The UK Corporate Governance Code (2010) for Corporate Governance adopted by the Financial Services Authority (FSA) in the UK

OECD code on ethics ACCA codes Specific regulation regarding director remuneration and city code on takeovers.

STAKEHOLDER THEORY: very similar to agency theory BUT considers fiduciary relationship between directors and all stakeholders.

The basis of stakeholder theory is that companies are so large and their impact on society so pervasive that they could discharge accountability to many more sectors of society than solely their shareholders.

Agency theory is a narrow form of stakeholder theory.

Exam focus: link to Chapter 7.

TRANSACTION COST THEORY: *** Never been examined

Corporate governance is required due to problems that exist in all business relationships/transactions.

Transaction costs will occur when dealing with another external party:

E.g. Directors & Shareholders Managers & Employees Employees & Supplier – Alison (employee of Kaplan) finds a new text book supplier for Kaplan

2 problems!!!

BOUNDED RATIONALITY OPPORTUNISM

Decision maker lacks the skills needed for that decision, Decision maker acts in their own interest and not Hence ends up with a poor decision which may not be that of the company’s. E.g. Alison takes a bribe.In the best interest of shareholders. E.g. Alison can’tnegotiate.

3

KEY CONCEPTS OF CORPORATE GOVERNANCE

Ingredients of a fiduciary relationship: JAR OF PIRI

J – Judgement – Ability to weigh numerous issues and reach meaningful conclusions. Ability to weigh numerous issues and give each due consideration.

A – Accountability – Accounting for your position having accepted your responsibility. Be clear in communication with internal and external stakeholders. Develop and maintain risk management and control systems.

R – Responsibility – Clear defined roles. Willingness to accept liability for the outcome of governance decisions.

O – Openness – having a transparent relationship. Reveal information not to conceal it. Do not withhold relevant information unless necessary.

F – Fairness – treat all stakeholders equal. An ability to reach an equitable judgement in a given ethical situation.

P – Probity – be honest and straightforward. Honesty in financial reporting. Perception of honesty of the finance from internal and external stakeholders.

I – Integrity – follows rules (strict moral or ethical code). The highest standards of professionalism and probity. A prerequisite within agency relationships.

R – Reputation – develop and sustain personal and company’s reputation. Develop and sustain the moral stance of the accounting profession.

I – Independence – behave without bias and no conflicts of interest. Independence from personal influence of senior mgt for NEDs. Independence of the board from operational involvement. Independence of directorships from overt personal motivation since the organisation should be run for the benefit of its owners.

CHAPTER 2: DEVELOPMENT OF CORPORATE GOVERNANCE

INFLUENCES ON CORPORATE GOVERNANCE: Governance theory concludes that there are two major factors affecting organisational operation

1. Agency Theory leads to shareholder pressure and shareholder activism2. Stakeholder theory leads to stakeholder lobbying and concerns over social responsibility.

In addition:

Company law provides a framework within which operations occur Audit and auditors impact on governance Codes of governance are developed by government, operate as a prerequisite to membership of stock

exchanges, maybe grounded in legislation, and guide individual professional bodies.

HISTORY OF CORPORATE GOVERNANCE CODES: Development of codes of governance is closely associated with the UK, i.e. UK led.

1992: Cadbury report

Board power: Chairman/CEO should be split, and Chairman independence necessary Accountability: Good communication and disclosure Shareholder relations: Need for greater dialogue

1995: Greenbury report

Director’s remuneration: balance between salary and performance

1998: Hampel report: Combined both reports into ‘The Combined Code’

4

1999: Turnbull report:

Extra guidance on internal controls. Need for directors to review internal controls and report on them.

2003:

1. Higgs report: (post Enron) NEDS: Specific guidelines regarding NEDs and their role.2. Tyson report: Recruiting NEDs: Additional guidance3. Smith report: Audit Committee: relationship between auditors and the company and the role of the audit committee

2009: Combined Code #2

2010: Sir David Walker & the FRC (2010):

Complete review of Corporate Governance following the financial crises 2008 - 2009 renamed UK Corporate Governance Code

THE MAIN PRINCIPLES OF THE CODE are divided into five areas:

Section A: Leadership – Chpt 3:

Every company should be headed by an effective board which is collectively responsible for the long-term success of the company

The chairman is responsible for the leadership of the board and ensuring its effectiveness No one individual should unfettered powers of decision, there should be a clear division of responsibilities As part of their role as members of a unitary board, NEDs should constructively challenge and help develop

proposals on strategy

Section B: Effectiveness – Chpt 3

The board and its committees should have the appropriate balance of skills, experience, independence and knowledge of the company to enable them discharge their respective duties and responsibilities effectively

There should be a formal, rigorous and transparent procedure for the appointment of new directors to the board

All directors should receive induction on joining the board and should regularly update and refresh their skills and knowledge

All directors should be able to allocate sufficient time on the company to discharge their responsibilities The board should undertake a formal and rigorous annual evaluation of its own performance and that of its

committees and individual directors All directors should be submitted for re-election at regular intervals, subject to continued satisfactory

performance.

Section C: Accountability & Controls – Chpt 8 – 11

The board is responsible for determining the nature and extent of significant risks it is willing to take in achieving its strategic objectives. The board should maintain a sound risk mgt and internal controls systems.

The board should establish formal and transparent arrangements for considering how they should apply the corporate reporting and risk mgt and internal control principles and for maintaining an appropriate relationship with the company’s auditor.

Section D: Remuneration - Chpt 4

Levels of remuneration should be sufficient to attract, retain and motivate directors of the quality required to run the company successfully, but a company should avoid paying more than is necessary for this purpose. A significant proportion of executive director’s remuneration should be structured so as to link rewards to corporate and individual performance.

5

There should be a formal and transparent procedure for developing policy on executive remuneration and for fixing the remuneration packages of individual directors. No director should be involved in deciding his or her own remuneration.

Section E: Shareholder relationships – Chpt 5

There should be a dialogue with shareholders based on the mutual understanding of objectives. The board as a whole has responsibility for ensuring that a satisfactory dialogue with shareholders takes place.

The board should use the AGM to communicate with investors and to encourage their participation.

REASONS FOR DEVELOPING A CODE:

It reduces instances of fraud and corruption improving shareholder perception and market confidence Poor governance equates poor performance Global investors were willing to pay a significant premium for companies that are well governed The existence of good governance is a decision factor for institutional investors Even if it does not add value, it reduces risk and huge potential losses to shareholders

PRACTICAL PROBLEMS WITH A GOVERNANCE CODE:

It cannot stop fraud. The process is reactionary rather than proactive, responding to major failures in governance rather than

setting the agenda The impact varies depending on the nature of the company and the global viewpoint Directors complain that it restricts or even dilutes individual decision-making power It adds red tape and bureaucracy in the use of committees and disclosure requirements Adherence to governance requirements harms competitiveness and does not add value

CHAPTER 3: THE BOARD OF DIRECTORS

ROLES AND RESPONSIBILITIES

The Board are collectively responsible for:

L E A D E R S H I P S

L – Leading the company. Provide entrepreneurial leadership of the company

E – Ensure the company has sufficient resources (financial and human) to meet its objectives

A – Appoint new directors as needed (delegated to the Nomination Committee)

D – Decide the company strategy, i.e. the company’s mission and purpose, values and standards.

E – Evaluate the company’s performance and report it annually to shareholders

R – Re-election process (every 3 years, in the UK, directors retire and can only return if re-elected). Every 1 year if it is a listed company

S – Schedule of matters reserved for board decisions

H – Hold regular board meetings (1 – 2 months) to discharge its duties effectively

I – Internal controls evaluation. Establish appropriate Internal Controls that enable risk to be assessed and managed.

P – Public accountability. Represent company view and account to the public. (Cartoon – Southpark + BP).

S – Succession planning (planning future roles)

6

CHAIRMAN/CEO

It is vital for good corporate governance to separate the roles of the CEO and chairman.

The importance of the appointments of CEO and chairman are further underlined by the fact that the CEO frequently has most say over the appointment of executive directors to the board, while the chairman will frequently have a great deal of influence over the appointments of NEDs.

REASONS FOR SPLITTING THE ROLE

To reduce the power at the top of the company Both are demanding roles, it would be good to split the work load Need an independent person to challenge the CEO, and that person is the Chairman.

ROLES:

Chairman: Runs the board

C H A I R M E N

C – Company’s lead representative in public, explaining aims, policies to the shareholders.

H – Hold the CEO accountable on behalf of the shareholders

A – AGM chairman. Chair the AGM and other shareholder meetings, using these to provide effective dialogue with shareholders. Ensure that the views of shareholders are communicated to the board as a whole

I – Introduce new directors to the shareholders at the AGM

R – Runs board meetings (attendance, participation). Set the board’s agenda and plan board meetings. Ensure the board receives appropriate, accurate, timely and clear information.

M – Manage induction, trainings and appraisals of directors

E – Ensure the company implements its strategies effectively as set by the board.

N – Nomination Committee Head. Hold meetings with the NEDs, without the executive directors present.

CEO: runs the company i.e. operations

M R M R

M – Manage company’s assets (financial and physical assets)

R – Responsible for company’s performance, as determined by the board’s strategy

M – Monitor budgets. Closely monitor operations and financial results in accordance with plans and budgets

R – Reports to board of directs and/or the chairman. He is the interface between board and employees.

7

BOARD STRUCTURES

UNITARY BOARD TWO-TIER BOARD

CHAAIRMAN MANAGEMENT SUPERVISORY

BOARD (LT) BOARD (UT)

CEO CEO CHAIRMAN

Dir dir dir dir Executives *Non-executives members

Mix of executives and NEDs - runs operations - approve the decisions * NOT INDEPENDENT = Stakeholders e.g. Banks

ADVANTAGES ADVANTAGES Quicker decision-making ***Independent NEDs, hence increase in

shareholder confidence Increase in expertise from NEDs Cheaper to run one board Reduction in fraud, malpractice since there is a

wider involvement in the actual management of the company

More considered decisions (approval is needed) Clearly defined roles (between those that

manage the company and those that own it or must control it for the benefit of the shareholders)

Benefit of the stakeholder expertise Direct power over management through the

right to appoint members of the Mgt boardDISADVANTAGES DISADVANTAGES

Less consideration for decisions made Roles are not clearly defined No benefit of stakeholder expertise Narrow stakeholder involvement

Slower decision-making. Added bureaucracy NEDs are not independent hence, decrease in

shareholder confidence Expensive to run two tier board Slower communication It relies on a strong relationship with the CEO

and the Chairman Supervisory board are isolated from

participating in Management meetings

NEDs

- Are members of the board of directors of a company who do not form part of the executive management team. They are not full-time employees of the company or affiliated to it in any other way

- Must be independent- Must represent at least half of the board (excluding the Chair)- One is going to be called a Senior Independent Director (SID) who is directly available to shareholders if they

have concerns which cannot or should not be dealt with through the appropriate channels of chairman, CEO or finance director.

INDEPENDENCE

- Requires a certain detachment from the company- Should be independent in judgement and have an enquiring mind

Familiarity Threat: (bias)

- There can be no family connections on the board

8

- Shouldn’t have been an employee or an executive of the company. (there are time limits (5 years) that vary from one country to the other)

- The NEDs need regular independence review done by the Chairman- Cross directorship in other companies (this is where two or more directors work together on a board of more

than one company)- Material business relationship with the company in last 3 years- Should not serve on board for more than 9 years

Self-Interest Threat: (money)

- They only receive basic salary only- No shares must be owned by them

ROLES

- Challenge the executive and represent shareholders

PEOPLE ROLE:

- Appointments of new directors Nomination- Succession planning Committee- Sort out remuneration - Remuneration committee

RISK ROLE:

- Evaluate controls - Audit committee- Develop risk management policies - Risk committee

SCRUTINISING ROLE:

- Analyse the company’s performance- Challenge the executive directors and hold them accountable for decisions taken and results obtained

STRATEGY ROLE:

- Give advice on developing strategy- Offer experience or advice on direction

ADVANTAGES DISADVANTAGES Increase in independence Increase in shareholder confidence:

institutional and watchdog perception is enhanced because of their presence

Less fraud and error as NEDs know they are being watched

Increase expertise on the board Experience from other industries Compliance with the UK Code Improved communication between

shareholders’ interests and the company.

High costs (agency cost) Lack of operational knowledge Risk of confidentiality breach Good NEDs are hard to find Lack of trust and needless input can affect

board operations

9

BOARD OPERATIONS

HOW THE BOARD OPERATES

Appointments - By shareholders at AGM- Candidate is found by Nomination Committee- Regular re-election at AGM at least every three years (Every director in a listed

company should be put forward for re-election every year)Contract - This is a legally binding document covering the terms of service (employment) of a

director.- New contract annually or updated annually- It should include the following:

Appointment commencement date Notice required by either party to terminate the agreement Date of automatic termination (normal retirement date) Duties of the director Remuneration details Constraints Other ‘ordinary’ employment terms Evidence that the contract has been approved by the board

Induction - It is the process to integrate a director into the company as efficiently as possible.- The Company Secretary is generally responsible for director’s induction.- *** The Chairman oversees the induction process.

