What does good governance look like?


Author: Lis Boyce

Service: Corporate Governance

The ASX Corporate Governance Council recently released an overview of listed companies’ responses to the Fourth Edition Corporate Governance Principles and Recommendations[1].  The review, conducted by KPMG[2], highlights “good governance” and “good reporting” examples and identifies areas where companies are struggling.

The review considered a large sample of reports from calendar year 2021, and focussed on recommendations which were new, or materially amended since the Third Edition.

This article highlights key elements of the report and suggests actions arising.

Principle 1:  Lay solid foundations for management and oversight – Recommendation 1.2 (appropriate checks on directors and senior executives)

The Review noted that most entities performed some of the 5 recommended checks (work experience, education, criminal record, character reference, bankruptcy history) but that it was less common to perform all checks.

Our recommendations for boards:

When planning to recruit new directors or senior executives:

  • plan ahead to undertake these checks so that they are not ignored for the sake of “locking in” a promising candidate; and
  • be transparent about their checking process: this manages candidates’ expectations and also the expectations of shareholders who put forward a potential director for consideration by the board.

Principle 3:  Instil a culture of acting lawfully, ethically and responsibly – statement of values, code of conduct, whistleblower policy, anti-bribery and corruption policy

Principle 3 was possibly the most extensively altered in the Fourth Edition.  After the Hayne Royal Commission’s extensive focus on how poor culture undermines compliance, there is a far greater emphasis on the interaction between governance practices and organisational values.

The review noted the importance of not only naming the Company’s values, but:

  • explaining how they align to lawful and ethical behaviour; and
  • considering how those values support the company in achieving its objectives.

The Principles have recommended a Code of Conduct for some time.  Recommendation 3.2(b) recommends that a listed entity “ensure that the board or committee of the board is informed of any material breaches of that code”.  It can be tempting to simply include in the Code that “breaches must be reported” to the Board or a named Committee.  However, the Board or Committee ought to:

  • satisfy itself that, if there are breaches of the Code, they are being reported (for example, through whistleblower channels); and
  • consider how to independently validating this, for example, by anonymous surveys of staff to identify whether they have identified and reported matters of ethical concern, and what happened as a result.

Recommending a whistleblower policy was new in the 4th Edition, roughly coinciding with amendments to the Corporations Act mandating whistleblower policies for all public companies.  The review identified good practice examples as:

  • linking the whistleblower policy to the statement of values,
  • giving specific examples of the kinds of matters that might be reported under the policy; and
  • ensuring that employees were trained in the operation of the policy.

As for Codes of Conduct, recommendation 3.3(b) states that listed entity should ensure that the board or committee of the board is informed of any material incident reported under the whistleblower policy.

Recommendation 3.4 also introduced the concept of an anti-bribery and corruption policy for the first time.  Good practice reporting included identifying specific bribery and corruption relevant to the particular entity (for example, by virtue of the countries in which it operated or the particular sectors or kinds of transactions in which they typically engage).

Our recommendations for Boards:

  • Consider whether your current statement of values are truly distinctive and whether they encourage behaviours that will support the company’s strategic and sustainable growth;
  • Satisfy yourselves that breaches of Codes are actually being reported;
  • Satisfy yourselves that you are receiving reports of material incidents communicated through whistle blower channels;
  • Ensure that your employees understand the kinds of ethical and compliance issues that are most likely to arise in your company’s context
  • Ensure that employees receive practical training on ethical behaviour and how to report breaches.

Principle 4:  Safeguard the integrity of corporate reports

New recommendation 4.3 is that a listed entity disclose the process to verify the integrity of periodic corporate reports which are not audited or reviewed by the external auditor.  The report gives a number of examples of informative descriptions of these processes, including:

  • aspects of reports being prepared by or under the supervision of relevant subject matter experts, distinguishing between, for example, financial and non-financial narratives;
  • processes for ensuring that material statements are reviewed for accuracy and that if the author did not have first-hand knowledge of the matter in question, there was supporting evidence;
  • the process of preparing drafts, final management review by the CEO and CFO and being reviewed by the appropriate board committee and finally the board itself.
Our recommendation for audit committees/Boards:

  • Review this section of the report, which contains a number of useful examples;
  • consider whether the process for reviewing non-audited reports could be improved so that the risk of inaccurate reports is reduced and a higher quality report is made available to investors

Principle 5:  Make timely and balanced disclosure

Principle 5 deals with how companies meet continuous disclosure obligations.  There are new recommendations that:

  • the entity ensure that the full board receives copies of all material market announcements promptly after they have been made; and
  • any new and substantive investor or analyst presentation is released on the ASX market announcements platform ahead of the presentation (in reality, this was already common practice).

The review of governance reporting in this area highlights as “leading practice examples” those companies that ensure that the whole board reviews material market announcements before release so that the board has an opportunity to critique the announcement.  This needs to be weighed against the imperative that material matters are disclosed to the market promptly ( the need for a board sign-off is not an excuse for slow disclosure).

Our recommendations:

  • Ensure your continuous disclosure policy designates who will take the lead in preparing announcements and seeking sign off from the full board or nominated board members as appropriate;
  • streamline your process by working on draft announcements in parallel with negotiating transactions, or preparing outline announcements ahead of milestones such as release of clinical trial results

Principle 7:  Recognise and manage risk

Recommendation 7.2, which has for some time recommended that the board or a board committee review the entity’s risk management framework at least annually, has been extended to recommend that the annual review consider whether the entity is operating with due regard to the risk appetite set by the board.

Examples of good risk disclosure:

  • describe the process and steps undertaken for reviewing the entity’s risk framework;
  • explain how matters of risk appetite are linked to delegations of authority

  • Consider whether your Board has considered its risk appetite and clearly communicated it to the organisation, and whether the analysis or communication needs revisiting.

What should companies do?

Companies with a 30 June year end can use the reporting process to  consider whether any governance practices or policies need updating.  Although entities typically say that they will review their policies annually, this does not always happen.

Boards should consider the effectiveness of their processes for monitoring compliance and risk management.  Companies can also set themselves up for more effective governance reviews by allocating different themes (e.g risk management, diversity, shareholder engagement) across the board and committee calendars for the year ahead.

If you have any questions about the report or about your own governance policies and practices, please reach out to the author of this article or to the corporate partner at Piper Alderman with whom you normally deal.