P1 - GOVERNANCE, RISK AND ETHICS

Frances Aggrey AGGREY LIMITED London, UK

CONTENTS
Page CHAPTER 1 CHAPTER 2 CHAPTER 3 CHAPTER 4 CHAPTER 5 CHAPTER 6 CHAPTER 7 CHAPTER 8 CHAPTER 9 CHAPTER 10 CHAPTER 11 CHAPTER 12 CHAPTER 13 CHAPTER 14 CHAPTER 15 Theory of governance Development of corporate governance The Board of Directors Directors remuneration Relations with shareholders and disclosure Corporate governance approaches Corporate social responsibility & corporate governance Internal control systems Audit and compliance Risk and the risk management process Controlling risk Ethical theories Professional and corporate ethics Ethical decision making Social and environmental issues 24 46 6 12 13 14 15 16 16 19 19 23 24 29 30 34 34 40 40 44 44 46 47 51 52 52 53 - 56

CHAPTER 1: THEORY OF GOVERNANCE

DEFINITION OF GOVERNANCE: system by which companies are directed and controlled in the best interest of shareholders and stakeholders. WHY WE NEED GOVERNANCE 1. AGENCY THEORY: occurs when one party (principal) appoints another party (agent) to perform a task on their behalf.

KEY CONCEPTS OF AGENCY THEORY An agent is employed by a principal to carry out a task on their behalf Agency refers to the relationship between a principal and their agent Agency costs are incurred by principals in monitoring agency behaviour because of a lack of trust in the good faiths of agents. By accepting to undertake a task on their behalf, an agent becomes accountable to the principal by whom they are employed. The agent is accountable to that principal Directors (agents) have a fiduciary responsibility to the shareholders (principal) of their organisation (operating in the best interests of the shareholders) Stakeholders are any person or group that can affect or be affected by the policies or activities of an organisation Agent objectives (such as a desire for high salary, large bonus and status for a director) will differ from the principals objectives (wealth maximisation for shareholders). Agency theory can help to explain the actions of the various interest groups in the corporate governance debate. COMPANIES OWNED AND MANAGED BY SAME PEOPLE EXPANSION REQUIRED INVESTORS (SHAREHOLDERS LIMITED LIABILITY) DELEGATED RUNNING OF COMPANY TO MANAGERS (AGENTS) SEPARATION OF GOALS AGENCY PROBLEMS. PROBLEMS! Different objectives between: Shareholders Return Dividends (high share price) and Directors ego/power money

LEADS TO 1. AGENCY COST: arises largely from principals monitoring activities of agents, and may be viewed in monetary terms, resources consumed or time taken in monitoring. Agency costs exist due to the trust placed by shareholders on directors to operate in their best interests. These costs will rise when a lack of trust exists, although misplaced trust in a relationship will have hidden costs that may lead to poor management and even corporate failure. Costs are borne by the principal, but may be indirectly incurred as the agent spends time and resources on certain activities. Examples include: Cost of monitoring the executive directors Recruiting NEDs Audits AGMs Incentive schemes and remuneration packages for directors Cost of meetings with financial analysts

2. RESIDUAL LOSS: an additional type of agency cost which relates to directors furnishing themselves with expensive cars, and planes, nice lunches, severance pay etc. these costs are above and beyond the remuneration package for the director, and are a direct loss to shareholders. Ensuring incentives MEASURES TO RESOLVE AGENCY PROBLEMS include: Meetings between the directors and key institutional investors Proposing resolutions for vote by shareholders at AGMs Voting rights at the AGM in support of, or against, resolutions Accepting takeovers Divestment of shares is the ultimate threat.

NEED FOR COPPORATE GOVERNANCE If the market mechanism and shareholder activities are not enough to monitor the company then some form of regulation is needed. There are a number of codes of conduct and recommendations issued by governments and stock exchanges. Although compliance is voluntary, the fear of damage to reputation arising from governance weaknesses and the threat of delisting from stock exchanges renders it difficult not to comply. Examples of codes of conduct include: The UK Corporate Governance Code (2010) for Corporate Governance adopted by the Financial Services Authority (FSA) in the UK OECD code on ethics ACCA codes Specific regulation regarding director remuneration and city code on takeovers. STAKEHOLDER THEORY: very similar to agency theory BUT considers fiduciary relationship between directors and all stakeholders. The basis of stakeholder theory is that companies are so large and their impact on society so pervasive that they could discharge accountability to many more sectors of society than solely their shareholders. Agency theory is a narrow form of stakeholder theory. Exam focus: link to Chapter 7. TRANSACTION COST THEORY: *** Never been examined Corporate governance is required due to problems that exist in all business relationships/transactions. Transaction costs will occur when dealing with another external party: E.g. Directors & Shareholders Managers & Employees Employees & Supplier Alison (employee of Kaplan) finds a new text book supplier for Kaplan 2 problems!!! BOUNDED RATIONALITY Decision maker lacks the skills needed for that decision, Hence ends up with a poor decision which may not be In the best interest of shareholders. E.g. Alison cant negotiate. OPPORTUNISM Decision maker acts in their own interest and not that of the companys. E.g. Alison takes a bribe.

KEY CONCEPTS OF CORPORATE GOVERNANCE Ingredients of a fiduciary relationship: JAR OF PIRI J Judgement Ability to weigh numerous issues and reach meaningful conclusions. Ability to weigh numerous issues and give each due consideration. A Accountability Accounting for your position having accepted your responsibility. Be clear in communication with internal and external stakeholders. Develop and maintain risk management and control systems. R Responsibility Clear defined roles. Willingness to accept liability for the outcome of governance decisions. O Openness having a transparent relationship. Reveal information not to conceal it. Do not withhold relevant information unless necessary. F Fairness treat all stakeholders equal. An ability to reach an equitable judgement in a given ethical situation. P Probity be honest and straightforward. Honesty in financial reporting. Perception of honesty of the finance from internal and external stakeholders. I Integrity follows rules (strict moral or ethical code). The highest standards of professionalism and probity. A prerequisite within agency relationships. R Reputation develop and sustain personal and companys reputation. Develop and sustain the moral stance of the accounting profession. I Independence behave without bias and no conflicts of interest. Independence from personal influence of senior mgt for NEDs. Independence of the board from operational involvement. Independence of directorships from overt personal motivation since the organisation should be run for the benefit of its owners.