CONTENTS- Information on company (products, services etc)- Meet key stakeholders and team- Information on policies (fire, health & safety)- Site visits- Financial information (financial statements)- Job description

OBJECTIVES OF INDUCTION- To communicate vision and culture- To communicate practical procedural duties- To reduce the time taken for an individual to become productive in their duties- To assimilate an individual as a welcome member of the board- To endure retention of individuals for future periods

Duties - Duty of good faith (with shareholders)- Breach of duty *** Conflict of interest

*** Insider dealing (Exam tip)Continuous Professional Development (CPD)

- All directors must comply- It’s about updating skills and knowledge of the directors- ***The Chairman oversees this. The chairman should lead in identifying the

development needs of individual directors, with the company secretary playing a key role in facilitating provision.

- NEDs should be prepared to devote time to keeping their skills up to date

OBJECTIVES OF CPD- To support directors in their personal development- To communicate challenges and changes within the business environment effectively

to directors- To ensure directors have sufficient skills and ability to be effective in their role- To improve board effectiveness and through this, corporate profitability

Performance Evaluation

- At least once a year, the Chairman oversees the appraisal of Each director whole board Each committee

***No self-review- SID overseas chairman’s appraisal

10

- ***Current advice is to use external firm of consultants CONTENTS

- Consider ability (skills)- Contribution to the role (strategy, risk management)- Contribution to other work (committees work)- Assess independence and commitment to the public interest- Consider composition of the board and its committee (right mix of knowledge and skills

to maximise performance in the light of future strategy)- Consider effectiveness of relationships inside and outside the board- Effectiveness of the use of AGM and the annual report- Timeliness of response to problems or crises that have emerged or could these have

been foreseen.REMOVAL (LEAVING)

REMOVAL DISQUALIFICATION (BANNED)- No re-election- Resign- Death in service- Personal bankruptcy- Failure of the company- By statute- Absence for 6 months, without permission of the directors, from meetings of directors held during that period and the directors have resolve that the office be vacated.- An ‘agreed departure’

- Insider dealing- Fraud- No preparation of FS and tax returns- Trading when insolvent (wrongful trading/fraudulent trading)- Not keeping proper accounting records- Failing to pay tax- Taking actions that are deemed to be unfit in the mgt of a company- Being guilty of three or more defaults in complying with companies’ legislation regarding filing documents with Companies House during the preceding five years

The courts handle disqualification proceedings and if the courts find against the director, he/she could be disqualified for between 2 and 15 years.

While disqualified, a director cannot:

- Be a director of any company- Act like a director, even if there is no formal appointment- Influence the running of a company through the directors- Be involved in the formation of a new company

Ignoring a disqualification order is a criminal offence and a director could be fined and sent to prison for up to 2 years.

CONFLIC OF INTEREST

The fiduciary duty of directors is to act in the best interest of shareholders. A conflict of interest is a breach of this duty.

Areas of conflict of interest includes:

- Directors contracting with their own company: in general, directors cannot contract with their own company. However, the articles allow the director to have an interest as long as he discloses this interest to the board of directors

11

- Substantial property transactions: the Companies Act in the UK for e.g. requires that any substantial asset sale above 10% of net worth to be approved by shareholders through ordinary resolution

- Contracts with listed companies: the Listing Rules of the LSE for e.g. stipulate that nay substantial contract between the company and an interested party must be agreed by ordinary resolution before the contract takes place

- Loans to directors: generally, loans to directors are prohibited.

Disclosure: the Companies Act 1986 states that companies are required, in the form of notes in the annual accounts, to disclose any information concerning material transactions or arrangements involving the directors.

INSIDER DEALING/TRADING

Insider trading is the illegal purchase or sale of shares by someone (usually a director) who possesses inside information about a company’s performance and prospects which, if publicly available, might affect the share price.

- Inside information is information which is not available to the market or general public and is supposed to remain confidential

- These types of transactions in the company’s own shares are considered to be fraudulent- The ‘director insider’ simply by accepting employment, has made a contract with the shareholders to put the

shareholders’ interests before their own, in matters related to the company- When the insider buys or sells based upon company-owned information, he is violating his contract with, and

fiduciary duty to, the shareholders.

BOARD COMMITTEES

- Board sub-committees are a generally accepted part of board operations- Usually consists of NEDs- They are meant to represent shareholder view on key decisions- They reduce the workload of executive directors so they can focus on their jobs- Increase in shareholder confidence- Communicates to stakeholders the importance of remuneration and risk- Satisfy requirements of the UK Corporate Governance Code (2010) (or other governance requirements

NOMINATION COMMITTEE REMUNERATION COMMITTEE- Mix of executives and NEDs- CEO involved- Chairman is head of this committee

WHO- NEDs only

- Ensure the board is effective OBJECTIVES - Attract, retain and motivate directors- Find candidates for new directors:

identify and nominate for the approval by the board candidates to fill board vacancies as and when they arise

- Prepare job descriptions: prepare a description of role and capabilities required for any particular board appointment including that of the chairman

- Succession planning: give full consideration to succession planning for directors

- Review skills needed on the board: regularly evaluate the balance of skills, knowledge and experience of the board

- Monitor independence of the NEDs: consider the balance between

ROLES

- Set remuneration package for new directors: this is to attract, retain and motivate the new directors

- Review remuneration policy regularly: to ensure it is in line with industry (retention purposes)

- Organise compensation for loss of office: of any executive director. To ensure that there is no reward for failure

***NO REWARD FOR FAILURE- Review disclosure in the annual report:

ensure that provisions regarding disclosure of remuneration, including pensions are fulfilled. To ensure its reliable for shareholder

- Establish pension provision policy for all board members

- Recommend and monitor the level and structure of the remuneration of senior

12

executives and NEDs on the board of directors

- Review regularly the structure, size and composition of the board and make recommendations to the board

managers- Demonstrate to shareholders that the

remuneration of the executive directors and key mgt is set by individuals with no personal interest in the outcome of the decisions of the committee.

CHAPTER 4: DIRECTOR’S REMUNERATION

- No director should be involved in setting his own salary!= executive directors} remuneration committee= NEDs } Board + shareholders’ approval

REMUNERATION PACKAGE

SMALL LARGE

- Demotivating - cost to shareholders

- may leave (residual loss)

NEED A BALANCE TO ATTRACT, RETAIN AND MOTIVATE DIRECTORS

= 4 COMPONENTS

BASIC SALARY PENSION PERFORMANCE RELATED BENEFITS

- Not too excessive -Long tern **should form a significant part - carConsider: incentive motivate directors to act in best interest -accommodation- Role of the shareholders - health care- Skills

*** - Industry (key)

SHORT –TERM LONG-TERM

- Profit - increase in share price- Dividend= BONUS linked to performance = SHARE OPTIONS: This is the right to buy

E.g. PBT, EPS, Dividend cover shares in the future at a fixed price.

- Strengthens fiduciary relationship - Aligns the directors’ and shareholders’ objectives

OTHER FORMS OF COMPENSATION

GOLDEN HELLO/HANDSHAKE AND GUARANTEED BONUS: this is a one-off payment to sign a contract. (Attract). Although not common, guaranteed bonuses are sometimes used to retain CEOs in struggling organisations. The same is true for signing on (turning up) bonuses (‘golden hellos’).

LOYALTY BONUSES AND RETENTION PAYMENTS: As with guaranteed bonuses mentioned above, loyalty bonuses are also used to retain senior executives. However, they have come under criticism for the following reasons:

- The current preference in Western countries is for rotation of directors to ensure freshness and independence, rather than an emphasis on loyalty

13

- Corporate governance codes recommend linking bonuses with performance- There have been many cases of directors leaving soon after receiving their loyalty bonus

RETIREMENT BENEFITS: All awards are ultimately given by the shareholders and should be viewed in relation to performance achieved by the director. A retirement benefit such as a lifetime use of the company plane or a sizeable pension pay-out could be awarded.

REMUNERATION COMMITTEE

The role of the remuneration committee is to have an appropriate reward policy that attracts, retains and motivates directors to achieve long-term interests of shareholders.

OBJECTIVES OF THE COMMITTEE

- The committee is, and is seen to be, independent with access to its own external advice or consultants- It has a clear policy on remuneration that is well understood and has the support of stakeholders- Performance packages produced are aligned with the long-term shareholder interests and have challenging

targets- Reporting is clear, concise and gives the reader of an annual report a bird’s-eye view of policy payments and

the rationale behind them.

Remuneration is defined as payment of compensation received for services or employment and includes base salary, any bonuses and any other economic benefits that an employee or executive receives during employment.

BEAHAVIOURAL IMPACT ON DIRECTORS OF REMUNERATION COMPONENTS

Whatever remuneration package is determined, it is essential to ensure that the directors have a stake in doing a good job for the shareholder.

Each element of a remuneration package should be designed to ensure that the director remains focused on the company and motivated to improve performance.

A balance must be struck between offering a package:

- That is too small and hence demotivating for existing directors and leading to potential underachievement or unattractive for potential new appointees, hence a failure to recruit required calibre of individual, and

- That is too easily earned (i.e. too big), hence shareholders not getting ‘value for money’ in terms of performance.

The company, following the work of the remuneration committee, should:

- Provide a package needed to attract, retain and motivate executive directors of the quality required, but avoid paying more than is necessary

- Judge where to position the remuneration package relative to other companies- Be aware of what comparable companies are paying and should take account of relative performance- Be sensitive to the wider scene, including pay and employment conditions elsewhere in the company

(especially when determining annual salary increases)

NEDs’ REMUNERATION: To avoid the situation where the remuneration committee (consisting of only NEDs) is solely responsible for determining the remuneration of the NEDs, the UK Corporate Governance Code (2010) states that the board and shareholders should determine the NEDs’ remuneration within the limits set out in the company’s constitution.

NED remuneration consists of a basic salary – no performance related element is awarded.

14

CHAPTER 5: RELATIONS WITH SHAREHOLDERS AND DISCLOSURE

SHAREHOLDER RELATIONSShould be open/transparent relationship

2 MAIN METHODS

DIALOGUE DISCLOSURE= Annual General Meeting = Annual report

- All shareholders must be invited Mandatory- All directors must attend - Financial statements- Shareholders vote ( new directors, re-electing directors, - Auditor’s report

Auditors, dividend) - Director’s report (remuneration)- Vote by proxy if shareholders cannot attend

Proxy voting is allowing another member to vote on your behalf. Optional/ Voluntary- There must be an opportunity for question and answer session

- CSROTHER COMMUNICATION - Environmental

- Email/Phone - Graphs- Letters/text - Risk information- Press releases - Operating review- Facebook/twitter- Other meetings (General Meeting) Benefits

S A F E RS – Shareholder confidence increases: enables the company to address specific shareholder concerns as they arise, hence, increasing confidence shareholders have in the company.A – Agency cost reducesF – Focus on all stakeholders: greater voluntary disclosure assists in discharging the multiple accountabilities of various stakeholder groupsE – Encourages investment: Institutional investors are attracted by increased disclosure and transparency. Greater disclosure reduces risk and with it the cost of capital to the company. More information helps investors decide whether the company matches investor’s risk, strategic and ethical criteria, and expectationsR – Reputation goes up. Gives the user assurance that the management are active and competent in terms of managing the operations of the organisation.

SHAREHOLDERS’ COMMUNICATION WITH THE COMPANY

Guidance: Shareholders need to take a more active role in the companies they own.

PROBLEMS! Some shareholders have limited control (%), so should be given limited responsibilities= SHAREHOLDER ACTIVISM

15

- Read the whole annual report- Contact company with queries- Attend AGM every year- Use your voting rights wisely or vote by proxy if unable to attend- Ask questions at the Q & A sessions of AGM

SERIOUS ISSUES: E.g. where the company has not got good controls in place- Request a general meeting (formerly EGM) and present resolutions- Propose own resolutions (shareholders decide what to vote on)- Sell shares

INSTUTIONAL INVESTORS

An entity that invests in other companies (managed by fund managers). They manage funds invested by individuals.

= more power, so have more responsibilities.

In the UK, there are four types of institutional investor:

- Pension funds- Life assurance companies- Unit trust- Investment trusts

They must intervene, if there are issues with:

S O S R A I N S

S – Strategy: if the plans for the future does not look good. This might be in terms of products sold, expansion pursued or any other aspect of strategic positioning.

O – Operational performance ($): if the company is making a loss. This might be in terms of divisions within the corporate structure that have persistently under-performed.

S – Succession planning: if there’s a need to employ a new CEO. This might relate to a failure to adequately balance board composition or recommendation of replacement executives without adequate consideration of the quality of the candidate.

R – Remuneration policy: where salaries are not in line with industry standards. This might relate to a failure of the remuneration committee to curtail extreme or self-serving executive rewards.

A – Acquisitions & Disposals: This might be in terms of executive decisions that have been inadequately challenged by NEDs. e.g. Frederick Goodwin of Royal Bank of Scotland

I – Internal control problems: Failure in health & safety; quality control, budgetary control or IT projects.

N – Non-compliance: where the company is breaking the law or not following the UK Code. Consistent and unexplained non-compliance in a principles-based country will be penalised by the market. In a rules-based country it would have been penalised as a matter of law.

S – Social responsibility: if the company refuses to donate to the charity or protect the environment. Might damage reputation of the company, which will reduce shareholder confidence.

CHAPTER 6: CORPORATE GOVERNANCE APPROACHES

Is Corporate Governance relevant?

Charity Public SectorE.g. Oxfam

16

YES YES

Due to the agency relationship between - due to the agency relationship between Donors and mgt of the Charity between the tax payer and the politicians

***Objectives ***Objectives- is to meet the Charity’s Constitution - is to meet social needs (health &education)

***Read article on: ‘Non corporate’ corporate governance

SMALL COMPANIES

Is corporate governance relevant?

