• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

Card Range To Study

through

image

Play button

image

Play button

image

Progress

1/34

Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

34 Cards in this Set

  • Front
  • Back

Good corporate governance assures that:

Dealings with shareholders are fair and transparent


Board of directors held accountable


Company deals with stakeholders responsibly


Focus on sustainable success in longer term

Good corporate governance consists of a system of structuring, operating and controlling a company to achieve:

Fulfil long-term strategic goals


Consider and care for interests of employees


Consider environment and local community


Excellent relations with all business partners


Compliance with applicable legal and regulatory

Roles in corporate governance?

The directors are then responsible for setting the company’s strategy, providing
leadership to achieve this, supervising management and reporting to the
shareholders on their stewardship.



The role of shareholders in governance is to appoint the directors and the
auditors, and to satisfy themselves that an appropriate governance structure is in
place.



The external auditor is responsible for providing an opinion on the directors’
financial statements.



The internal auditor’s role is to support the directors in their responsibilities for
ensuring good governance is in place.

OECD PRINCIPLES OF CORPORATE GOVERNANCE

Ensuring the basis for an effective corporate governance framework

The rights of shareholders



Equitable treatment of shareholders



The role of stakeholders



Disclosure and transparency



Responsibilities of the board

NED role under Code

Receive induction


Develop and refresh knowledge and skills


Sufficient time available for duty


Integrity and probity


High-quality information


Take into account views of shareholders and stakeholders

SID role

be the Chairman’s sounding board on various issues;
act as an intermediary for other directors;
be another point of contact for shareholders; and
lead meetings of non-executive directors.

Code Accountability section, annual report should include:

details of the directors’ and auditor’s responsibilities in the annual report;
an explanation of how the company generates value over the longer term; and
a report from directors that the business is a going concern with supporting
assumptions or qualifications

Board responsibility in risk management and internal control

1. determining the nature and extent of significant risks; and
2. maintaining sound risk management and internal control systems.

Audit Committee points

establishing an audit committee with at least three independent NEDs, with at
least one member with recent and relevant financial experience;
publishing the terms of reference of the audit committee’s roles and
responsibilities;
reviewing whistleblowing procedures; and
monitoring and reviewing the effectiveness of internal audit or consider
annually whether there is a need for internal audit. FTSE 350 companies
should put the external audit contract out to tender at least every ten years.

Remuneration Committee points

1. The level and make up should:
a) be sufficient to attract the right people;
b) not be more than necessary; and
c) include a significant portion of executives salary as performance related to
promote the long-term success of the company. notes
2. Establishing a formal and transparent procedure to determine remuneration,
including setting up a remuneration committee with at least three independent
NEDs.

Listing Rules compliance statement

First part: the company has to report on how both the main and the supporting
principles of the Code have been applied.



Second part: companies must confirm compliance with the Code’s provisions. If
companies have not complied, they must disclose this with a
supporting explanation.

Code requirements for smaller listed companies vs full requirements

NEDs: two vs half the board


Min size of audit/remun committees: two vs three

Director going concern assessment

1. Assessing going concern
Directors should make and document a rigorous assessment of whether the
company is a going concern when preparing annual and half-yearly financial
statements.



2. The Review Period
Their review should usually cover a period of at least twelve months from the date of approval of annual and half-yearly financial
statements.



3. Disclosures
Directors should make balanced, proportionate and clear disclosures about
going concern for the financial statements to give a true and fair view.

Board statement on internal control (previously Turnbull)

disclose that there is an ongoing process for identifying, evaluating and
managing the significant risks;
acknowledge that the board is responsible for the system of internal control
and for reviewing its effectiveness;
summarise the process it has applied in reviewing the effectiveness of the
system of internal control; and
confirm that necessary actions have been or are being taken to remedy any
significant weaknesses.

FRC guidance on Audit Committees

At least three per year, decided by AC chairman.


No one other than AC chairman and members entitled to attend, but FD and external auditors can be invited.


It is desirable that the committee member whom the board considers to have
recent and relevant financial experience should have a professional qualification
from one of the professional accountancy bodies.


The audit committee should review its terms of reference annually and critically
assess its own effectiveness, making recommendations to the board of any changes
deemed necessary.

Roles and responsibilities of Audit Committee

1. Financial reporting
The audit committee should review the following in any financial reports:
significant accounting policies;
financial reporting issues;
estimates; and
judgements
The audit committee should review related information presented with the
financial statements, including:
the operating and financial review; and
corporate governance statements relating to the audit and to risk
management.



2. Internal controls and risk management systems
The audit committee should review the company’s internal financial controls
and unless addressed by a separate board risk committee, the company’s
internal control and risk management systems, in its entirety.



3. Whistleblowing
The audit committee should ensure that arrangements are in place for the
follow-up and independent investigation of such matters.



4. The internal audit process


The audit committee should review and approve the internal audit function’s
remit. They should ensure that the function has the necessary resources and
access to information, and is equipped to perform in accordance with
appropriate professional standards for internal auditors.



5. The external audit process


Appointment


Terms and Remuneration


Independence, including the provision of non-audit services


Annual audit cycle

Section 404 SOX internal control report

a statement of management’s responsibility for establishing and maintaining
adequate internal control over financial reporting;
identification of the framework used to evaluate the effectiveness of the
controls, which must be a suitable, recognised control framework (eg COSO or
Turnbull Guidance – see module 3);
management’s assessment of the effectiveness of internal control at the end of
the year;
a statement that the external auditor has issued an attestation report on
management’s assessment; and
disclosure of any material weakness.