CHAPTER 2: DEVELOPMENT OF CORPORATE GOVERNANCE

INFLUENCES ON CORPORATE GOVERNANCE: Governance theory concludes that there are two major factors affecting organisational operation 1. Agency Theory leads to shareholder pressure and shareholder activism 2. Stakeholder theory leads to stakeholder lobbying and concerns over social responsibility. In addition: Company law provides a framework within which operations occur Audit and auditors impact on governance Codes of governance are developed by government, operate as a prerequisite to membership of stock exchanges, maybe grounded in legislation, and guide individual professional bodies. HISTORY OF CORPORATE GOVERNANCE CODES: Development of codes of governance is closely associated with the UK, i.e. UK led. 1992: Cadbury report Board power: Chairman/CEO should be split, and Chairman independence necessary Accountability: Good communication and disclosure Shareholder relations: Need for greater dialogue 1995: Greenbury report Directors remuneration: balance between salary and performance 1998: Hampel report: Combined both reports into The Combined Code 4

1999: Turnbull report: Extra guidance on internal controls. Need for directors to review internal controls and report on them. 2003: 1. 2. 3. Higgs report: (post Enron) NEDS: Specific guidelines regarding NEDs and their role. Tyson report: Recruiting NEDs: Additional guidance Smith report: Audit Committee: relationship between auditors and the company and the role of the audit committee

2009: Combined Code #2 2010: Sir David Walker & the FRC (2010): Complete review of Corporate Governance following the financial crises 2008 - 2009 renamed UK Corporate Governance Code THE MAIN PRINCIPLES OF THE CODE are divided into five areas: Section A: Leadership Chpt 3: Every company should be headed by an effective board which is collectively responsible for the long-term success of the company The chairman is responsible for the leadership of the board and ensuring its effectiveness No one individual should unfettered powers of decision, there should be a clear division of responsibilities As part of their role as members of a unitary board, NEDs should constructively challenge and help develop proposals on strategy Section B: Effectiveness Chpt 3 The board and its committees should have the appropriate balance of skills, experience, independence and knowledge of the company to enable them discharge their respective duties and responsibilities effectively There should be a formal, rigorous and transparent procedure for the appointment of new directors to the board All directors should receive induction on joining the board and should regularly update and refresh their skills and knowledge All directors should be able to allocate sufficient time on the company to discharge their responsibilities The board should undertake a formal and rigorous annual evaluation of its own performance and that of its committees and individual directors All directors should be submitted for re-election at regular intervals, subject to continued satisfactory performance. Section C: Accountability & Controls Chpt 8 11 The board is responsible for determining the nature and extent of significant risks it is willing to take in achieving its strategic objectives. The board should maintain a sound risk mgt and internal controls systems. The board should establish formal and transparent arrangements for considering how they should apply the corporate reporting and risk mgt and internal control principles and for maintaining an appropriate relationship with the companys auditor. Section D: Remuneration - Chpt 4 Levels of remuneration should be sufficient to attract, retain and motivate directors of the quality required to run the company successfully, but a company should avoid paying more than is necessary for this purpose. A significant proportion of executive directors remuneration should be structured so as to link rewards to corporate and individual performance.

 There should be a formal and transparent procedure for developing policy on executive remuneration and for fixing the remuneration packages of individual directors. No director should be involved in deciding his or her own remuneration. Section E: Shareholder relationships Chpt 5 There should be a dialogue with shareholders based on the mutual understanding of objectives. The board as a whole has responsibility for ensuring that a satisfactory dialogue with shareholders takes place. The board should use the AGM to communicate with investors and to encourage their participation. REASONS FOR DEVELOPING A CODE: It reduces instances of fraud and corruption improving shareholder perception and market confidence Poor governance equates poor performance Global investors were willing to pay a significant premium for companies that are well governed The existence of good governance is a decision factor for institutional investors Even if it does not add value, it reduces risk and huge potential losses to shareholders

PRACTICAL PROBLEMS WITH A GOVERNANCE CODE: It cannot stop fraud. The process is reactionary rather than proactive, responding to major failures in governance rather than setting the agenda The impact varies depending on the nature of the company and the global viewpoint Directors complain that it restricts or even dilutes individual decision-making power It adds red tape and bureaucracy in the use of committees and disclosure requirements Adherence to governance requirements harms competitiveness and does not add value

CHAPTER 3: THE BOARD OF DIRECTORS

ROLES AND RESPONSIBILITIES The Board are collectively responsible for: L E A D E R S H I P S

L Leading the company. Provide entrepreneurial leadership of the company E Ensure the company has sufficient resources (financial and human) to meet its objectives A Appoint new directors as needed (delegated to the Nomination Committee) D Decide the company strategy, i.e. the companys mission and purpose, values and standards. E Evaluate the companys performance and report it annually to shareholders R Re-election process (every 3 years, in the UK, directors retire and can only return if re-elected). Every 1 year if it is a listed company S Schedule of matters reserved for board decisions H Hold regular board meetings (1 2 months) to discharge its duties effectively I Internal controls evaluation. Establish appropriate Internal Controls that enable risk to be assessed and managed. P Public accountability. Represent company view and account to the public. (Cartoon Southpark + BP). S Succession planning (planning future roles)

CHAIRMAN/CEO It is vital for good corporate governance to separate the roles of the CEO and chairman. The importance of the appointments of CEO and chairman are further underlined by the fact that the CEO frequently has most say over the appointment of executive directors to the board, while the chairman will frequently have a great deal of influence over the appointments of NEDs. REASONS FOR SPLITTING THE ROLE To reduce the power at the top of the company Both are demanding roles, it would be good to split the work load Need an independent person to challenge the CEO, and that person is the Chairman. ROLES: Chairman: Runs the board C H A I R M E N

C Companys lead representative in public, explaining aims, policies to the shareholders. H Hold the CEO accountable on behalf of the shareholders A AGM chairman. Chair the AGM and other shareholder meetings, using these to provide effective dialogue with shareholders. Ensure that the views of shareholders are communicated to the board as a whole I Introduce new directors to the shareholders at the AGM R Runs board meetings (attendance, participation). Set the boards agenda and plan board meetings. Ensure the board receives appropriate, accurate, timely and clear information. M Manage induction, trainings and appraisals of directors E Ensure the company implements its strategies effectively as set by the board. N Nomination Committee Head. Hold meetings with the NEDs, without the executive directors present.

CEO: runs the company i.e. operations M R M R

M Manage companys assets (financial and physical assets) R Responsible for companys performance, as determined by the boards strategy M Monitor budgets. Closely monitor operations and financial results in accordance with plans and budgets R Reports to board of directs and/or the chairman. He is the interface between board and employees.