YES NO

- If there are shareholders not on the board. (There is an - if the company is owner-managed (no agency relationship) i.e. Not owner-managed. Agency relationship)

PROBLEMS

- Cost of complying- not enough directors to perform the roles- Time spent or needed too high

SOLUTION

- Comply or explain(i.e. follow the code or explain why you haven’t followed the code to shareholders (disclosure)

APPROACHES TO CORPORATE GOVERNANCE

RULES-BASED PRINCIPLES-BASED

- Legal requirements (US) - Guidance (UK)- Compulsory - Optional (However if a listed company,- penalties for failure to comply must follow it)- very clear instructions: there’s clarity in what the coy must do - more flexibility (good for small coys)- standardisation for all companies – there is no choice as to - companies often exceed expectationsComplying or explaining and this creates a standardised and - Cheaper to complyPossibly fairer approach for all businesses- strong deterrent (people comply through fear): the sanction is Criminal and therefore a greater deterrent to transgression.

SWAP FOR DISADVANTAGES

Arguments against the Rules-based approach

- exploitation of loopholes: the exacting nature of the law lends itself to the seeking of loopholes- Legal costs: to enact new legislation to close loopholes- ‘Regulation overload’: the volume of rules and amount of legislation may give rise to increasing costs for

businesses and for the regulators.

17

- flexibility is lost- there is no choice in compliance to reflect the nature of the organisation, its size or stage of development

- Checklist approach – this can arise as companies seek to comply with all aspects of the rules and start ‘box-ticking’

- Box-ticking rather than compliance – this does not lead to well governed organisations- Limits – there is no room to improve, or go beyond the minimum level set

SARBANES-OXLEY (SOX)

- Introduced in 2002 after Enron and WorldCom- Applies to US listed companies and their subsidiaries and auditors working on US listed businesses.- It is a rules-based approach to governance- Is extremely detailed and carries the full force of the law

B I T T E R C O D E

B – Ban on loans to executive directors

I – Internal control statement

T – Two audit partners needed to sign audit reports

T – Two days’ notice to the rest of the board: Directors are prohibited from dealing in shares at ‘sensitive times’

E – Establish an independent audit committee – will be disallowed from trading if it does not have one

R – Rotate senior audit partners every 5 years. This is compulsory

C – Certificate signed by the CEO & CFO on the validity (accuracy) of the FS

O – Other services provided by the auditors (consultancy) banned – to increase independence

D – Disclose all off balance sheet finance (apply substance over form)

E – Ethical code must be followed

KEY EFFECTS OF SOX

- Improved communication of material issues to shareholders- Improved investor and public confidence in corporate US- Improved internal control and external audit of companies- Greater arm’s length relationships between companies and audit firms- Improved governance through audit committees- Personal liability of directors for mismanagement and criminal punishment

NEGATIVE REACTIONS TO SEX

- Doubling of audit fee costs to organisations- Onerous documentation and internal control costs- Reduced flexibility and responsiveness of companies- Reduced risk taking and competitiveness of organisations

18

INSIDER-DOMINATED STRUCTURES

- It is a company controlled by a small number of shareholders- A small number of shareholders are also on the board

= INSIDERS

E.g. ABC Company Shareholders = 1000SH 1 – Bank 30% 55%SH 2 – Government 25% = CONTROLSH 3 – 1000 individuals 45%

PROS CONSA C E M A T EA – Agency cost is reduced: the insiders are on the board, hence no monitoring needed. Also, fewer agency problems.

C – Cost of capital cheaper: access to insider cash is greater.

E – Expertise of the insiders: greater, stable expert input to managerial decisions.

M – Minority shareholders are poorly protected : they don’t have much say

A – Abuse of power by insiders

T – Transparency is poor (annual reporting is not very good): the insiders have no need and the minority have no power

E – Exit is harder for an insider: (sell shares + resigns from the board)

FAMILY COMPANY/STRUCTURES

- Company dominated by the family (Insider Company), i.e. a family has a controlling number of shares in a company

- Family are on the board- They often have preferential voting rights

PROS CONSA C E +

M A T E +

- Long term view: less risks because they want to pass on to the next generation

- The company should be more ethical in behaviour : because they are trying to protect the family name

- Family may not have the right skills to manage the company effectively (Gene pool)

- Any personal feuds may affect the company- Hard to remove a family member (other family

members get involved). If families separate, this could be costly in terms of buying our shareholding and restructuring

GUIDANCE GET THE FAMILY OUT!

- Remove the family from the board- Set up an ‘advisory board’ for the family: hence, they have no power, they only give advice- Recruit externally to the main board

CHAPTER 7: CORPORATE SOCIAL RESPONSIBILITY AND CORPORATE GOVERNANCE

IS A COMPANY SOCIALLY RESPONSIBLE?

19

NO YES- Company’s only legal duty is to maximise profit responsible companies have an increased reputation

For the shareholder – MILTON FRIEDMAN which increases sales and profits, which is their legal He believed that CSR is theft from the shareholder duty. – ENLIGHTENED SELF-INTEREST

- He argues that governments are responsible for governments are weak, so companies should Social issues

become active

- Companies are not people, hence should havein legal terms, a company is an artificial

person, so itNo responsibilities.

Should have the same rights & responsibilities.DVD: the Corporation, Fast Food Nation

- CORPORATE CITIZENSHIP

WHAT IS CSR?: CARROLL MODEL- ‘CSR encompasses the economic, legal, ethical and

philanthropic expectations placed on organisations by society at a given point in time.’

ECONOMIC RESPONSIBILITY: connected with why the organisation was established. Must be achieved in order to attain the higher level responsibilities.

- To make a profit for shareholders on their investments- Employees to be provided with safe and fairly paid jobs- Customers to be able to obtain good quality products at a fair price

LEGAL RESPONSIBILITY: implies that an organisation will follow the laws of the jurisdiction in which it is based as well as any internal moral views that the organisation has set. Non-compliance means a lack of social responsibility. E.g. price fixing, my collusion (oil industries)

- To comply with the law (Health & Safety, Employment Law, Environmental Law, IAS, Data Protection)- It is an acceptable rule book for company operation.

20

PHILANTHROPIC

ETHICAL

LEGAL

ECONOMIC RESPONSIBILITY

ETHICAL RESPONSIBILITY: relates to what is expected by society from organisations compared with what those organisations have to do from an economic or legal point of view. Therefore, it relates to doing what is seen to be right compared with doing what is simply legal. E.g. Shell disposed of an oil platform on land rather than sinking it at sea (as it legally could have done) due to concern about the environmental consequences of this action). Ethical responsibilities are therefore higher than both economic and legal responsibilities.

- Companies should do the right thing- Do what is just and fair E.g. paying above the minimum wage- Actions taken in this area provide a reaffirmation of social legitimacy

PHILANTHROPIC RESPONSIBILITY: generally concern actions desired of organisations rather than those required by organisations. For e.g. Tate & Lyle sponsoring the Tate Gallery in London. These activities are carried out more because the organisation believes it is the correct thing to do rather than because it must. The term ‘philanthropic’ derives from the Greek ‘love of society’, so there is no obligation to act.

- Discretionary behaviour to improve other people’s lives- Charitable donations and recreational facilities- Sponsoring the arts and sports events

DEVELOPING A CSR STRATEGY

HOW A COMPANY APPROACHES CSRIDENTIFY STAKEHOLDERS

- Any person or group that can affect or be affected by the activities of an organisation

CLASSIFY STAKEHOLDERS (Exam Focus)

- Internal & external: this is the distinction between STK inside the organisation and those outside. Internal includes employees, management and possibly, trade unions. External includes customers, competitors and suppliers.

- Narrow & Wide: this is the extent to which the STK group is affected by organisational activity. Narrow are those most affected or who are dependent on corporation output, such as shareholders, employees, management, customers, suppliers. Wide are those less affected or dependent on company output such as government, the wider community and non-dependent customers.

- Primary & Secondary: this focuses on the opposing view in Freeman’s definition, that STKs affect organisations as well as being affected by organisations. Primary are those that have a direct effect on the company without whom it would be difficult to operate, such as government, shareholders and customers. Secondary are those that have a limited direct influence on the organisation and without whom the company would survive such as the community and management.

- Active & Passive: this distinguishes those that seek to participate in organisational activity and those that do not. Active are those that wish to participate including management and employees, but may also include regulators, environmental pressure groups and suppliers. Passive are those that do not wish to participate including shareholders, local communities, government and customers.

- Voluntary & Involuntary: this categorisation removes the element of choice associated with active and passive participation, subdividing the active group into 2 elements. Voluntary are those STKs that choose to be involved in organisational decision making such as mgt, employees’ environmental groups and active shareholders. These STKs can withdraw their stakeholding in the short-term. Involuntary are those that do not choose to be involved in organisational decisions, but become involved for a variety of reasons. This could include regulators, key customers, suppliers, gov’t, natural environment and local communities. They cannot withdraw in the short-to-medium term.

- Legitimate & illegitimate (terrorist): this is the extent to which the claim of the STK is considered a valid claim. It can be a subjective classification with debate surrounding certain group’s claims, and can lead to the concept of whether STKs are recognised by the organisation or not. Legitimate are those with an active economic relationship with an organisation such as customers and suppliers. Illegitimate are those without such a link, such as terrorists, where there is no case for taking their views into account when making decisions.

21

ESTABLISH STAKEHOLDER CLAIMS

Establish the stakeholder’s demands (expectations of the company)- Direct claim (stakeholder requests)- Indirect claim (Stakeholder has no voice)

ASSESS THE IMPORTANCE OF STKs(Mendelow model)

Use 2 criteria:- Power- Level of interestMendelow model: assesses the importance of stakeholders using a matrix.E.g. Mac Donalds: Meat Suppliers, Kitchen workers (16 yr old), Government, Customer, CEO

LOW

POWER

HIGH

MINIMUM EFFORTKitchen worker

KEEP INFORMEDMeat supplier

KEEP SATISFIEDGovernment

KEY PLAYERS CEOInstitutional investors

LOW INTEREST HIGH

Power: relates to the amount of influence (r power) that the STK group can have over the organisation. However, the fact that a group has power does not necessarily mean that their power will be used. Level of interest: indicates whether the STK is actively interested in the performance of the organisation. The amount of influence the group has depends in their level of power.

MINIMUM EFFORT (Low interest, low power): these STKs typically include small shareholders and the general public. They have low interest in the organisation primarily due to lack of power to change strategy.

KEEP INFORMED (High interest, low power): these STKs would like to affect the strategy of the organisation but do not have the power to do this. STKs include staff, customers and suppliers, particularly where the organisation provides a significant percentage of sales or purchases for those organisations. Env’tal pressure groups would also be placed in this category as they will seek to influence company strategy, normally by attempting to persuade high power groups to take action.

KEEP SATISFIED (Low interest, High power): these stakeholders normally have a low interest in the organisation, but they do have the ability to affect strategy should they choose to do so. Stakeholders in this group include the national government and in some situations institutional shareholders. The latter may well be happy to let the organisation operate as it wants to, but will exercise power if they see their stake being threatened.

KEY PLAYERS (High interest, high power): these STKs have a high interest in the organisation and have the ability to affect strategy. STKs include directors, major shareholders and trade unions.

DECIDE HOW TO RESPOND

Social responsiveness: refers to the capacity of the corporation to respond to social pressure and the manner in which it does so. Carroll suggests four possible strategies: reaction, accommodation, proaction and defenceR A P DR - Reaction: the corporation denies any responsibility for social issuesA - Accommodation: the corporation accepts responsibility and does what is demanded of it by relevant groups (Do as STK demands)P - Proaction: the corporation seeks to go beyond industry norms (exceed the STK’s claim)D - Defence: the corporation admits responsibility but fights it, doing the very least that seems to be required. (Do minimum required)

Responses are affected by the company’s view; i.e. Normative & Instrumental views

22

ORGANISATIONAL MOTIVATIONS REGARDING STAKEHOLDERS: Donaldson and Preston draw a distinction between motivations as to why organisations act in relation to the concerns of stakeholders.

STAKEHOLDER VIEWS

E.G. Customer claim: supermarket to recycle bags

The supermarket’s response depends on view……

NORMATIVE VIEW INSTRUMENTAL VIEW

- Company responds to claims if there is a moral - company responds to the claim only if it helps to duty. meet objectives. (profit $)E.g. recycle the bags to save the planet. E.g. recycle to increase reputation, increase to sales,GOOD CORPORATE CITIZENSHIP therefore increase to profit.

***The company has SELF ENLIGHTENED INTEREST

ASSESSING STK IMPORTANCE

Customers, shareholders and employees may be the most important stakeholders but continual assessment helps to focus in on those that require immediate action.

Three attributes may be assessed:

1. Power: the perceived ability of the stakeholder to affect organisational action2. Legitimacy: whether the company perceives the stakeholder action to be legitimate3. Urgency: whether the stakeholder claim calls for immediate action

Definitive stakeholders (possessing all three) require immediate action, the others are latent stakeholders.

Examiner’s article published in Student Accountant in February 2008, ‘All about stakeholders – part 2’

IMPACT OF STAKEHOLDERS ON CORPORATE GOVERNANCE

A key area of impact is in relation to the increased need for, and existence of, social accounting. There are various forms of social accounting produced for inclusion in the Business Review as part of annual reporting reports.