Ineffective CSR approach

“managing risks” associated with impacts on corporate or brand reputation, eg
where there are allegations of poor labour practices or use of wasteful
packaging; or
a “bolt-on” to operations rather than “built-in” to business strategy.

Ten main elements of successful CSR

1. Board and senior management commitment;
2. Understanding and analysing the key sustainability drivers for the
organisation;
3. Integrating the key sustainability drivers into the organisation’s strategy;
4. Ensuring that sustainability is the responsibility of everyone in the
organisation;
5. Breaking down sustainability targets and objectives for the organisation as a
whole into targets and objectives that are meaningful for individual
subsidiaries, divisions and departments;
6. Processes that enable sustainability issues to be taken into account clearly and
consistently in day-to-day decision making;
7. Extensive and effective sustainability training;
8. Including sustainability targets and objectives in performance appraisal;
9. Champions within the organisation to promote sustainability and celebrate notes
success;
10. Monitoring and reporting sustainable performance.

Three reasons to undertake CSR

Compulsory


Expected


Want to

Three categories of business risks

Strategic/operational -


Market risk external factors such as customers,
suppliers, industry developments.


Operational/ organisational risk lack of management knowledge,
conflicting strategies, divisional
objectives conflict with overall entity
objectives, inadequate systems, poor
controls.


Financial risk going concern issues, insufficient
funds to support a strategy, structuring
financing ineffectively.



Reliable financial reporting - changes in the financial reporting
framework, weaknesses in the control
framework resulting in errors in
reports, complex or new transactions
requiring judgement in reporting.



Compliance risk -


Social and environmental risk
lack of awareness of new
environmentally friendly products, loss
of competitive advantage, negative
impact on reputation of organisations.


Legal and regulatory risk
changes in regulations, complex
regulatory environment, insufficient
internal processes.

4 sources of risk

Conflicting objectives (e.g. sales vs revenue)


Strategies preventing objective (e.g. new market entry causing losses)


External forces (e.g. competitors)


Internal forces (e.g. loss of staff, poor management)

Risk management process

A documented process for the regular review of risks within the
organisation;
This documented approach is followed by each department within the
organisation;
All areas of the business and employee backgrounds are involved in the
assessment of risks and the related controls;
There is a standard method of documenting the risks identified and
communicating these to a central risk manager within the organisation;
Risk review and reporting occurs on a regular basis which is defined in the
procedures that are documented;
Appropriate control activities are defined using a range of risk responses;
and
Weaknesses are identified and documented and actions followed up.
Managing risk:
improves awareness of the risks faced by the business and the consequences
of risky activities;
reduces the likelihood of risky events occurring; and/ or
minimises the impact if risky events do occur.

4 risk control strategies

Avoidance (e.g. not using cash)


Acceptance


Transfer (e.g. insurance)


Reduction (e.g. controls)

COSO objectives (top of cube)

Operations objectives – effectiveness and efficiency
Reporting objectives – internal and external reliability, timeliness and
transparency of financial and non-financial reporting
Compliance objectives – adherence to applicable laws and regulations.

COSO internal control components (front of cube)

Control environment


Risk assessment


Control activities


Information & communication


Monitoring activities

COSO entity units (side of cube)

Entity level


Division


Operating unit


Function

Control environment comprises

the integrity and ethical values of the organisation;
the parameters enabling the board of directors to carry out its governance
oversight responsibilities;
the organisation structure and assignment of authority and responsibility;
the process for attracting, developing, and retaining competent individuals;
and
the rigor around performance measures, incentives, and rewards to drive
accountability for performance.

Risk assessment comprises

A precondition to risk assessment is the establishment of objectives, linked at
different levels of the entity. Management specifies objectives within categories
relating to operations, reporting, and compliance with sufficient clarity to be able
to identify and analyse risks to those objectives. Management also considers the
suitability of the objectives for the entity.
Risk assessment also requires management to consider the impact of possible
changes in the external environments and within its own business model that may
render internal control ineffective.

Control activities are

Control activities are the actions established through policies and procedures that
help ensure that management’s directives to mitigate risks to the achievement of
objectives are a carried out.

Information and communication

Information is necessary for the entity to carry out internal control responsibilities
to support the achievement of its objectives. Management obtains or generates
and uses relevant and quality information from both internal and external sources
to support the functioning of other components of internal control.
Communication is the continual, iterative process of providing, sharing, and
obtaining necessary information.

Monitoring activities are

Ongoing evaluations, separate evaluations, or some combination of the two are
used to ascertain whether each of the five components of internal control is
present and functioning. Ongoing evaluations, built into business processes at
different levels of the entity, provide timely information.
Separate evaluations, conducted periodically, will vary in scope and frequency
depending on assessment of risks, effectiveness of ongoing evaluations, and other
management considerations.

Methods of identifying risks

clean slate assessment by the directors;
the results of monitoring performance and controls;
management discussions;
external reports and reviews (eg external auditor, consultants); and
monitoring of competitors.

Risk assessment factors

the nature and extent of the risk facing the company;
the extent and categories of risk which it regards as acceptable for the
company to bear;
the likelihood of the risk concerned materialising;
the company’s ability to reduce the incidence and impact on the business
of risks that do materialise; and
the costs of operating particular controls relative to the benefit thereby
obtained in managing the related risks.