BOARD STRUCTURES

UNITARY BOARD CHAAIRMAN

TWO-TIER BOARD MANAGEMENT BOARD (LT) SUPERVISORY BOARD (UT) CHAIRMAN

CEO

CEO

Dir

dir

dir

dir

Executives - runs operations

*Non-executives members - approve the decisions * NOT INDEPENDENT = Stakeholders e.g. Banks

Mix of executives and NEDs

ADVANTAGES Quicker decision-making ***Independent NEDs, hence increase in shareholder confidence Increase in expertise from NEDs Cheaper to run one board Reduction in fraud, malpractice since there is a wider involvement in the actual management of the company DISADVANTAGES Less consideration for decisions made Roles are not clearly defined No benefit of stakeholder expertise Narrow stakeholder involvement

ADVANTAGES More considered decisions (approval is needed) Clearly defined roles (between those that manage the company and those that own it or must control it for the benefit of the shareholders) Benefit of the stakeholder expertise Direct power over management through the right to appoint members of the Mgt board DISADVANTAGES Slower decision-making. Added bureaucracy NEDs are not independent hence, decrease in shareholder confidence Expensive to run two tier board Slower communication It relies on a strong relationship with the CEO and the Chairman Supervisory board are isolated from participating in Management meetings

NEDs Are members of the board of directors of a company who do not form part of the executive management team. They are not full-time employees of the company or affiliated to it in any other way Must be independent Must represent at least half of the board (excluding the Chair) One is going to be called a Senior Independent Director (SID) who is directly available to shareholders if they have concerns which cannot or should not be dealt with through the appropriate channels of chairman, CEO or finance director.

INDEPENDENCE Requires a certain detachment from the company Should be independent in judgement and have an enquiring mind

Familiarity Threat: (bias) There can be no family connections on the board 8

Shouldnt have been an employee or an executive of the company. (there are time limits (5 years) that vary from one country to the other) The NEDs need regular independence review done by the Chairman Cross directorship in other companies (this is where two or more directors work together on a board of more than one company) Material business relationship with the company in last 3 years Should not serve on board for more than 9 years

Self-Interest Threat: (money) ROLES Challenge the executive and represent shareholders They only receive basic salary only No shares must be owned by them

PEOPLE ROLE: Appointments of new directors Succession planning Sort out remuneration Nomination Committee - Remuneration committee

RISK ROLE: Evaluate controls - Audit committee Develop risk management policies - Risk committee

SCRUTINISING ROLE: Analyse the companys performance Challenge the executive directors and hold them accountable for decisions taken and results obtained

STRATEGY ROLE: Give advice on developing strategy Offer experience or advice on direction DISADVANTAGES High costs (agency cost) Lack of operational knowledge Risk of confidentiality breach Good NEDs are hard to find Lack of trust and needless input can affect board operations

ADVANTAGES Increase in independence Increase in shareholder confidence: institutional and watchdog perception is enhanced because of their presence Less fraud and error as NEDs know they are being watched Increase expertise on the board Experience from other industries Compliance with the UK Code Improved communication between shareholders interests and the company.

BOARD OPERATIONS HOW THE BOARD OPERATES Appointments By shareholders at AGM Candidate is found by Nomination Committee Regular re-election at AGM at least every three years (Every director in a listed company should be put forward for re-election every year) This is a legally binding document covering the terms of service (employment) of a director. New contract annually or updated annually It should include the following: Appointment commencement date Notice required by either party to terminate the agreement Date of automatic termination (normal retirement date) Duties of the director Remuneration details Constraints Other ordinary employment terms Evidence that the contract has been approved by the board It is the process to integrate a director into the company as efficiently as possible. The Company Secretary is generally responsible for directors induction. *** The Chairman oversees the induction process. CONTENTS Information on company (products, services etc) Meet key stakeholders and team Information on policies (fire, health & safety) Site visits Financial information (financial statements) Job description

Contract

Induction

Duties

Continuous Professional Development (CPD)

OBJECTIVES OF INDUCTION - To communicate vision and culture - To communicate practical procedural duties - To reduce the time taken for an individual to become productive in their duties - To assimilate an individual as a welcome member of the board - To endure retention of individuals for future periods - Duty of good faith (with shareholders) - Breach of duty *** Conflict of interest *** Insider dealing (Exam tip) - All directors must comply - Its about updating skills and knowledge of the directors - ***The Chairman oversees this. The chairman should lead in identifying the development needs of individual directors, with the company secretary playing a key role in facilitating provision. - NEDs should be prepared to devote time to keeping their skills up to date OBJECTIVES OF CPD - To support directors in their personal development - To communicate challenges and changes within the business environment effectively to directors - To ensure directors have sufficient skills and ability to be effective in their role - To improve board effectiveness and through this, corporate profitability - At least once a year, the Chairman oversees the appraisal of Each director whole board Each committee ***No self-review - SID overseas chairmans appraisal 10

Performance Evaluation

REMOVAL (LEAVING)

***Current advice is to use external firm of consultants CONTENTS - Consider ability (skills) - Contribution to the role (strategy, risk management) - Contribution to other work (committees work) - Assess independence and commitment to the public interest - Consider composition of the board and its committee (right mix of knowledge and skills to maximise performance in the light of future strategy) - Consider effectiveness of relationships inside and outside the board - Effectiveness of the use of AGM and the annual report - Timeliness of response to problems or crises that have emerged or could these have been foreseen. REMOVAL DISQUALIFICATION (BANNED) No re-election Insider dealing Resign Fraud Death in service No preparation of FS and tax returns Personal bankruptcy Trading when insolvent (wrongful Failure of the company trading/fraudulent trading) By statute Not keeping proper accounting Absence for 6 months, without records permission of the directors, from meetings Failing to pay tax of directors held during that period and the Taking actions that are deemed to be directors have resolve that the office be unfit in the mgt of a company vacated. Being guilty of three or more An agreed departure defaults in complying with companies legislation regarding filing documents with Companies House during the preceding five years The courts handle disqualification proceedings and if the courts find against the director, he/she could be disqualified for between 2 and 15 years. While disqualified, a director cannot: - Be a director of any company - Act like a director, even if there is no formal appointment - Influence the running of a company through the directors - Be involved in the formation of a new company Ignoring a disqualification order is a criminal offence and a director could be fined and sent to prison for up to 2 years.