Ethical accounting: tends to focus on internal management systems or codes of practice at an individual level and how the company audits and complies with this.

Environmental accounting: tends to focus exclusively on the organisation’s impact on the natural environment

Social accounting: has a broader remit to incorporate employee conditions, heal and safety, equal opportunities, human rights, charity work

Sustainability accounting: is a grand title that incorporates the triple bottom line of the first three with possible emphasis on environmentalism.

CORPORATE CITIZENSHIP

Corporate citizenship suggests an expanded viewpoint of the corporate role, moving beyond the boundaries of direct stakeholder relationships. It implies a role for corporations in the societies upon which they impact.

It is linked to the concept of corporate accountability.

Corporate accountability refers to whether the organisation is in some way answerable for the consequences of its actions beyond its relationship with shareholders.

23

The demands for corporations to be more accountable and step up to the new role as valid members of society comes from two main sources: GOVERNMENT FAILRE AND CORPORATE POWER.

GOVERNMENT FAILURE: one consequence of a modern society with an abundance of products and services is the failure of governments to deal with risks that accompany these rapid changes.

- Sometimes the risks are beyond the control of a single government- Sometimes electoral impact dampens political will- Sometimes they are part of the problem- Sometimes it is simply too difficult to change lifestyles.

CORPORATE POWER: Corporation shapes lives in many ways:

- Liberalisation & deregulation of markets increase market power and restrict the ability of gov’ts to intervene- Privatisation of many previous state monopolies places greater power in the corporate hand- Countries struggle with unemployment and yet the decision to locate and support societies is often not theirs

but that of corporations- The pressure on low-wage economies to maintain low wages (and hence low costs to attract customers) is vast- Complex cross-border legal agreement is very difficult and so corporations are encouraged to self-regulate.

CHAPTER 8: INTERNAL CONTROL SYSTEMS

F8 RECAP:

BASICS OF CONTROLS

- Controls attempt to ensure that risks, those factors which stop the achievement of company objectives are minimised.

- Internal control systems comprises the whole network of systems established in an organisation to provide reasonable assurance that organisational objectives will be achieved.

- Internal management controls refer to the procedures/policies put in place to ensure the company meets its objectives

- The control procedures and policies provide the detailed controls implemented within the company

A S P I E

Objective Purpose

A – Accurate records Reliable reporting for the shareholders (accurate and complete records)

S – Safeguard assets (cash) to protect the shareholders investments

P – Prevent fraud & error to prevent misuse of shareholders fund

I – Internal policies followed to ensure compliance with the law e.g. health & safety, fire (to prevent fines which would reduce profits of the company and also to protect reputation)

E – Efficiency to maximise profit for shareholders (timely preparation of fin. information)

- In order to achieve these objectives, there is a need to put up controls effectively.- The lack of internal controls implies that directors have not met their obligations under corporate governance.

It specifically means that the risk management strategy of the company will be defective.- However, controls alone are not enough to achieve this.

CASE STUDY: rogue trader

Barings Bank

- There was a trader called Nick Leeson

24

- He accumulated £800m+ losses by gambling wrongly- Bank couldn’t recover and eventually collapsed.

Societe Generale

- There was a trader called Jerome Kerviel- Accumulated £5bn losses

Both bank had controls!!!

- Trades authorised by managers Managers ignored it at SG At Barings Bank, Nick was the manager – self-review threat

- Both had trading limits Managers ignored – self-interest threat) because the bigger the risks taken, the bigger the returns,

meaning big bonuses. Same applies to Nick- Both banks had an accounts team to reconcile trades daily

Nick Leeson was head of team at Barings Bank, hence no segregation of duties.

P1 – emphasises that controls on its own are not enough! Companies need an EFFECTIVE control system.

ELEMENTS OF AN EFFECTIVE CONTROL SYSTEM

- COSO Framework: was formed in 1985 to sponsor the national commission on fraudulent reporting. COSO produces guidance on the implementation of internal control systems in large and small companies.

- It defines internal control as a ‘process, effected by the entity’s board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives’, in three particular areas:1. Effectiveness and efficiency of operations2. Reliability of financial reporting3. Compliance with applicable laws and regulations

***The above 3 are also benefits of an internal control system

C R I M E

Component of the system Example E – Environment: commitment from the board to set up and maintain good controls (good Attitude, Awareness & Action). The overall ‘tone’ or approach to internal control set by management

Kaplan: High pass ratesRegular communication from the CEO on the importance of pass rates

R – RISK ASSESSMENT: Identify , assess and manage the risks that threaten the company’s objectives (25% of syllabus)

- Tutors are rubbish- Materials are poor- Environment not conducive for learning- Competitors are strong

C – Control activities: procedures to ensure instructions are followed

- Regular reviews of tutor feedbacks- Examiner reviews materials produced by Kaplan

I – Information & Communication: gather regular information & communicate it to the right people

- Tutor issues are reported to Head of Tutors- Materials (i.e. books) issues are reported to the

Head of PublishingM – Monitoring: need independent review of controls system for effectiveness

Audit Committee: However, they lack the operational knowledge hence they need the Internal Audit function

- Internal audit do spot checks on tutors

GOVERNANCE REQUIREMENTS

25

UK TURNBULL REPORT

Directors need to

① Implement a SOUND system of control ② Review it regularly- To be sound, they are recommending the COSO framework - Minimum of once per year

CRIME- They also introduced 3 extra criteria - Delegate to Audit Committee

1. Embed the system into the company (make it part of the Company’s culture and systems) i.e. values & beliefs(CONTROL ENVIRONMENT) ③ Report to shareholders

2. Respond to evolving risk (I.e. if risks changes, the systems Of controls need to change) ***Risks are dynamic(RISK ASSESSMENT)

3. Clear reporting lines for issues(INFORMATION & COMMUNICATION)

***LIMITATIONS OF CONTROLS

- Human error: all internal control systems are at risk from mistakes or errors. - Fraudulent collusion (segregation of duties): internal control systems can be by-passed by collusion & events- Abuse of authority- Management ignore controls- Obsolete controls are not effective- Costs vs benefits- A good internal control system cannot turn a poor manager into a good one.

It is good corporate governance to establish the system, risks within the company will be minimised, but those risks can never be entirely eliminated.

US SARBANES-OXLEY

B I T T E R C O D E

*Overdue for exams *** INTERNAL CONTROL STATEMENT: Usually 2 page report. - Directors must disclose the following in the annual report:

F E A R

F – Framework followed

E – Evaluation of controls

***A – Auditors report on controls

R – Responsibility of the board for controls

ROLES IN RISK MANAGEMENT AND INTERNAL CONTROL

- All employees have some responsibility for monitoring and maintain internal controls.- It is not solely the responsibility of executive managements- Roles in monitoring range from the CEO setting the ‘tone’ for internal control compliance, to the external

auditor, reporting on the effectiveness of the system.

26

The Turnbull Report provides the responsibilities of directors in relation to internal control systems in the mnemonic, CRIME. And states that management should:

- Implement board policies- Identify and evaluate the risks faced by the company

The Turnbull report also suggests that internal audit makes a significant and valuable contribution to a company.

It also stated that with regards to the review of the effectiveness of internal control:

- The review of internal control is a normal responsibility of the management- The review itself, however, will be delegated to the audit committee (the board do not have the time or the

expertise to carry out the review themselves)- The board must provide information on the internal control system and review in the annual accounts- The review should be carried out at least annually.

CONTROL ACTIVITIES

These are the detailed internal controls which are embedded within the operations of the company.

S P A M S O A P (T A)

S – Segregation of duties: Corporate governance codes state that the duties of the chairman of the board and the CEO should be segregated, to prevent one individual from acquiring a dominant position on the board. (Misuse of power) Although segregating duties provides protection against fraud by one individual, it is not effective against collusion to commit fraud by two or more individuals

P – Physical controls: are measures and procedures to protect physical assets against theft or unauthorised access and use. They include:

- Using a safe to hold cash and valuable documents- Using secure entry systems to buildings or areas of a building- Periodic inventory checks- High security guards and using CCTV

A – Authorisation and approval controls: are established to ensure that a transaction must not proceed unless an authorised individual has given his approval, possibly in writing.

M – Management control: are controls exercised by management on the basis of information they receive

S – Supervision: is oversight of the work done by other individuals, by someone in a position of responsibility. Supervisory controls help to ensure that individuals do the tasks they are required to and perform them properly.

O – Organisation controls: refer to the controls provided by the organisation’s structure, such as:

- The separation of an organisation’s activities and operations into departments with a clear division of responsibilities

- Delegating authority within the organisation- Establishing reporting lines within the organisation

A – Arithmetic and accounting: controls are provided by:

- Recording transactions properly in the accounting systems- Being able to trace each individual transaction through accounting records- Checking arithmetic calculations, such as double-checking the figures in an invoice before sending it to a

customer (sales invoice) or approving it for payment (purchase invoice) to make sure that they are correct.

27

P – Personnel controls: controls should be applied to the selection and training of employees, to make sure that suitable individuals are appointed to positions within the organisation; individuals should have the appropriate personal qualities, experience and qualifications where required; individuals are given suitable induction and training to ensure that they carry out their tasks efficiently and effectively. Staff should be given training in the purpose of controls and the need to apply them, which should increase employee awareness and understanding of the risks of failing to apply them properly.

T – Top level reviews: the board of directors or senior management might call for a performance report on the progress of the organisation towards its goals. For e.g. senior management might review a report on the progress of the organisation toward achieving its budget targets. Questions should be asked by senior management, prompting responses at lower management levels. In this way, top level reviews are a control activity.

A – Activity controls: at departmental or divisional level, management should receive reports that review performance or highlight exceptions. Functional reviews should be more frequent than top-level reviews, on a daily, weekly or monthly basis. As with top-level reviews, questions should be asked by mgt that initiate control activity. An e.g. of control by mgt is the provision of regular performance reports, such as variance reports, comparing actual results with a target or budget.

MANAGEMENT LEVELS:

- Within an organisation, management are normally divided into three different levels: Strategic, tactical and operational.

LEVEL ACTIVITYStrategic (board of directors)

Involved with monitoring and controlling the organisation as a whole, making decisions on areas such as opening of new shops and factories or investment in new product line. Management of internal controls: Strategic managers tend to be focused on planning (detailed control is a lower mgt function). However, strategic mgt are normally charged with ensuring that the internal control system is effective. They will therefore be responsible for ensuring that the importance of internal control id recognised in the organisation and providing the necessary resources to establish and monitor this system.

Management of risk:Risk management is a responsibility of strategic management. Strategic decisions such as deciding which products to manufacture or which areas to trade in will be taken here – with those decisions impacting on the amount of risk faced by the company. Information will be needed on the potential outcomes of different decisions so the amount of risk can be adequately assessed. Strategic managers will be advised by the risk committee.

Tactical (divisional management)

Responsible for implementing the decisions of strategic managers and ensuring that the different divisions or departments within the organisation are operating correctlyManagement of internal controls: Managers will have responsibility for implementing strategic managements’ decisions – in this case the actual internal control systems within the company. Similarly, where control weaknesses are identified, tactical managers will need to remedy those weaknesses and where necessary inform strategic mgt of material weaknesses.

Management of risk:Managers will be responsible for implementing strategic mgt’s decisions. They will also be reporting identified risks to strategic mgt, either from environmental monitoring or from use of decision-making tools such as the decision support system (DSS). The latter may identify risks from falling sales for example, which will need strategic management action. Tactical managers will be collecting information on operational risk from lower level managers and recommending control activities to mitigate those risks.

28

DSS: is a computer based system which enable managers to confront ill-structured problems by direct interaction with date and problem-solving programs.

Operational (junior management/team leaders)

Controlling the day-to-day operations of the organisation, reporting queries or problems back to tactical management for decisions as necessary. Management of internal controls: Operational managers will be responsible for the operation of specific detailed internal controls. E.g. controls to ensure that stock is not stolen from company premises.

Management of risk:Operational managers will have little or no influence over the risk appetite of the company. They are, though, in a position to identify risks at the operational level & therefore report these to tactical management.

CHARACTERISTICS OF INFORMATION: The information received by management needs to be of a certain standard to be useful in internal control and risk management and monitoring.

The information should meet the criteria of ‘good’ information:

A C C U R A T E

A – Accurate

C – Compliance

C – Cost-beneficial

U – User-targeted

R – Relevant

A – Authoritative

T – Timely

E – Easy to use

IMPORTANCE OF ACCURATE INFORMATION FOR THE MANAGEMENT OF INTERNAL CONTROLS

- The board have to meet their corporate governance responsibility to ensure that an effective internal control exists within the organisation. In order to do this they will require accurate reports from auditors and managers within the company regarding the current controls, and any weaknesses identified.

- Good information will enable the board to confirm that the monitoring activities, undertaken by auditors and critical to the internal control system, are being carried out in an effective and efficient manner.

- Information regarding the costs and benefits of internal controls will enable the board to ensure that resources are not wasted on ineffective, or unnecessary controls.

- Accurate information regarding the risks facing the organisation will enable the board to be aware of any critical issues that may rise in the near future, and hence take action accordingly to mitigate any problems

- Board can provide the appropriate direction to the management of the company if they are fully aware of all the facts relating to any given situation. If the facts are distorted, the direction provided may be inappropriate.

