As the Carillion, Patisserie Valerie and Thomas Cook accounting scandals continue to prompt questions about standards in UK corporate reporting and auditing, the government is putting boards under pressure to ensure that the information they give auditors is correct and complete.
The process started in earnest in March 2021, when the Department for Business, Energy and Industrial Strategy (BEIS) published a white paper entitled Restoring Trust in Audit and Corporate Governance: consultation on the government’s proposals.
The document suggested making individual directors, rather than boards as a whole, personally responsible for the accuracy of their companies’ financial statements as they sign off on internal controls and risk management. The model it proposed was similar to that adopted in the US under the Sarbanes-Oxley Act 2002 – which was a response to one of the nation’s most notorious failures of corporate governance, the Enron scandal.
But business leaders soon raised their concerns about what they considered to be a radical proposal that would increase the risks faced by everyone sitting around the boardroom table. Would board directors overseeing departments such as HR or IT, for instance, be willing and able to accept an onerous new finance-related duty that they feel is beyond their expertise?
And would non-executive directors (NEDs) be prepared to take on the extra burden? The independent scrutiny that these experienced business leaders can offer boards has long been viewed as crucial in ensuring sound corporate governance and reporting. But 78% of NEDs polled in a survey published by EY in August 2021 reported that their jobs had become increasingly complex and time-consuming in recent years.
Given that groups such as the Institute of Directors (IoD) oppose the BEIS’s suggested divergence from the principle of collective board responsibility, it’s widely expected that its proposal that individual directors, whatever their role, should be required to sign off on a firm’s internal financial reporting controls will be watered down, if not dropped entirely.
Weng Yee Ng is a partner at Forensic Risk Alliance, a consultancy that specialises in helping clients to handle cross-border investigations, litigation and compliance requirements. She suggests that there’s “a balance to be struck. Implementing heavy and overly burdensome legal requirements to catch a small proportion of misbehaving directors may end up deterring and, to a degree, penalising good and talented directors. Experience tells us that there’ll probably never be a perfect equilibrium.”
CEOs should consider improving the quality of independent oversight, Ng advises. This should help to instil confidence and prevent under-resourced finance teams from becoming overloaded with legal burdens further down the road.
The BEIS has also proposed extending the definition of ‘public-interest entities’ to cover large private companies as well as publicly listed companies and financial institutions such as banks. If this recommendation were to be implemented, the CEOs of private companies could find themselves taking on extra financial reporting responsibilities.
Despite its concerns about some of the white paper’s recommendations and the timing of the possible changes, given that the UK is still grappling with the Covid crisis, the IoD is “broadly supportive of the direction of reform proposed by the government”, stresses Dr Roger Barker, the institute’s director of policy and governance.
“It’s entirely appropriate for directors to be held accountable for issues such as the robustness of internal controls and corporate reporting,” he says. “But this is already the case. The primary change advanced by the reforms concerns the enhanced enforcement of these responsibilities by a new regulator, the Audit, Reporting and Governance Authority. Such a change would necessitate a substantial outlay by companies to provide the necessary assurance. We question whether now is an appropriate juncture at which to impose such a regulatory burden.”
It’s likely that the planned Audit, Reporting and Governance Authority will have greater powers than the Financial Reporting Council – the accounting watchdog it’s expected to replace next year – along with new statutory objectives. This would send a clear signal from the government about its intentions concerning directors’ reporting responsibilities.
“Whether it’s imposed by regulation or just corporate culture, there will be a greater need for CEOs to ensure the integrity of internal controls,” predicts David Davies, a partner in the corporate and commercial team at law firm Kingsley Napley. “This will add to the pressure on them. They’ll not only have to run their businesses; they’ll also have to demonstrate the robustness of its governance and internal controls regarding the finances.”
Davies adds that CEOs are likely to have to accept a new type of burden: accountability for the effectiveness of their company’s corporate governance. This should include requiring other board members to take responsibility for providing proper checks and balances with respect to financial reporting.
“Previously, if one board director were a little weak on finance, that person would feel protected because of the collective responsibility of the board,” he explains. “Now, though, it looks more likely that the CEO will want to ensure that every member of the board has the appropriate degree of financial literacy.”
Barker envisages that “CEOs will need to review their frameworks of internal control, corporate reporting and external audit. They may need to add to their internal resources in these areas and consider whether further external assurance will also be required.”
CEOs would be well advised to start preparing for the most likely changes now. This would help them to avoid expending so much effort on meeting the heightened financial reporting demands of the forthcoming Audit, Reporting and Governance Authority that they’d be distracted from more pressing business issues.