CONFLIC OF INTEREST The fiduciary duty of directors is to act in the best interest of shareholders. A conflict of interest is a breach of this duty. Areas of conflict of interest includes: Directors contracting with their own company: in general, directors cannot contract with their own company. However, the articles allow the director to have an interest as long as he discloses this interest to the board of directors Substantial property transactions: the Companies Act in the UK for e.g. requires that any substantial asset sale above 10% of net worth to be approved by shareholders through ordinary resolution Contracts with listed companies: the Listing Rules of the LSE for e.g. stipulate that nay substantial contract between the company and an interested party must be agreed by ordinary resolution before the contract takes place Loans to directors: generally, loans to directors are prohibited. 11

Disclosure: the Companies Act 1986 states that companies are required, in the form of notes in the annual accounts, to disclose any information concerning material transactions or arrangements involving the directors. INSIDER DEALING/TRADING Insider trading is the illegal purchase or sale of shares by someone (usually a director) who possesses inside information about a companys performance and prospects which, if publicly available, might affect the share price. Inside information is information which is not available to the market or general public and is supposed to remain confidential These types of transactions in the companys own shares are considered to be fraudulent The director insider simply by accepting employment, has made a contract with the shareholders to put the shareholders interests before their own, in matters related to the company When the insider buys or sells based upon company-owned information, he is violating his contract with, and fiduciary duty to, the shareholders.

BOARD COMMITTEES Board sub-committees are a generally accepted part of board operations Usually consists of NEDs They are meant to represent shareholder view on key decisions They reduce the workload of executive directors so they can focus on their jobs Increase in shareholder confidence Communicates to stakeholders the importance of remuneration and risk Satisfy requirements of the UK Corporate Governance Code (2010) (or other governance requirements REMUNERATION COMMITTEE - NEDs only WHO OBJECTIVES Attract, retain and motivate directors Set remuneration package for new directors: this is to attract, retain and motivate the new directors - Review remuneration policy regularly: to ensure it is in line with industry (retention purposes) - Organise compensation for loss of office: of any executive director. To ensure that there is no reward for failure ***NO REWARD FOR FAILURE - Review disclosure in the annual report: ensure that provisions regarding disclosure of remuneration, including pensions are fulfilled. To ensure its reliable for shareholder - Establish pension provision policy for all board members - Recommend and monitor the level and structure of the remuneration of senior managers - Demonstrate to shareholders that the remuneration of the executive directors and key mgt is set by individuals with no personal interest in the outcome of the decisions of the committee. 12

NOMINATION COMMITTEE - Mix of executives and NEDs - CEO involved - Chairman is head of this committee - Ensure the board is effective - Find candidates for new directors: identify and nominate for the approval by the board candidates to fill board vacancies as and when they arise - Prepare job descriptions: prepare a description of role and capabilities required for any particular board appointment including that of the chairman - Succession planning: give full consideration to succession planning for directors - Review skills needed on the board: regularly evaluate the balance of skills, knowledge and experience of the board - Monitor independence of the NEDs: consider the balance between executives and NEDs on the board of directors - Review regularly the structure, size and composition of the board and make recommendations to the board

ROLES

CHAPTER 4: DIRECTORS REMUNERATION

No director should be involved in setting his own salary! = executive directors} remuneration committee = NEDs } Board + shareholders approval

REMUNERATION PACKAGE SMALL - Demotivating - may leave NEED A BALANCE TO ATTRACT, RETAIN AND MOTIVATE DIRECTORS = 4 COMPONENTS LARGE - cost to shareholders (residual loss)

BASIC SALARY - Not too excessive Consider: - Role - Skills *** - Industry (key)

PENSION -Long tern incentive

PERFORMANCE RELATED **should form a significant part motivate directors to act in best interest of the shareholders

BENEFITS - car -accommodation - health care

SHORT TERM - Profit - Dividend = BONUS linked to performance E.g. PBT, EPS, Dividend cover - Strengthens fiduciary relationship - Aligns the directors and shareholders objectives OTHER FORMS OF COMPENSATION

LONG-TERM - increase in share price = SHARE OPTIONS: This is the right to buy shares in the future at a fixed price.

GOLDEN HELLO/HANDSHAKE AND GUARANTEED BONUS: this is a one-off payment to sign a contract. (Attract). Although not common, guaranteed bonuses are sometimes used to retain CEOs in struggling organisations. The same is true for signing on (turning up) bonuses (golden hellos). LOYALTY BONUSES AND RETENTION PAYMENTS: As with guaranteed bonuses mentioned above, loyalty bonuses are also used to retain senior executives. However, they have come under criticism for the following reasons: The current preference in Western countries is for rotation of directors to ensure freshness and independence, rather than an emphasis on loyalty Corporate governance codes recommend linking bonuses with performance There have been many cases of directors leaving soon after receiving their loyalty bonus

RETIREMENT BENEFITS: All awards are ultimately given by the shareholders and should be viewed in relation to performance achieved by the director. A retirement benefit such as a lifetime use of the company plane or a sizeable pension pay-out could be awarded.

13

REMUNERATION COMMITTEE The role of the remuneration committee is to have an appropriate reward policy that attracts, retains and motivates directors to achieve long-term interests of shareholders. OBJECTIVES OF THE COMMITTEE The committee is, and is seen to be, independent with access to its own external advice or consultants It has a clear policy on remuneration that is well understood and has the support of stakeholders Performance packages produced are aligned with the long-term shareholder interests and have challenging targets Reporting is clear, concise and gives the reader of an annual report a birds-eye view of policy payments and the rationale behind them.

Remuneration is defined as payment of compensation received for services or employment and includes base salary, any bonuses and any other economic benefits that an employee or executive receives during employment. BEAHAVIOURAL IMPACT ON DIRECTORS OF REMUNERATION COMPONENTS Whatever remuneration package is determined, it is essential to ensure that the directors have a stake in doing a good job for the shareholder. Each element of a remuneration package should be designed to ensure that the director remains focused on the company and motivated to improve performance. A balance must be struck between offering a package: That is too small and hence demotivating for existing directors and leading to potential underachievement or unattractive for potential new appointees, hence a failure to recruit required calibre of individual, and That is too easily earned (i.e. too big), hence shareholders not getting value for money in terms of performance.

The company, following the work of the remuneration committee, should: Provide a package needed to attract, retain and motivate executive directors of the quality required, but avoid paying more than is necessary Judge where to position the remuneration package relative to other companies Be aware of what comparable companies are paying and should take account of relative performance Be sensitive to the wider scene, including pay and employment conditions elsewhere in the company (especially when determining annual salary increases)

NEDs REMUNERATION: To avoid the situation where the remuneration committee (consisting of only NEDs) is solely responsible for determining the remuneration of the NEDs, the UK Corporate Governance Code (2010) states that the board and shareholders should determine the NEDs remuneration within the limits set out in the companys constitution. NED remuneration consists of a basic salary no performance related element is awarded.