29

CHAPTER 9: AUDIT AND COMPLIANCE

CONTROL RESPONSIBILITIES

INTERNAL EXTERNALBOARD report on effectiveness to

- Overall responsibility- Implement sound system- Review regularly

SHAREHOLDER- Shareholder activism:

i. voting on controlsii. reading the financial statements(Chapter 5)

INSTITUTIONAL INVESTORSOS RAINS

I - Internal controls

AUDIT COMMITTEE – review, oversee & assess- financial reporting- controls- external audit- internal audit

EXTERNAL AUDITOR

UK – provide feedback on control deficienciesUS SOX – Audit report

INTERNAL AUDIT- must be independent- role R E V I E W S- all companies must consider the need

depending on:i. sizeii. complexityiii. cost/benefit

AUDIT COMMITTEE

- Formal engagements for Financial reporting, controls & auditor relationships

- It is a committee of the board of directors consisting entirely of independent NEDs, of whom at least one has had recent financial experience

30

- Most of the board objectives relating to internal controls will be delegated to the audit committee

*MINIMUM 3 NEDs

*1 needs recent financial experience

INTERNAL AUDIT

- They manage the relationships between the board & auditors This preserves independence (reduces familiarity and intimidation)

ROLE

Review, Oversee and Assess

① FINANCIAL REPORTING PROCESS ② INTERNAL CONTROL SYSTEMS

- Monitor integrity of the FS - independent evaluation of control system- Treatment of accounting items. E.g. lower of cost and - review financial controls

NBV or Revalued amount - monitor adequacy of internal control system- Disclosure - approve annual report IC statement- Accounting policies e.g. depreciation method used - receive reports from internal and external

Straight line or reduced balance auditors regarding controls

③ EXTERNAL AUDIT ④ INTERNAL AUDIT- Prepare a short list of audit firms for shareholders to choose - recruit Head Internal Auditor

from. - set work (i.e. job description)- Do post-completion reviews (review of how the audit - review audit reports

worked) - monitor independence- Monitor independence - meet with them once a year with no - Investigate resignations of external auditors managers - Approve engagement letter - review effectiveness of work performed

MONITORING INDEPENDENCE

Example Threat Audit committee solutionClose/family connection to board

Too dependent on fees

FAMILIARITY- May be biased to the

director

SELF-INTEREST- Auditor may please the

- Monitor length of service (5 years)- Review family connections

- Monitor size of the fee- If the fee is too big, they would

31

BOARD EXTERNAL AUDIT

Providing non audit services

client to keep the work

SELF-REVIEW- Overlook own errors

FAMILIARITY- Biased. Because spending

lots of time on the client

SELF-INTEREST- Fees becomes huge

INTIMIDATION- Fee

ADVOCACY- If represent the company

recommend removing other services

- Decide the most appropriate services for the company. ‘Non-audit service policy’

INTERNAL AUDIT

- Listed companies = compulsory- Must be independent (as much as possible)- All companies must consider if an Internal Audit is required.

INDEPENDENCE

- The internal auditors should be independent of executive management and should not have any involvement in the activities or systems that they audit

- The head of internal audit should report directly to a senior director or the audit committee. In addition, however, the head of internal audit should have direct access to the chairman of the board of directors and to the audit committee, and should be accountable to the audit committee

- The audit committee should approve the appointment and termination of appointment of the head of internal audit

Example Threat SolutionReview controls of a person you know

Review control you implemented

Denied access to information (executive directors)

FAMILIARITY - Biased

SELF REVIEW- Would overlook own errors

INTIMIDATION - Fear of losing job

The internal auditor rotates departments regularly

Segregate duties

Report to NEDs only (i.e. audit committee)

WAYS BY WHICH INDEPENDENCE IS MAINTAINED BY THE INTERNAL AUDITOR

Managing internal audit: Independence is maintained by the internal auditor being able to decide the scope of internal audit work without being influenced by the board/senior management.

Risk management: independence is maintained by the internal auditor being given access to information on all areas of the organisation (risk, controls, financial and operation information) and being able to report freely in any errors or omissions found.

32

Control: independence is maintained by ensuring full provision of information and independent reporting lines (via the audit committee)

Governance: independence is maintained by the internal auditor being able to report breaches of corporate governance code without fear of dismissal (as happened in the US prior to SOX)

Internal audit work: independence is maintained by the internal auditor being able to show that normal standards of internal audit work have been followed; there has been no pressure to ‘cut corners’ either from senior management or because the internal auditor decided to carry out work to a lower standard.

Communicating results: independence is maintained by the internal auditor being able to communicate to a committee or person separate from the board who also has the power to take appropriate action to the internal auditor’s report.

ROLES OF INTERNAL AUDIT

- Controls based

R E V I E W S

R – Review control activities (financial and operational controls): to ensure they are effective and there are no fraud and error

E – Examine timeliness of information: to ensure issues are dealt with quickly

V – Value for money auditing (3Es): to ensure the best service is obtained from suppliers

I – Identify the risks to the company: to ensure they are managed and don’t affect the company’s objectives

E – Examine compliance with the law: to ensure no penalties or damage to the reputation of the company

W – Work with audit committee: to provide operational support (to the NEDs who come in only 6 months a year)

S – Special investigations (one-off matters): to ensure one-off issues are not repeated (such as BP oil spill)

TYPES OF AUDIT WORK:

The internal audit department will carry out many different types of audit, as highlighted by the department’s varied roles. Examples of audit types are:

- Financial audit: involves examining records and evidence to support financial and management reporting in order to detect and prevent fraud.

- Operational audit: covers examination and review of a business operation, the effectiveness of controls and identification of areas for improvement in efficiency and performance including improving the 3Es of VFM auditing

- Project audit: about looking at a specific project (e.g. commissioning a new factory) and asking whether these were done well and lessons that can be learnt from any mistakes made.

- Value for money audit: an area that internal auditors have been getting increasingly involved in the VFM audits. Also known as ‘best value’ audits, it assess services/suppliers in 3 main areas:

Economy – best price: looking at the inputs to the business (or process, and deciding whether these are the most economical that are available at an acceptable quality level.

33

Efficiency – best use of resources: considering how well the operation converts inputs to outputs. E.g. monitoring wastage in a manufacturing company or quality control failures

Effectiveness – best result: examining whether the organisation is achieving its objectives. There must be clear objectives for this purpose. Difficult for NFP organisations.

- Social and environmental audit: An environmental audit aims to assess the impact of the organisation on the environment. Normally involves the implementation of appropriate environmental standards such as ISO 14001 and EMAS. The social audit will look at the company’s contribution to society and the community. Contributions could be made through donations, sponsorship, employment, education, health & safety

- Management audit: a management audit is defined as an object and independent appraisal of the effectiveness of managers and the corporate structure in the achievement of the entities’ objectives and policies. Its aim is to identify existing and potential management weaknesses and recommend ways to rectify them.

FACTORS EFFECTING THE NEED FOR INTERNAL AUDIT

- The scale, diversity and complexity of the company’s activities: the larger, the more diverse and the more complex a range of activities is, the more there is to monitor (and the more opportunity there is for certain things to go wrong)

- The number of employees: as a proxy for size, the number of employees signifies that larger organisations are more likely to need internal audit to underpin investor confidence than smaller concerns

- Cost/benefit considerations: management must be certain of the benefits that will result from establishing internal audit and they must obviously be seen to outweigh the costs of the audit.

- Changes in key risks: the introduction of a new product, entering a new market, a change in any of the PESTEL factors or changes in the industry might trigger the need for internal audit

- Problems with existing internal control systems: any problems with existing systems clearly signify the need for a tightening of systems and increased monitoring

- An increased number of unexplained or unacceptable events: system failures or similar events are a clear demonstration of internal control weakness

WHY AN ORGANISATION MAY CHOOSE TO REPORT ON INTERNAL CONTROLS TO ITS SHAREHOLDERS- Companies that are more open with their disclosures regarding internal controls may benefit from increased

shareholder satisfaction as they know their asses are being well looked after- By reporting on their internal controls, a company opens itself to additional scrutiny by shareholders (and

other interested parties) which may improve corporate governance- The knowledge that their work will be reported on externally may help regulate the work of the audit

committee- By making the chair of the audit committee available for questions at the AGM, the company demonstrates

that it has nothing to hide, therefore increasing shareholder confidence.

CHAPTER 10: RISK AND THE RISK MANAGEMENT PROCESS

DEFINITION OF RISK: It is an opportunity/danger associated with an uncertain future event. Risks can have an adverse (‘downside exposure) or favourable (‘upside potential) impact on the organisation’s objectives.

Eg. A company decides to introduce a new product

FAILS SUCCESS= MARKET SHARE REDUCES = MARKET SHARE INCREASES

Needs to be managed= RISK MANAGEMENT

Risk Management: is the process of reducing the possibility of adverse consequences either by reducing the likelihood of an event or its impact, or taking advantage of the upside risk. It is key to effective internal control. In

34

turn, following good corporate governance procedures (including having sound internal control systems) will decrease the impact of many risks on an organisation. It is the responsibility of mgt to establish a risk mgt system.

PROCESS OF RISK MANAGEMENT

STAGERISK IDENTIFICATION: risks are identified by key stakeholders. Risks must obviously be identified before they can be managed.

- Strategic & operational risks- Business risk

M C R L T P L E DRISK ASSESSMENT: risks are evaluated according to the likelihood of occurrence and impact on the organisation. This assessment provides a prioritised risk list identifying those risks that need the most urgent attention.

- Assessing importance: 2 criteria1. Probability (%)2. Severity ($)

= RISK MAP***New syllabus: Environment/Correlation/Perception

RISK STRATEGY/PLANNING - T A R A – P3: planning involves establishing appropriate risk mgt policies. Policies include ceasing risky activities through to obtaining insurance against unfavourable future events. Contingency planning involves establishing procedures to recover from adverse events, should they occur.

T – transferA – Avoid: if can’t avoid risk, then, A L A R PR – ReduceA – Accept

RISK MONITORING: risks are monitored on an ongoing basis. Where risks change, new risks are identified then those risks are added to the risk assessment for appropriate categorisation and action

- Risk audits (Examiner Article)- Done by the internal or external auditor

RISK IDENTIFICATION: The risks businesses face will vary greatly between companies and derive from a number of different sources, including those shown below.

ACCA BUSINESS RISKS: According to the examiner, business risks are strategic risks that threaten the health and survival of the company

RISK DETAIL: The risks associated with……..

SOURCES/EXAMPLES IMPACT

MY MARKET ….the industry the company operates in and from its customers

- Failure to provide goods customers require

- Market sector overall declines

- Resource is running out (shortage)

- Competition

- Company ceases to trade

CLASS CREDIT … giving credit to customers (bad debt), or taking credit from suppliers

- Company’s credit rating is decreased

- Customers are not paying on time or don’t pay at all

- There are going concern problems so suppliers are paid late

- Company may not be able to obtain loans or credits

- Company may not obtain materials for production

REALLY REPUTATION … damaging the company’s brand/image (reduces confidence, lowers future sales)

- Production of poor quality products

- Product recalls/adverse publicity against company

- Loss of market share- Share price drops- In the extreme –

company closure

LIKES LEGAL … non-compliance with legislation/law

- There is a breach of regulations. E.g. Companies Act

- Company is sued by third party for breach of contract

- Adverse publicity- Fines and penalties

payable by company and/or officers

TAKING TECHNOLOGICAL … use of technology - There is lack of investment - Products appear to be

35

in the business (e.g. obsolete equipment)

in R&D- Competitors achieve

technological advantage

out of date- There is loss of market

shareP1 PROBITY … appearing

dishonest (directors) e.g. directors take a bonus when the company makes a loss

- Directors receive high bonuses when company is making losses

- Company trading in sector with adverse reputation (e.g. arms trade with ‘enemy’ countries)

- Adverse publicity- Possible boycott of

company products

LESSONS LIQUIDITY … the company’s cash flow and ability to repay debt (going concern)

- Customers are not paying quickly enough

- There is a poor credit rating- There is poor cash

management

- Company may not obtain materials needed for production or not pay for labour

- Company may have to borrow at a high rate for short-term funding to cover liquidity problems

- Company cannot meet its commitments which may lead to company failure

EVERY ENVIRONMENTAL … poor environmental performance (reputation goes down and breach of environmental law, therefore fines

- Breach of relevant legislation

- Company trading in sector with adverse reputation (e.g. testing on animals)

- Adverse publicity- Fine payable by

company

DAY DERIVATIVE ... the use of financial instruments. Derivatives are complex, which increases the risks of fraud and error.

- Losses made on forward exchange contracts

- Financial statements do not adequately disclose company’s transactions/ assets/liabilities

- Financial loss to company

- Adverse publicity- Possible closure of

business if losses are large

OTHERSPRODUCT

COMODITY PRICE

CURRENCY

Risk that customers will not buy new products (or services) provided by the organisation or sales demand for current products and services will decline unexpectedly

Businesses might be exposed to risks from unexpected increases (or falls) in the price of a key commodity

Arises from the possibility of movements in

36

INTEREST RATE

POLITICAL

REGULATORY

COMPLIANCE

ECONOMIC

ENTERPRENEURIAL RISK

HEALTH & SAFETY

foreign exchange rates, and the value if one currency in relation to another

Risk of unexpected gains or losses arising as a consequence of a rise or fall in interest rates

Depends to a large extent on the political stability in the countries in which an organisation operates and the attitudes of governments towards protectionism

Arises from the possibility that regulations will affect the way an organisation has to operate

Is the risk of losses, possibly fines, resulting from non-compliance with laws or regulations

Risks facing organisations from changes in economic conditions, such as economic growth, recession, taxation policy, international trading conditions

This is the necessary risk associated with any new business venture or opportunity

Many companies engage in potentially hazardous activities, such as coal mining, that can give rise to injury or the loss of

37

GEARING

life

For non-bank companies, it is the risk arising from exposures to high financial gearing and large amounts of borrowing

CATEGORIES OF RISK:

1. STATEGIC RISKS: affect the overall mission of the company. It threatens the going concern of the organisation

These are risks arising from the possible consequences of strategic decisions taken by the organisation. E.g. one company might pursue a strategy growth by acquisitions, whilst another might seek slower, organic growth. Growth by acquisition is likely to be much more high-risk than organic growth, although the potential returns might also be much higher.