14

CHAPTER 5: RELATIONS WITH SHAREHOLDERS AND DISCLOSURE

SHAREHOLDER RELATIONS Should be open/transparent relationship

2 MAIN METHODS DIALOGUE = Annual General Meeting All shareholders must be invited All directors must attend Shareholders vote ( new directors, re-electing directors, Auditors, dividend) Vote by proxy if shareholders cannot attend Proxy voting is allowing another member to vote on your behalf. There must be an opportunity for question and answer session OTHER COMMUNICATION Email/Phone Letters/text Press releases Facebook/twitter Other meetings (General Meeting) DISCLOSURE = Annual report Mandatory - Financial statements - Auditors report - Directors report (remuneration) Optional/ Voluntary - CSR - Environmental - Graphs - Risk information - Operating review Benefits S A F E R S Shareholder confidence increases: enables the company to address specific shareholder concerns as they arise, hence, increasing confidence shareholders have in the company. A Agency cost reduces F Focus on all stakeholders: greater voluntary disclosure assists in discharging the multiple accountabilities of various stakeholder groups E Encourages investment: Institutional investors are attracted by increased disclosure and transparency. Greater disclosure reduces risk and with it the cost of capital to the company. More information helps investors decide whether the company matches investors risk, strategic and ethical criteria, and expectations R Reputation goes up. Gives the user assurance that the management are active and competent in terms of managing the operations of the organisation.

SHAREHOLDERS COMMUNICATION WITH THE COMPANY Guidance: Shareholders need to take a more active role in the companies they own. PROBLEMS! Some shareholders have limited control (%), so should be given limited responsibilities = SHAREHOLDER ACTIVISM - Read the whole annual report - Contact company with queries - Attend AGM every year - Use your voting rights wisely or vote by proxy if unable to attend - Ask questions at the Q & A sessions of AGM SERIOUS ISSUES: E.g. where the company has not got good controls in place Request a general meeting (formerly EGM) and present resolutions Propose own resolutions (shareholders decide what to vote on) Sell shares 15

INSTUTIONAL INVESTORS An entity that invests in other companies (managed by fund managers). They manage funds invested by individuals. = more power, so have more responsibilities. In the UK, there are four types of institutional investor: Pension funds Life assurance companies Unit trust Investment trusts

They must intervene, if there are issues with: SOS RAINS S Strategy: if the plans for the future does not look good. This might be in terms of products sold, expansion pursued or any other aspect of strategic positioning. O Operational performance ($): if the company is making a loss. This might be in terms of divisions within the corporate structure that have persistently under-performed. S Succession planning: if theres a need to employ a new CEO. This might relate to a failure to adequately balance board composition or recommendation of replacement executives without adequate consideration of the quality of the candidate. R Remuneration policy: where salaries are not in line with industry standards. This might relate to a failure of the remuneration committee to curtail extreme or self-serving executive rewards. A Acquisitions & Disposals: This might be in terms of executive decisions that have been inadequately challenged by NEDs. e.g. Frederick Goodwin of Royal Bank of Scotland I Internal control problems: Failure in health & safety; quality control, budgetary control or IT projects. N Non-compliance: where the company is breaking the law or not following the UK Code. Consistent and unexplained non-compliance in a principles-based country will be penalised by the market. In a rules-based country it would have been penalised as a matter of law. S Social responsibility: if the company refuses to donate to the charity or protect the environment. Might damage reputation of the company, which will reduce shareholder confidence.

CHAPTER 6: CORPORATE GOVERNANCE APPROACHES

Is Corporate Governance relevant?

Charity E.g. Oxfam YES Due to the agency relationship between Donors and mgt of the Charity ***Objectives - is to meet the Charitys Constitution

Public Sector YES - due to the agency relationship between between the tax payer and the politicians ***Objectives - is to meet social needs (health &education)

***Read article on: Non corporate corporate governance 16

SMALL COMPANIES Is corporate governance relevant?

YES - If there are shareholders not on the board. (There is an agency relationship) i.e. Not owner-managed. PROBLEMS Cost of complying not enough directors to perform the roles Time spent or needed too high SOLUTION Comply or explain (i.e. follow the code or explain why you havent followed the code to shareholders (disclosure)

NO - if the company is owner-managed (no Agency relationship)

APPROACHES TO CORPORATE GOVERNANCE

RULES-BASED - Legal requirements (US) - Compulsory - penalties for failure to comply - very clear instructions: theres clarity in what the coy must do - standardisation for all companies there is no choice as to Complying or explaining and this creates a standardised and Possibly fairer approach for all businesses - strong deterrent (people comply through fear): the sanction is Criminal and therefore a greater deterrent to transgression.

PRINCIPLES-BASED - Guidance (UK) - Optional (However if a listed company, must follow it) - more flexibility (good for small coys) - companies often exceed expectations - Cheaper to comply

SWAP FOR DISADVANTAGES

Arguments against the Rules-based approach exploitation of loopholes: the exacting nature of the law lends itself to the seeking of loopholes Legal costs: to enact new legislation to close loopholes Regulation overload: the volume of rules and amount of legislation may give rise to increasing costs for businesses and for the regulators. flexibility is lost- there is no choice in compliance to reflect the nature of the organisation, its size or stage of development Checklist approach this can arise as companies seek to comply with all aspects of the rules and start boxticking Box-ticking rather than compliance this does not lead to well governed organisations Limits there is no room to improve, or go beyond the minimum level set

17

SARBANES-OXLEY (SOX) Introduced in 2002 after Enron and WorldCom Applies to US listed companies and their subsidiaries and auditors working on US listed businesses. It is a rules-based approach to governance Is extremely detailed and carries the full force of the law B I T T E R C O D E

B Ban on loans to executive directors I Internal control statement T Two audit partners needed to sign audit reports T Two days notice to the rest of the board: Directors are prohibited from dealing in shares at sensitive times E Establish an independent audit committee will be disallowed from trading if it does not have one R Rotate senior audit partners every 5 years. This is compulsory C Certificate signed by the CEO & CFO on the validity (accuracy) of the FS O Other services provided by the auditors (consultancy) banned to increase independence D Disclose all off balance sheet finance (apply substance over form) E Ethical code must be followed

KEY EFFECTS OF SOX Improved communication of material issues to shareholders Improved investor and public confidence in corporate US Improved internal control and external audit of companies Greater arms length relationships between companies and audit firms Improved governance through audit committees Personal liability of directors for mismanagement and criminal punishment

NEGATIVE REACTIONS TO SEX Doubling of audit fee costs to organisations Onerous documentation and internal control costs Reduced flexibility and responsiveness of companies Reduced risk taking and competitiveness of organisations

INSIDER-DOMINATED STRUCTURES E.g. It is a company controlled by a small number of shareholders A small number of shareholders are also on the board = INSIDERS ABC Company Shareholders = 1000 SH 1 Bank 30% SH 2 Government 25% SH 3 1000 individuals 45% 55% = CONTROL

18

PROS A C E A Agency cost is reduced: the insiders are on the board, hence no monitoring needed. Also, fewer agency problems. C Cost of capital cheaper: access to insider cash is greater. E Expertise of the insiders: greater, stable expert input to managerial decisions.

CONS M A T E M Minority shareholders are poorly protected : they dont have much say A Abuse of power by insiders T Transparency is poor (annual reporting is not very good): the insiders have no need and the minority have no power E Exit is harder for an insider: (sell shares + resigns from the board)

FAMILY COMPANY/STRUCTURES Company dominated by the family (Insider Company), i.e. a family has a controlling number of shares in a company Family are on the board They often have preferential voting rights CONS M A T E + - Family may not have the right skills to manage the company effectively (Gene pool) - Any personal feuds may affect the company - Hard to remove a family member (other family members get involved). If families separate, this could be costly in terms of buying our shareholding and restructuring

PROS A C E + - Long term view: less risks because they want to pass on to the next generation - The company should be more ethical in behaviour : because they are trying to protect the family name

GUIDANCE GET THE FAMILY OUT! Remove the family from the board Set up an advisory board for the family: hence, they have no power, they only give advice Recruit externally to the main board

CHAPTER 7: CORPORATE SOCIAL RESPONSIBILITY AND CORPORATE GOVERNANCE

IS A COMPANY SOCIALLY RESPONSIBLE?

NO Companys only legal duty is to maximise profit For the shareholder MILTON FRIEDMAN He believed that CSR is theft from the shareholder He argues that governments are responsible for Social issues Companies are not people, hence should have No responsibilities. DVD: the Corporation, Fast Food Nation

YES responsible companies have an increased reputation which increases sales and profits, which is their legal duty. ENLIGHTENED SELF-INTEREST governments are weak, so companies should become active in legal terms, a company is an artificial person, so it Should have the same rights & responsibilities. - CORPORATE CITIZENSHIP 19

WHAT IS CSR?: CARROLL MODEL - CSR encompasses the economic, legal, ethical and philanthropic expectations placed on organisations by society at a given point in time.

PHILANTHROPIC

ETHICAL

LEGAL

ECONOMIC RESPONSIBILITY
ECONOMIC RESPONSIBILITY: connected with why the organisation was established. Must be achieved in order to attain the higher level responsibilities. To make a profit for shareholders on their investments Employees to be provided with safe and fairly paid jobs Customers to be able to obtain good quality products at a fair price

LEGAL RESPONSIBILITY: implies that an organisation will follow the laws of the jurisdiction in which it is based as well as any internal moral views that the organisation has set. Non-compliance means a lack of social responsibility. E.g. price fixing, my collusion (oil industries) To comply with the law (Health & Safety, Employment Law, Environmental Law, IAS, Data Protection) It is an acceptable rule book for company operation.

ETHICAL RESPONSIBILITY: relates to what is expected by society from organisations compared with what those organisations have to do from an economic or legal point of view. Therefore, it relates to doing what is seen to be right compared with doing what is simply legal. E.g. Shell disposed of an oil platform on land rather than sinking it at sea (as it legally could have done) due to concern about the environmental consequences of this action). Ethical responsibilities are therefore higher than both economic and legal responsibilities. Companies should do the right thing Do what is just and fair E.g. paying above the minimum wage Actions taken in this area provide a reaffirmation of social legitimacy

PHILANTHROPIC RESPONSIBILITY: generally concern actions desired of organisations rather than those required by organisations. For e.g. Tate & Lyle sponsoring the Tate Gallery in London. These activities are carried out more because the organisation believes it is the correct thing to do rather than because it must. The term philanthropic derives from the Greek love of society, so there is no obligation to act. Discretionary behaviour to improve other peoples lives Charitable donations and recreational facilities Sponsoring the arts and sports events 20

DEVELOPING A CSR STRATEGY IDENTIFY STAKEHOLDERS CLASSIFY STAKEHOLDERS (Exam Focus) HOW A COMPANY APPROACHES CSR - Any person or group that can affect or be affected by the activities of an organisation - Internal & external: this is the distinction between STK inside the organisation and those outside. Internal includes employees, management and possibly, trade unions. External includes customers, competitors and suppliers. - Narrow & Wide: this is the extent to which the STK group is affected by organisational activity. Narrow are those most affected or who are dependent on corporation output, such as shareholders, employees, management, customers, suppliers. Wide are those less affected or dependent on company output such as government, the wider community and non-dependent customers. - Primary & Secondary: this focuses on the opposing view in Freemans definition, that STKs affect organisations as well as being affected by organisations. Primary are those that have a direct effect on the company without whom it would be difficult to operate, such as government, shareholders and customers. Secondary are those that have a limited direct influence on the organisation and without whom the company would survive such as the community and management. - Active & Passive: this distinguishes those that seek to participate in organisational activity and those that do not. Active are those that wish to participate including management and employees, but may also include regulators, environmental pressure groups and suppliers. Passive are those that do not wish to participate including shareholders, local communities, government and customers. - Voluntary & Involuntary: this categorisation removes the element of choice associated with active and passive participation, subdividing the active group into 2 elements. Voluntary are those STKs that choose to be involved in organisational decision making such as mgt, employees environmental groups and active shareholders. These STKs can withdraw their stakeholding in the short-term. Involuntary are those that do not choose to be involved in organisational decisions, but become involved for a variety of reasons. This could include regulators, key customers, suppliers, govt, natural environment and local communities. They cannot withdraw in the short-to-medium term. - Legitimate & illegitimate (terrorist): this is the extent to which the claim of the STK is considered a valid claim. It can be a subjective classification with debate surrounding certain groups claims, and can lead to the concept of whether STKs are recognised by the organisation or not. Legitimate are those with an active economic relationship with an organisation such as customers and suppliers. Illegitimate are those without such a link, such as terrorists, where there is no case for taking their views into account when making decisions. Establish the stakeholders demands (expectations of the company) - Direct claim (stakeholder requests) - Indirect claim (Stakeholder has no voice) Use 2 criteria: - Power - Level of interest Mendelow model: assesses the importance of stakeholders using a matrix. E.g. Mac Donalds: Meat Suppliers, Kitchen workers (16 yr old), Government, Customer, CEO LOW MINIMUM EFFORT POWER Kitchen worker KEEP SATISFIED HIGH Government KEEP INFORMED Meat supplier KEY PLAYERS CEO Institutional investors INTEREST HIGH

ESTABLISH STAKEHOLDER CLAIMS ASSESS THE IMPORTANCE OF STKs (Mendelow model)