It also arises from the way that an organisation is strategically positioned within its environment. E.g. a company may decide to expand into higher or lower risks areas perhaps by manufacturing new products or simply enhancing older products.

Strategic risks should be identified and assessed at senior mgt and board or director level. PESTEL and SWOT techniques can be used to identify these risks. (P3)

2. OPERATIONAL RISKS: affect the day-to-day activities of the company

It refers to potential losses that might arise in business operations. It may arise as a result of inadequate r failed internal processes, people and systems or external events. It includes risks of fraud or employee malfeasance, poor quality production or lack of inputs for production.

They can be managed by internal control systems.

RISK ASSESSMENT

- Second state of risk management- Assess the importance of risk using 2 criteria:

Probability (likelihood that the risk arises)

Severity (impact on the organisation if the risk does arise)

= RISK MAP

LOW

PROBABILITY (%)

HIGH

- Sainsbury’s stop contract - Contaminate 100k choc bars

- Factory worker leaves- Recession

LOW SEVERITY ($) HIGH

- The map identifies whether a risk will have a significant impact on the organisation and links that into the likelihood of the risk occurring.

- This provides a framework for prioritising risks in the business

- Risks with a significant impact and a high likelihood of occurrence need more urgent attention than risks with a low impact and low likelihood of occurrence.

38

- The significance and impact of each risk will vary depending on the organisation:

e.g. an increase in the price of oil will be significant for airline company but will have almost no impact on a financial services company offering investment advice over the internet.

- The severity of the risk can also be discussed in terms of ‘hazard’. The higher the hazard or impact of the risk, the more severe it is.

New…..ish bits of syllabus (2 Articles)

1. ENVIRONMENT: the industry, the company, employees.

E.g. Baked beans Static Environment (There’s no change ever in the industry)

All companies are on spectrum

E.g. mobile phones Dynamic Environment (there’s constant change in the industry)

- Risks constantly change, hence companies need regular risk assessment, and need to invest more in risk management.

2. RISK CORRELATION: these are risks that are related.

E.g. Mars chocolate do not recycle:- increase in reputation risk- increase in environmental risk

These risks above are positively correlated i.e. the risks are related and they may move together in the SAME DIRECTION. As the environmental risk increases, so does the reputational risk.

E.g. Mars invests in recycling plant:- reduction in reputation risk and environmental risk- increase in liquidity risk

These risks are negatively correlated. The risks are related but move in OPPOSITE DIRECTION. As more money is spent on reducing the environmental damage, therefore reducing the risk, there is an increase in the financial risk, as the company is depleting its cash reserves substantially.

3. RISK PERCEPTION: This is how risks are perceived.

SUBJECTIVE DATA OBJECTIVE DATA

Data is hard to quantify/measure with certainty Data is easy to quantify/measure

Creates more ROBUST risk management

WHY INCUR RISK?

- To gain competitive advantage: to generate higher returns, businesses may have to take more risk in order to be competitive. Not accepting risk tends to make a business less dynamic, and implies a ‘follow the leader’ strategy.

- To increase financial return: incurring risk also implies that the returns from different activities will be higher – ‘benefit’ being the return for accepting risk. Benefits can be financial – decreased costs, or intangible – better quality information

In both cases, these will lead to the business being able to gain competitive advantage!

39

WHY MANAGE RISK?

- To identify new risks that may affect the company so an appropriate risk management strategy can be determined

- To identify changes to existing or known risks so amendments to the risk mgt strategy can be made. For e.g. where there is an increased likelihood of occurrence of a known risk, strategy may be amended from ignoring the risk to possibly insuring against it.

- To ensure that the best use is made of opportunities: organisations are identifying risks associated with new opportunities to increase the probability of positive outcomes and to maximise returns

- To enhance shareholder value by improving performance- To benefit from higher rewards associated with higher risks

BUSINESS RISKS: can either be:

GENERIC: that is, the risk affects all businesses. E.g. changes in the interest rate, non-compliance with company law, or poor use of derivative instruments. Generic risks can also affect different businesses in different ways, a company with substantial borrowing will be affected more by an increase in interest rates than a company with little or no borrowings.

SPECIFIC: the risk is specific to individual business sectors. Banks and Mining companies both face reputational risk. Banks – high profits and overcharging customer, Mining companies – poor working conditions and prolonged ill health resulting from working in mines. The overall point is that the risk profile is different for each sector – even though the risk areas can remain the same.

TOOLS AND TECHNIQUES FOR QUANTIFYING RISKS

A number of tools can be used to quantify the impact f risks on the organisation, some of which are described below:

Scenario planning: in which different possible views of the future are developed, usually through a process of discussion within the organisation

Sensitivity analysis: in which the values of different factors which could affect an outcome are changed to assess how sensitive the outcome is to changes in those variable

Decision trees: often used in the management of projects to demonstrate the uncertainties at each stage and evaluate the expected value for the project based on the likelihood and cash flow of each possible outcome

Computer simulations: such as the Monte Carlo simulation which uses probability distributions and can be run repeatedly to identify many possible scenarios and outcomes for a project

Software packages: designed to assist in the risk identification and analysis processes

Analysis of existing data: concerning the impact of risks in the past.

CHAPTER 11: CONTROLLING RISK

RISK STRATEGY/PLANNING

- Methods of managing risk

T A R A STRATEGY

LOWPROBABILITY (%)HIGH

ACCEPT TRANSFER

REDUCE AVOID

LOW SEVERITY HIGH

40

($)

T – TRANSFER RISK – Transfer risk to a 3rd party. In some circumstances, risk can be transferred wholly r in part to a 3rd party, so that if an adverse event occurs, the 3rd party suffers all or most of the loss.

- Insurance – businesses arrange a wide range of insurance policies for protection against possible losses.- Outsourcing- Factoring- Joint venture (share)/ franchising

A – AVOID RISK – stop activity that creates the risk. i.e. An organisation might choose to avoid a risk altogether. However, since risks are unavoidable in business ventures, they can be avoided only by not investing, or not undertaking the activity that gives rise to the risk in the first place (or withdrawing from the business area completely)

!!! May not always be possible

R – REDUCE RISK – reduce the possibility that the risk arises or the financial impact if it does.

- Controls - Risk diversification (spread your risk) :

Lots of products Lots of location

A – ACCEPT RISK – Take no action and incorporate the risk into the business. Simply accept that the risk may occur and decide to deal with the consequences in that particularly situation. The strategy is appropriate normally where the adverse effect is minimal. For example, there is nearly always a risk of rain; unless the business activity cannot take place when it rains then the risk of rain occurring is not normally insured against.

New....ish

- Risks can’t always be eliminated due to cost or because the product is very profitable- So companies should A L A R P

i.e. They should ensure the risk is As Low As Reasonably Possible- If the organisation can’t avoid it, transfer it to reduce it as low as possible, however the costly nature of risk

reduction should be taken into account. - The ALARP principle expresses a point at which the cost of additional risk reduction would be grossly

disproportionate to the benefits achieved. - The ALARP principle is usually applied to safety critical, high integrity systems where health and safety risks

cannot be eliminated e.g. Oil rigs. - E.g. a company spends £1million to prevent a member of staff suffering from a bruised knee is obviously

grossly disproportionate. Whereas a company spending £1million to prevent a major explosion capable of killing 150 people is obviously proportionate.

RISK MONITORING

- This is an independent review of risk mgt to ensure it is effective. - It is done by the Internal or external auditor

= RISK AUDIT- Risk audit is a systematic way of understanding the risks that an organisation faces. It is not mandatory for all

organisations but, in some highly regulated industries, a form of ongoing risk assessment and audit is compulsory in most governance jurisdictions.

- Refer to the Examiner’s article published in Student Accountant in March 2009 ‘Risk and Environmental Auditing)

41

STAGES OF RISK AUDIT

IDENTIFY RISKS This is where the auditor re - performs the 1st stages of risk management and then use their independent results as a benchmark. ASSESS RISKS

REVIEW Reviewing the controls that are in place to prevent and/or detect the risk and assessing if they are appropriate.

- Any identified risks?- Poorly assessed risks?- Poorly managed risks?

REPORT Reporting findings to the risk committee. Informing the board (or risk committee where one exists) about risks which are outside acceptable levels or where controls over specific risks are ineffective.

PROCESS OF EXTERNAL REPORTING OF INTERNAL CONTROLS AND RISKS1. Identify reporting situation

Internal control failure/directors making inappropriate decisions (as in Enron)2. Check compliance with legislation/ethical guidance

Companies Act/Stock exchange requirement/professional ethical guidelines may require disclosure

3. Make report if requiredDocument reason for report (e.g. qualified audit/report whistleblowing) and make report to appropriate third party.

INTERNAL OR EXTERNAL RISK AUDITORS?

- Speed of work and familiarity

Internal audit teams have the advantage of familiarity with the organisation’s culture, systems, procedures and policies. Given their familiarity with the nature of the business and how things are supposed to work, internal audit should be able to perform a highly specific and focussed risk assessment.

It can be argued that an external team would take a long time to develop the same understanding and could never, in practice, maintain the same knowledge of a company’s nuances as it evolves as an internal team.

- Flexibility

Internal teams are flexible in terms of the way they are deployed. As they are controlled by management, they can be directed to perform a variety of engagements that can be changed at a moment’s notice.

All engagements with external auditors are subject to the restrictions of engagement letters, availability of resources and the fees they charge

- Quality of work

Internal audit should produce work that is written and structured according to the expectations and norms of the organisation, which is therefore relevant for the intended use.

External teams could be criticised for pitching their reports at too high a technical level for the intended guidance or perhaps in an area the audience was not specifically concerned with.

- Objectivity

External teams should comply with IFAC’s (and ACCA’s) code of ethics. They should therefore be more objective than an internal team, who will suffer from over familiarity with the company. It is likely that external auditors will have no link to anybody inside the organisation being audited and so there will be fewer prior friendships and personal relationships to consider

- Shareholder confidence

The fact that these threats are avoided or reduced will create a higher degree of confidence for investors and, where applicable, regulators

42

- Innovation

An external auditor brings a fresh pair

of eyes to the task, identifying issues that internal auditors may have overlooked because of familiarity. When internal employees audit a system or department, they may be so familiar with the organisation’s routines, procedures, culture, and norms that a key risk might be overlooked or wrongly assessed.

- Current skills and knowledge

Best practice and current developments can be introduced if external consultants are aware of these. Given that consultants typically promote themselves on the currency of their skills, it is often more likely that their knowledge will be more up to date than that of internal staff whose skills may be geared specifically to their organisation’s needs and expectations.

PURPOSE OF RISK AUDITING

- Risk auditing assists the overall risk monitoring activity (last step in the risk management process) by providing an independent view of risks and controls in an organisation

- As with any audit situation, a fresh pair of eyes may identify errors or omissions in the original risk monitoring process

- In many situations, audit work is obligatory (e.g. SOX requirements).- Following review, internal and external audit can make recommendations to amend risk management system

or controls as necessary.RISK RESPONSIBILITIES

43

INTERNAL EXTERNALBOARD: disclose significant risks - recognise overall responsibility for maintain controls

systems in the company- raise risk awareness - consider the risk appetite of the company- devise effective strategies to control risk

RISK COMMITTEE- mix of executives and majority NEDs - D A N G E R- where no risk committee is formed, the audit

committee will usually perform similar duties Roles include:- Update company risk profile and appetite and

report these to the board- Raise risk awareness and ensuring appropriate risk

mgt within the organisation- Establish policies for risk management and

continuously review it and make recommendations for amendment to the board when necessary

- Implement processes to monitor and report risk

RISK MANAGER - Is a member of the risk committee, reporting

directly to that committee and the board.- The role is more operational than strategic- Policy is set by the board and the risk committee

and implemented by the risk manager Roles include:

- Primarily to implement risk management policies- Implement changes when required- Identify and evaluate risks affecting the org. - Provision of overall leadership for risk mgt team- Carry out training on risk management- Give advice- Monitoring the status of risk mitigation strategies

and internal audits, and ensuring that all recommendations are acted upon

- Maintain good relationships with the board and the risk committee

- Ensure compliance with any laws and regulations affecting the business

- Seeking opportunities to improve risk mgt methodologies and practices within the org.

- Producing reports on risk mgt, including any statutory reports (e.g. SOX reports in the US)

INTERNAL AUDITOR- Independent monitoring of risks- Carry out risk audit

SHAREHOLDER- Shareholder Activism

i.e. Go to AGM Ask questions about risk

EXTERNAL AUDITOR- Sometimes, they carry out the risk audits. (e.g. if

the company is carrying out SOX or is a bank, this will be a very good practice)

- Identify and document internal controls in the company

- Test those controls report on material control deficiencies in the auditor’s report

RISK AWARENESS

- Risk must be embedded into the company’s culture and systems

- A lack of risk awareness means that an organisation has an inappropriate risk management strategy:

- Risks affecting the organisation may not have been identified meaning there will be a lack of control over that risk

- Risks may occur and the control over the risk is not active due to lack of monitoring and awareness

STRATEGIC: High level monitoring of riskTACTICAL: Monitoring of risk at divisional levelOPERATIONAL: Monitoring of risk in day-day operations.