LOW

21

Power: relates to the amount of influence (r power) that the STK group can have over the organisation. However, the fact that a group has power does not necessarily mean that their power will be used. Level of interest: indicates whether the STK is actively interested in the performance of the organisation. The amount of influence the group has depends in their level of power. MINIMUM EFFORT (Low interest, low power): these STKs typically include small shareholders and the general public. They have low interest in the organisation primarily due to lack of power to change strategy. KEEP INFORMED (High interest, low power): these STKs would like to affect the strategy of the organisation but do not have the power to do this. STKs include staff, customers and suppliers, particularly where the organisation provides a significant percentage of sales or purchases for those organisations. Envtal pressure groups would also be placed in this category as they will seek to influence company strategy, normally by attempting to persuade high power groups to take action. KEEP SATISFIED (Low interest, High power): these stakeholders normally have a low interest in the organisation, but they do have the ability to affect strategy should they choose to do so. Stakeholders in this group include the national government and in some situations institutional shareholders. The latter may well be happy to let the organisation operate as it wants to, but will exercise power if they see their stake being threatened. KEY PLAYERS (High interest, high power): these STKs have a high interest in the organisation and have the ability to affect strategy. STKs include directors, major shareholders and trade unions. Social responsiveness: refers to the capacity of the corporation to respond to social pressure and the manner in which it does so. Carroll suggests four possible strategies: reaction, accommodation, proaction and defence R A P D R - Reaction: the corporation denies any responsibility for social issues A - Accommodation: the corporation accepts responsibility and does what is demanded of it by relevant groups (Do as STK demands) P - Proaction: the corporation seeks to go beyond industry norms (exceed the STKs claim) D - Defence: the corporation admits responsibility but fights it, doing the very least that seems to be required. (Do minimum required) Responses are affected by the companys view; i.e. Normative & Instrumental views ORGANISATIONAL MOTIVATIONS REGARDING STAKEHOLDERS: Donaldson and Preston draw a distinction between motivations as to why organisations act in relation to the concerns of stakeholders. STAKEHOLDER VIEWS E.G. Customer claim: supermarket to recycle bags

DECIDE HOW TO RESPOND

The supermarkets response depends on view

NORMATIVE VIEW Company responds to claims if there is a moral duty. E.g. recycle the bags to save the planet. GOOD CORPORATE CITIZENSHIP

INSTRUMENTAL VIEW - company responds to the claim only if it helps to meet objectives. (profit $) E.g. recycle to increase reputation, increase to sales, therefore increase to profit. ***The company has SELF ENLIGHTENED INTEREST 22

ASSESSING STK IMPORTANCE Customers, shareholders and employees may be the most important stakeholders but continual assessment helps to focus in on those that require immediate action. Three attributes may be assessed: 1. Power: the perceived ability of the stakeholder to affect organisational action 2. Legitimacy: whether the company perceives the stakeholder action to be legitimate 3. Urgency: whether the stakeholder claim calls for immediate action Definitive stakeholders (possessing all three) require immediate action, the others are latent stakeholders. Examiners article published in Student Accountant in February 2008, All about stakeholders part 2 IMPACT OF STAKEHOLDERS ON CORPORATE GOVERNANCE A key area of impact is in relation to the increased need for, and existence of, social accounting. There are various forms of social accounting produced for inclusion in the Business Review as part of annual reporting reports. Ethical accounting: tends to focus on internal management systems or codes of practice at an individual level and how the company audits and complies with this. Environmental accounting: tends to focus exclusively on the organisations impact on the natural environment Social accounting: has a broader remit to incorporate employee conditions, heal and safety, equal opportunities, human rights, charity work Sustainability accounting: is a grand title that incorporates the triple bottom line of the first three with possible emphasis on environmentalism.

CORPORATE CITIZENSHIP Corporate citizenship suggests an expanded viewpoint of the corporate role, moving beyond the boundaries of direct stakeholder relationships. It implies a role for corporations in the societies upon which they impact. It is linked to the concept of corporate accountability. Corporate accountability refers to whether the organisation is in some way answerable for the consequences of its actions beyond its relationship with shareholders. The demands for corporations to be more accountable and step up to the new role as valid members of society comes from two main sources: GOVERNMENT FAILRE AND CORPORATE POWER. GOVERNMENT FAILURE: one consequence of a modern society with an abundance of products and services is the failure of governments to deal with risks that accompany these rapid changes. Sometimes the risks are beyond the control of a single government Sometimes electoral impact dampens political will Sometimes they are part of the problem Sometimes it is simply too difficult to change lifestyles.

CORPORATE POWER: Corporation shapes lives in many ways: Liberalisation & deregulation of markets increase market power and restrict the ability of govts to intervene Privatisation of many previous state monopolies places greater power in the corporate hand Countries struggle with unemployment and yet the decision to locate and support societies is often not theirs but that of corporations The pressure on low-wage economies to maintain low wages (and hence low costs to attract customers) is vast Complex cross-border legal agreement is very difficult and so corporations are encouraged to self-regulate. 23

CHAPTER 8: INTERNAL CONTROL SYSTEMS

F8 RECAP: BASICS OF CONTROLS

Controls attempt to ensure that risks, those factors which stop the achievement of company objectives are minimised. Internal control systems comprises the whole network of systems established in an organisation to provide reasonable assurance that organisational objectives will be achieved. Internal management controls refer to the procedures/policies put in place to ensure the company meets its objectives The control procedures and policies provide the detailed controls implemented within the company S P I E Purpose Reliable reporting for the shareholders (accurate and complete records) to protect the shareholders investments to prevent misuse of shareholders fund to ensure compliance with the law e.g. health & safety, fire (to prevent fines which would reduce profits of the company and also to protect reputation) to maximise profit for shareholders (timely preparation of fin. information)

Objective A Accurate records S Safeguard assets (cash) P Prevent fraud & error I Internal policies followed E Efficiency -

In order to achieve these objectives, there is a need to put up controls effectively. The lack of internal controls implies that directors have not met their obligations under corporate governance. It specifically means that the risk management strategy of the company will be defective. However, controls alone are not enough to achieve this.

CASE STUDY: rogue trader Barings Bank There was a trader called Nick Leeson He accumulated 800m+ losses by gambling wrongly Bank couldnt recover and eventually collapsed.

Societe Generale There was a trader called Jerome Kerviel Accumulated 5bn losses

Both bank had controls!!! Trades authorised by managers Managers ignored it at SG At Barings Bank, Nick was the manager self-review threat Both had trading limits Managers ignored self-interest threat) because the bigger the risks taken, the bigger the returns, meaning big bonuses. Same applies to Nick Both banks had an accounts team to reconcile trades daily Nick Leeson was head of team at Barings Bank, hence no segregation of duties.

P1 emphasises that controls on its own are not enough! Companies need an EFFECTIVE control system.