How to embed risks:- Training- Communication (from top – down)- Include in job descriptions - Penalties for bad practice- Automatic procedures- Reward systems which recognise that risks have to

be taken in practice. (e.g. not having a ‘blame’ culture)

- ‘ALL MUST BE ON BOARD’

Limiting factors:- Overall commitment to risk mgt policies at all

levels in the organisation- The attitude to internal controls - Governance, i.e. the need to include - Whether risk mgt is a normal part of the org’s

culture, i.e. whether it is taken for granted or not.

44

ROLE OF BOARD

- Overall responsibility for risk management lies with the board of directors - They must generate RISK AWARENESS

To ensure all the employees are aware of risks as they arise of capable of identifying/recognising risks as they arise.

- Consider the company’s RISK APPETITE How much risks the company is willing to take

Depends on 2 factors

RISK ATTITUDE + RISK CAPACITY- risk seeking - company’s limit to risk ($)

- risk averse - size /structure/development

- Ensure effective STRATEGIES are in place (TARA)

- Disclose significant risks to shareholders

CHAPTER 12: ETHICAL THEORIES

STUDY OF MORAL BEAHAVIOUR

ABSOLUTISM RELATIVISM TELEOLOGICAL VIEW DEONTOLOGICAL VIEW

- Believe in clear rules

- Unchanging moral rights

DOGMATIC APPROACH- Means that

there is only ONE TRUTH

- Believe right/wrong depends on the conditions at the time

- Ethics is situational

PRAGMATIC APPROACH- Best route

CONDITIONS

PERSON COMPANY CULTUREKOHLBERG GRAY OWENS CARROLL ADAMS

- Pre-conventional 7 positions - Conventional- Post-conventional

Every country views responsibilities differently.

- Judge outcome of an action as right or wrong

CONSEQUENTIALIST APPROACH

2 Types- Egoism

- Utilitarialism

- Judge motivation for the actions as right or wrong

NON-CONSEQUENTIALIST APPROACH

KANT - philosopher3 MaximsAn action can only be right if:- We could all do it- It respects life - Others would

agree with it.

HAS TO MEET ALL THREE OF THE RULES!

DOGMATIC VS PRAGMATIC APPROACH

The idea of absolutism and relativism can be illustrated with two similar concepts

- A dogmatic approach takes the view that there is one truth and this truth is to be imposed in all situations. This viewpoint corresponds to absolutism.

- A pragmatic approach attempts to find the best route through a specific moral situation without reference to any absolutist belief.

The approach is similar to relativism in attempting to find a solution based on the given belief system of the individuals involved.

45

TELEOLOGICAL & DEONTOLOGICAL VIEWS- Boy breaks 15 cups helping mum wash up

- Girl breaks 1 cup trying to steal a biscuitWho is worse?

BOY GIRL

- Judging the outcome of the action - judging the motivation for her action= THEOLOGICAL VIEW = DEONTOLOGICAL VIEW

Two types IMMANUEL KANT – philosopher (3 MAXIMS)

- EGOISM An action can only be right if:Consider the outcome from the individual 1. CONSISTENCY: We could all do it. The action can only beperspective right if everyone can follow the same underlying principles

- UTILITARIANISM 2. HUMAN DIGNITY: It respects life (human & animals). Act - Consider the outcome from society so that you treat humanity, whether in your own person or

perspective. (Is it for the greater good?) in that of another, always as an end and never as a means only.

3. UNIVERSALITY: Others would agree with it.*** It has to meet all three of the rules. If it fails any of them, then doesn’t apply (wrong)

- Refer to hand-out for Kohlberg’s theory on Cognitive Moral Development (CMD) pg. 219

GRAY, OWENS & ADAMS7 POSITIONS OF SOCIAL RESPONSIBILITY

1. PRISTINE CAPITALIST

2. EXPEDIENT

3. PROPONENT OF SOCIAL CONTRACT

4. SOCIAL ECOLOGIST

- Company’s only legal duty is to shareholder i.e. to maximise profit - Anything that reduces shareholder wealth (such as acting in a

socially responsible way) is theft from shareholders. (CSR is shareholder theft)

- Believes in maximising profit but have ENLIGHTENED SELF INTEREST. Responsible companies have better reputation, hence more customers, more sales and higher profits.

- Recognise some social responsibility expenditure may be necessary to strategically position an organisation so as to maximise profit

- Believes society granted the company the right to trade and so the company’s responsibility is to act in society’s best interest

- Businesses enjoy a licence to operate granted by society so long as the business acts in an appropriate way

- Recognise that companies damage the environment and tries to reduce the company’s impact. (environmental footprint)

- Recognises that a business has a social and environmental footprint and therefore bears responsibility for minimising that footprint

46

5. SOCIALISTe.g. Amnesty International

6. RADICAL FEMINIST e.g. Charity organisations

7. DEEP ECOLOGIST/GREEN

- Organisation that believes companies (capitalism) oppresses people e.g. racism, sexism

- Organisation seeks change

- Believe companies should have feminine qualities (love, care, compassion)

- Believes capitalism is wrong! Because:1. it damages the environment2. it damages society (oppresses people)

- Company must change- Humans have no more right to the planet than any other species

*** Refer to the Examiner’s article in February 2008 ‘All about stakeholders – part 2’

KOHLBERG’S COGNITIVE MORAL DEVELOPMENT (CMD) THEORY- Attempts to explain the reasoning process behind moral judgements and how those processes changed as the

individual matured from a child to an adult.- In other words, CMD relates to the different levels of reasoning that an individual can apply to ethical issues

and problems.- It views ethical decisions from an individual’s perspective

Kohlberg identified three levels of moral development, with two sub-states within each level – giving 6 stages in total

- Level one: the individual is focused on self-interest, external rewards and punishment- Level two: the individual tends to do what is expected of them by others. In a business context, managers are

normally on Level 2- Level three: the individual starts to develop autonomous decision making which is based on internal

perspectives of right/wrong ethics, etc., rather than based on any external influences.

CRITICISMS OF THE THEORY- It has gender bias – the fieldwork for the theory was drawn from interviews with young American males- There is too great an emphasis on rights and justice compared with other bases of morality- People tend to use different moral reasoning strategies in different situations implying that there is no

sequence of stages.

Refer to hand-out given in class for further explanation

47

CHAPTER 13: PROFESSIONAL AND CORPORATE ETHICS

3 P’s1. PUBLIC INTEREST

- defined as that which supports the good of society as a whole. E.g. role of professionso Accountancy: as a profession that reports in the interest of shareholders

Support capitalismo Medicineo law

Relationship

responsibility PUBLIC rightsAct in the public’s - to trade and make profitsInterest - respect:

PROFESSION - granted a title

2. PROFESSION 3. PROFESSIONALISM

- Body of knowledge and skills that supports the - action taken to support the public interest. public interest How?

- Adherence to common code of values and conduct - O P P I C – Five fundamental principles- Acceptance of duty to society: in return, members - be socially responsible- Are granted a qualification and usage of a title

e.g. - professional experience - practical experience - accounting standards - codes e.g. ACCA code of ethics

THE ACCOUNTING PROFESSIONOver time, the profession appears to be taking more of a proactive than a reactive, approach

A REACTIVE APPROACHTaking responsibility for any negative consequences of accounting practice and, where appropriate, amending those practices to remove those consequences. E.g. the inclusion of off balance sheet financing in the accounts of companies after the downfall of Enron. In this sense, the accounting profession was reacting to a situation.

A PROACTIVE APPROACHSeeking out and positively contributing to the public interest. E.g. the accounting profession recognises that guidance on how to carry out an environmental audit is not available. Hence, guidance is provided ‘in the public interest’ as a benefit to society rather than waiting until society as a whole requests the guidance.

VALUE LADEN ROLE OF ACCOUNTANTS

- i.e. too much focus on moneyGRAY: Capitalism is flawed/wrong

o capitalism is damaging the environmento oppresses people (E.g. Nile pays 3p to people in third world countries because it is cheap, to make

profits)- need social and environmental change- accountants support capitalism = role is also flawed

= social and environmental changes are neededPaul Gilding: The Earth is full (video on TED)

Introduce Social & Environmental Accounting Implement S & E controls Audit S & E performance Advice on maximising tax

48

Write new standards for S &E issuesCOPPORATE ETHICS

- Relates to the application of ethical values to business behaviours- It encompasses many areas ranging from board strategies to how companies negotiate with their suppliers- It goes beyond legal requirements and is to some extent discretionary - Many companies provide details of their ethical approach in a corporate and social responsibility (CSR) report - Key areas of corporate ethics include:

Purposes and values of business Employees Customer relations Suppliers Shareholders Society implementation

CODE OF ETHICS- provides guidance on behaviour

Corporate code Professional code- Code tailored to an individual company. E.g. M&S E.g. IFAC Code of Ethics

Contents: 1. Fundamental principles- Communicate values a principles O P P I C- Ethical behaviour to key stakeholders

Shareholders 2. Conceptual Framework *** Customers Looks at the: Suppliers - threats (to objectivity) Employees - safeguards

- conflict resolution

Professional code of ethics: are issued by most professional bodies; the ACCA code was revised and issued in 2006. - The main reason for professional codes of ethics is to ensure that members/students observe proper

standards of professional conduct. - Members and students will therefore refrain from misconduct and not make any serious departure from the

ethical code - Id the standards are not observed, then disciplinary action may be taken - Maintenance of a professional code of ethics helps the accountancy profession to act in the public interest by

providing appropriate regulation of members

A. FUNDAMENTAL PRINCIPLES: are obligations (or responsibilities) placed on members of a professional institute.

- The principles apply to all members, whether or not they are in practice.- Taken from the ACCA code of conduct, they are listed below.

O P P I C

O – Objectivity: members do not allow bias or conflict of interest in business judgements. Accountants need to ensure that their business/professional judgement is not compromised because of bias or conflict of interest

Professional competence and due care: duty to maintain professional knowledge and skill at appropriate level. Accountants are required to have the necessary professional knowledge and skill to carry out work for clients. Also, accountants must follow applicable technical and professional standards when providing professional services.

P – Professional behaviour: member must comply with relevant laws and avoid actions discrediting the profession.Accountants must comply with all relevant laws and regulations. An accountant is required to treat all people contracted in a professional capacity with courtesy and consideration. Similarly, any marketing activities should not bring the profession into disrepute.

49

I – Integrity: members should be straightforward and honest in all professional/business relationships. Integrity implies fair dealing and truthfulness. Members are also required not to be associated with any form of communication or report were the information is considered to be:

- Materially false or to contain misleading statements - Provided recklessly- Incomplete such that the report or communication becomes misleading by this omission

C – Confidentiality: information on clients not disclosed without appropriate specific authority. The principle of confidentiality implies 2 key considerations for accountants:

1. Information obtained in a business relationship is not disclosed outside the firm unless there is a proper and specific authority or unless there is a professional right or duty to disclose

2. Confidential information acquired during the provision of professional services is not used to personal advantage.

The main reasons for disclosure are when it is:

- Permitted by law and authorised by the client- Required by law, e.g. legal proceedings or disclosing information regarding infringements of law- There is professional duty or right to disclose (when not barred by law) e.g. provision of information to

the professional institute or compliance with ethical requirements.

B. CONCEPTUAL FRAMEWORK: provides guidance on how the principles are applied.- It also helps to identify threats to compliance with the principles and then applies safeguards to

eliminate or reduce those threats to acceptable levels. - It recognises that ethical issues may have no ‘correct’ answer and therefore provides the generalised

guidelines and principles to apply to any situation.

THREAT to OPPIC SAFEGUARD CONFLICT RESOLUTION

- Self-interest E.g. Controls - process for resolving the threat if- Familiarity - Ethical training safeguard fails.- Intimidation - Ethics managers- Self-review - Whistleblowing policy- Advocacy (Confidential method of communicating

Unethical practice/behaviour)- Corporate code of ethics

- A threat to independence is any matter, real or perceived, that implies that the accountant is not providing an independent view or report in a specific situation.

- An ethical threat is a situation where a person or corporation is tempted not to follow their code of ethics

50

- An accountant needs to be independent so others can place reliance on his/her work. - Lack of independence implies bias, meaning less reliance would be placed.Safeguards seek to reduce or eliminate threats. They vary depending on the specific threat.An ethical safeguard provides guidance or a course of action which attempts to remove the ethical threat

They will fall into three categories created by the:1. Profession - these include:- Education and training including CDP requirements- Setting of corporate governance regulations and professional standards- Monitoring of professional work including disciplinary proceeding

2. Work environment – examples include:- Internal control systems - Review procedures- Disciplinary procedures- Organisational codes of ethics- Separate review and reporting for key engagements

3. Individual – these include:- Complying with professional standards- Maintaining records of contentious issues - Mentoring- Contacting professional bodies with queries

BENEFITS OF A CODE DRAWBACKS OF A CODE- Provides framework for conflict

resolution- Provides guidelines for similar ethical

disputes and methods of resolution- Provides the ‘boundaries’ across

which it is ethically incorrect to pass.

- Is a code only – therefore may not fit the precise ethical issue

- As a code, then it can be interpreted in a different ways – two different conflicting actions may appear to be ethically correct to two different people

- May be no clear or even ineffective punishment for breaching the code

RULES AND PRINCIPLES-BASED APPROACHES TO ETHICAL DILEMMA

RULES-BASED APPROACH: 1. Establish ethical rules that members must

follow2. Ensure members are aware of the rules3. Ensure members comply with the rules

PRINCIPLES BASED APPROACH:1. Establish fundamental ethical principles that

members must follow2. Ensure members are aware of the principles3. Require members to identify and address

threats to compliance with the principles and male an appropriate response to mitigate each threat

BENEFITS:- Easy to check compliance as based on fact- Easy to amend rule set as required

BENEFITS:- Recognises that every threat cannot simply be

‘listed’- Allows for subjective judgement, so the

member can apply the principles in accordance with their specific situation and nature of the threat

DISADVANTAGES:- The list of rules may not be complete- There is no room for individual decision making

DISADVANTAGES:- In some situations it may be difficult to confirm

that the compliance action was appropriate as two people may make different and valid decisions based on the same threat and circumstances.

51

WHAT IS CORRUPTION?

Corruption is bribery and any other behaviour in relation to persons entrusted with responsibilities in the public r private sector which violates their duties and is aimed at obtaining undue advantages of any kind for themselves or for others. The main forms of corruption are:

- Bribery: example, excessive ‘hospitality’. Firms are allowed to provide hospitality, promotional or other business expenditure like providing tickets to sporting events, take clients to dinner, and offer gifts to client as a reflection of good relations. However, these should not be of material value.

- Embezzlement- Fraud- Extortion

WHY IS CORRUPTION WRONG – the ethical argumentCorruption is inherently wrong:

- It has a misuse of power and position and has a disproportionate impact on the poor and disadvantaged- It undermines the integrity of all involved and damages the fabric of the organisations to which they belong.

WHY IS CORRUPTION WRONG – the business argumentThere are many reasons why it is in any company’s business interest to ensure that it does not engage in corrupt practices.

- Legal risks: it is increasingly becoming illegal in a company’s home country to engage in corrupt practices in another country

- Reputational risks: based on the experience of recent year, companies whose policies and practices fail to meet high ethical standards, or that take a relaxed attitude to compliance with law, are exposed to serious reputational risks. It is also not good enough to claim that other companies and competitors have engaged in similar practices.

- Financial costs: there is now clear evidence that in many countries corruption adds upwards of 10% to the cost of doing business and that corruption adds as much as 25% to the cost of public procurement. This undermines business performance and diverts public resources from legitimate sustainable development.

- Pressure to repeat offend: there is growing evidence that a company is less likely to be under pressure to pay bribes if it has not done so in the past. Once a bribe is paid, repeat demands are possible and the amounts demanded are likely to rise. Zero tolerance is the only practical solution

- Blackmail: by engaging in corrupt practices, company managers expose themselves to blackmail. Consequently the security of staff, plant and other assets are put at risk

- Impact on staff: if a company engages in or tolerates corrupt practice, it will soon be widely known, both internally and externally. Unethical behaviour erodes staff loyalty to the company and it can be difficult for staff to see why high standards should be applied within a company when it does not apply in the company’s external relations. Internal trust and confidence is then eroded.

- Impact on development: it is now clear that corruption has played a major part in undermining the world’s social, economic and environmental development. Resources have been diverted to improper use and the quality of services and materials used for development seriously compromised.

52

CHAPTER 14: ETHICAL DECISION MAKING p.g. 268

There are 2 models for ethical decision making

American Accounting Association (AAA) model Tucker Model(7 questions) (5 questions)

1. AAA model: provides a framework within which an ethical decision can be made. It suggests that if faced with a dilemma, 7 questions must be asked:The seven questions in the model are:

(Frequently I Pray Americans Ban Chocolate Doughnuts)

1. Frequently – Facts: consider the facts of the case?2. I – Issues: what are the ethical issues that arise from the facts?3. Pray – Principles: consider which principles and values are affected?4. Americans – Alternatives: what are all alternative courses of action available (in the exams, talk about 2)5. Ban – Best: select the best course of action in line with principles6. Chocolate – Consequences: consider consequences7. Doughnuts – Decision: what is the final decision?

2. Tucker model: provides a 5-question model against which ethical decisions can be tested. It is therefore used after the AAA model shown above to ensure that the decision reached is ‘correct’. i.e. It is used once decision is made to assess if it is ethical. Is the decision:

(People Love Fatty Rich Stuff)

People – Profitable? – is it profitable for shareholders?Love – Legal? – is it in the best interest of the society?Fatty – Fair? – is it fair to each stakeholder that is affected?Rich – Right? – is the overall decision the right one? (Almost conclusion)Stuff – Sustainable? – is it the right thing for the environment?

FACTORS AFFECTING ETHICAL BEHAVIOURAccountants are normally expected to behave ethically. However, that behaviour also depends on:

- The nature of the ethical issue – issue related factors, and- The context in which the issue takes place – context-related factors

Issue-related factors:- How important the decision is to the decision maker- The higher the intensity, the more likely it is that the decision maker will make an ethical rather than an

unethical decision

Context-related factors:- These factors relate to how a particular issue would be viewed within a certain context. For example:- If certain behaviours are seen to be rewarded, encouraged, or demanded by superiors despite being ethically

dubious, decision making may be affected- If everyone in a workplace does something in a certain way, an individual is more likely to conform: this can

result in both higher and lower standards of ethical behaviour. Key contextual factors are:

- System of reward- Authority- Bureaucracy- Work roles

53

- Organisational group norms and culture- National and cultural context

CHAPTER 15: SOCIAL AND ENVIRONMENTAL ISSUES

DEFINITIONS: GARY:

- Capitalism is flawed- Need changes

o Company must become SUSTAINABLE:Ensuring we meet the needs of present without compromising the ability of future generations to meet their needs. E.g. replant a tree for every tree used in production.

SUSTAINABLE DEVELOPMENT: is development that meets the needs of the present without compromising the ability of future generations to meet their own needs

o Companies should measure SOCIAL AND ENVIRONMENTAL FOOTPRINTMeasure consequences of their operations (inputs and outputs) on society and environment. E.g. Cadbury- Footprint of 49g bar of diary milk = 169g CO ₂- Will reduce by 50% by year 2020

ENVIRONMENTAL FOOTPRINT

In the same way that humans and animals leave physical footprints that show where they have been, so do organisations leave evidence of their operations in the environment. They operate at a net cost to the environment.

Examples of measuring impact of environmental footprint on the environment include:- Reduction in waste e.g. CO2 emissions- Promotion of sustainable activities e.g. metrics to ensure that dairy farming is sustainable

The environmental footprint is an attempt to evaluate the size of a company’s impact on the environment in three respects:

o The company’s resource consumptiono Any harm to the environment brought about by pollution emissionso A measurement of resource consumption and pollution emission in terms of harm to the environment

in their qualitative, quantitative or replacement terms

- Where resources use exceeds provision, then the activity can be termed as UNSUSTAINABLE

MEASURING FOOTPRINT (i.e. impact of economic activity)

DIRECT INDIRECTConsider consequences of production process Consider consequences of whole supply chainE.g. Car E.g. Car

- Factory only - importing metal- factory- customer uses car- scrap car

54

ENVIRONMENTAL ACCOUNTING2 Methods attempt to account for sustainability

FULL COST ACCOUNTING TRIPLE BOTTOM LINEAccounts for the total financial and non-financial costs Expand traditional reporting and account for:

- Economic ($) – Financial statements - Profit ($): A TBL company will balance the profit- Social objective with the other 2 elements while a non-TBL- Environmental company will seek to maximise this measure to

Aims to internalise all costs, including those which are improve shareholder return.incurred outside of the company. E.g. Olympic 2012 - People: A TBL company would attempt to pay itsEconomic: workers fair wages, maintain a safe working

- Stadium env’t and not use child labour, although these - Employing people practices will decrease the amount of profit - Ticket sale available for shareholders- Commercial for local Similarly, the company would promote its- Business surrounding community. E.g. by providing

Environment: educational opportunities or a safe community- Air pollution to live in. (as in Bourneville estate – Cadbury)- Concrete (water use + gas emission)- Impact on wildfire - Planet: refers to the environmental practices of the- Fireworks causes pollution company to determine whether they are

Social: sustainable or not. The TBL company attempts to - Noise pollution reduce the ‘ecological footprint’ by managing - Delays on transportation resource consumption and energy usage. E.g. Better- Tourist prices production processes to reduce resources consumed- Rental increases and toxic waste eliminated because the company - Redevelopment of Stratford believes it is inappropriate to produce toxic waste as- Happy spirit all over the env’tal cost of disposal is normally borne by the- Tourism was boosted gov’t and society as a whole.

They try to balance all three

ENVIRONMENTAL CONTROL SYSTEMS- Guidance for assessing the organisation’s impact on the environment

EMAS S E C O N D ISO 14000(Eco-Management and Audit Schemes)

YES System YES

YES External Audit YES(Disclosure) (Contols)

***Internal Auditor might do this

- Company should set environmental targets Contents - guidance on managing env’tal risko Involve key stakeholders (like risk management – TARA etc)

- Comply with environmental laws- Disclose environmental performance to

shareholders

55

- Company improves environmental Objective advice on environmental risk and performance control

- Voluntary Need to comply Voluntary

YES Disclosure YES- Full environmental statement Confirm that standards have been

followed - ISO

BENEFITS OF COMPLIANCE WITH EITHER STANDARD- Reduced cost of waste management- Savings in consumption of energy and materials- Lower distribution costs- Improved corporate image among regulators, customers and the public- Framework for continuous improvement of the companies’ environmental performance

ENVIRONMENTAL AUDIT

- Aims to assess the impact of the organisation on the environment- Normally involves the implementation of appropriate environmental standards such as ISO 14000 and EMAS- Provides the raw date for environmental accounting- Voluntary- Independent review of environmental performance- Can be done by internal or external auditor- No rules

An environmental audit typically contains 3 elements:

STAGE M &S1. Agreed matrix (what should be measure

and how)- Set targets that can be measured

2. Performance review- Measure actual performance against those

targets

3. Report- User varies- Compliance or Variance?

PLAN A- Set 100 targets

7 point scale

We are not aware of any issues (means they complied)

ENVIRONMENTAL ACCOUNTING- This is the development of an environmental accounting system to support the integration of environmental

performance measures and to track internal environmentally significant expenditure.- It builds on social and environmental auditing by providing empirical evidence of the achievement of social

and environmental objectives- Without social and environmental auditing, environmental accounting would not be possible.

Examples of environmental accounting measures include: - Monitoring water usage- Monitoring energy (including use of renewable and non-renewable energy)- Ensuring inventory is derived from renewable resources where possible- Measuring waste emissions and the company’s carbon footprint (amount of CO2 generated)

The aims of environmental accounting are:56

- To use the metrics produced from an environmental audit and incorporate these into an environmental report, and

- To integrate environmental performance measures into core financial processes to generate cost savings and reduce environmental impact through improved management resources

Benefits of environmental accounting- Cost savings: to utilise resources efficiently and effectively, and in doing so generate cost savings- Environmental improvements: to support the delivery of the environmental audit which will benefit the

company and the environment - Corporate governance: to assist in the management of environmental risks and operational costs including the

publication of environmental accounting disclosures in corporate documents such as the annual and CSR reports.

ENVIRONMENTAL REPORTINGGodrey, Hodgson and Holmes have defined environmental reporting as the ‘disclosure of information on environment related issues and performance by an entity.

It typically contains details of environmental performance in areas such as:- Measures of emissions (e.g. pollution, waste and greenhouse gases)- Consumption (e.g. energy, water and non-renewable mineral deposits)

The information is published in either the annual report and/or as a self-standing report.

SOCIAL REPORTINGOwen and Scherer explain that there is a significant concept underlying corporate social responsibility; this is that corporations should be concerned about society at large.

Social reporting is generally context specific, and typical contents will vary with industry, however the flowing issues should be included in a company’s considerations:

- Human rights issues- Work place, occupational health and safety- Training and employee issues- Fair pay for employees and suppliers- Fair business practices- Minority and equity issues- Marketplace and consumer issues- Community involvement- Indigenous peoples- Social development - Charitable, political donations and sports sponsorship

USEFULNESS OF THIS INFORMATION TO STAKEHOLDERSSocial and environmental reporting is becoming increasingly important, as many investors and other stakeholders want to know about the organisations social and environmental footprint in addition to its economic performance.

REASONS WHY THE ADDITIONAL INFORMATION IN USEFUL- By reporting on social and environmental issues companies will become more aware of the potential risk, and

less likely to suffer unforeseen liabilities due to reputational damage- The ethical performance of a business is a factor in some investor’s decision to invest- Employees may use ethical performance as a criterion in their choice of potential employer- Some consumers will not buy goods or services from unethical companies- Voluntary disclosure of social and environmental issues may pre-empt potential regulatory intervention- More social and environmental reporting will provide an impetus for internal development and a higher level

of Corporate Governance- The benefits of brand strengthening will have a positive impact in share price- Finally, shareholders as owners of the company simply have a right to as much information as possible

However, the additional cost of such reporting, and the ambiguous nature of the measure must also be considered.

57