24

ELEMENTS OF AN EFFECTIVE CONTROL SYSTEM COSO Framework: was formed in 1985 to sponsor the national commission on fraudulent reporting. COSO produces guidance on the implementation of internal control systems in large and small companies. It defines internal control as a process, effected by the entitys board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives, in three particular areas: 1. Effectiveness and efficiency of operations 2. Reliability of financial reporting 3. Compliance with applicable laws and regulations

***The above 3 are also benefits of an internal control system C R I M E Example Kaplan: High pass rates Regular communication from the CEO on the importance of pass rates Tutors are rubbish Materials are poor Environment not conducive for learning Competitors are strong Regular reviews of tutor feedbacks Examiner reviews materials produced by Kaplan Tutor issues are reported to Head of Tutors Materials (i.e. books) issues are reported to the Head of Publishing Internal audit do spot checks on tutors

Component of the system E Environment: commitment from the board to set up and maintain good controls (good Attitude, Awareness & Action). The overall tone or approach to internal control set by management R RISK ASSESSMENT: Identify , assess and manage the risks that threaten the companys objectives (25% of syllabus) C Control activities: procedures to ensure instructions are followed I Information & Communication: gather regular information & communicate it to the right people M Monitoring: need independent review of controls system for effectiveness Audit Committee: However, they lack the operational knowledge hence they need the Internal Audit function

GOVERNANCE REQUIREMENTS

UK TURNBULL REPORT Directors need to

Implement a SOUND system of control - To be sound, they are recommending the COSO framework CRIME - They also introduced 3 extra criteria 1. Embed the system into the company (make it part of the Companys culture and systems) i.e. values & beliefs (CONTROL ENVIRONMENT) 2. Respond to evolving risk (I.e. if risks changes, the systems Of controls need to change) ***Risks are dynamic (RISK ASSESSMENT) 3. Clear reporting lines for issues (INFORMATION & COMMUNICATION)

Review it regularly - Minimum of once per year - Delegate to Audit Committee

Report to shareholders

25

***LIMITATIONS OF CONTROLS Human error: all internal control systems are at risk from mistakes or errors. Fraudulent collusion (segregation of duties): internal control systems can be by-passed by collusion & events Abuse of authority Management ignore controls Obsolete controls are not effective Costs vs benefits A good internal control system cannot turn a poor manager into a good one.

It is good corporate governance to establish the system, risks within the company will be minimised, but those risks can never be entirely eliminated.

US SARBANES-OXLEY B I T T E R C O D E

*Overdue for exams *** INTERNAL CONTROL STATEMENT: Usually 2 page report. - Directors must disclose the following in the annual report: F E A R F Framework followed E Evaluation of controls ***A Auditors report on controls R Responsibility of the board for controls

ROLES IN RISK MANAGEMENT AND INTERNAL CONTROL All employees have some responsibility for monitoring and maintain internal controls. It is not solely the responsibility of executive managements Roles in monitoring range from the CEO setting the tone for internal control compliance, to the external auditor, reporting on the effectiveness of the system.

The Turnbull Report provides the responsibilities of directors in relation to internal control systems in the mnemonic, CRIME. And states that management should: Implement board policies Identify and evaluate the risks faced by the company

The Turnbull report also suggests that internal audit makes a significant and valuable contribution to a company. It also stated that with regards to the review of the effectiveness of internal control: The review of internal control is a normal responsibility of the management The review itself, however, will be delegated to the audit committee (the board do not have the time or the expertise to carry out the review themselves) The board must provide information on the internal control system and review in the annual accounts The review should be carried out at least annually.

26

CONTROL ACTIVITIES These are the detailed internal controls which are embedded within the operations of the company. S P A M S O A P (T A)

S Segregation of duties: Corporate governance codes state that the duties of the chairman of the board and the CEO should be segregated, to prevent one individual from acquiring a dominant position on the board. (Misuse of power) Although segregating duties provides protection against fraud by one individual, it is not effective against collusion to commit fraud by two or more individuals P Physical controls: are measures and procedures to protect physical assets against theft or unauthorised access and use. They include: Using a safe to hold cash and valuable documents Using secure entry systems to buildings or areas of a building Periodic inventory checks High security guards and using CCTV

A Authorisation and approval controls: are established to ensure that a transaction must not proceed unless an authorised individual has given his approval, possibly in writing. M Management control: are controls exercised by management on the basis of information they receive S Supervision: is oversight of the work done by other individuals, by someone in a position of responsibility. Supervisory controls help to ensure that individuals do the tasks they are required to and perform them properly. O Organisation controls: refer to the controls provided by the organisations structure, such as: The separation of an organisations activities and operations into departments with a clear division of responsibilities Delegating authority within the organisation Establishing reporting lines within the organisation

A Arithmetic and accounting: controls are provided by: Recording transactions properly in the accounting systems Being able to trace each individual transaction through accounting records Checking arithmetic calculations, such as double-checking the figures in an invoice before sending it to a customer (sales invoice) or approving it for payment (purchase invoice) to make sure that they are correct.

P Personnel controls: controls should be applied to the selection and training of employees, to make sure that suitable individuals are appointed to positions within the organisation; individuals should have the appropriate personal qualities, experience and qualifications where required; individuals are given suitable induction and training to ensure that they carry out their tasks efficiently and effectively. Staff should be given training in the purpose of controls and the need to apply them, which should increase employee awareness and understanding of the risks of failing to apply them properly. T Top level reviews: the board of directors or senior management might call for a performance report on the progress of the organisation towards its goals. For e.g. senior management might review a report on the progress of the organisation toward achieving its budget targets. Questions should be asked by senior management, prompting responses at lower management levels. In this way, top level reviews are a control activity. A Activity controls: at departmental or divisional level, management should receive reports that review performance or highlight exceptions. Functional reviews should be more frequent than top-level reviews, on a daily, weekly or monthly basis. As with top-level reviews, questions should be asked by mgt that initiate control activity. An e.g. of control by mgt is the provision of regular performance reports, such as variance reports, comparing actual results with a target or budget.

27

MANAGEMENT LEVELS: Within an organisation, management are normally divided into three different levels: Strategic, tactical and operational. LEVEL ACTIVITY Strategic Involved with monitoring and controlling the organisation as a whole, making decisions (board of on areas such as opening of new shops and factories or investment in new product line. directors) Management of internal controls: Strategic managers tend to be focused on planning (detailed control is a lower mgt function). However, strategic mgt are normally charged with ensuring that the internal control system is effective. They will therefore be responsible for ensuring that the importance of internal control id recognised in the organisation and providing the necessary resources to establish and monitor this system. Management of risk: Risk management is a responsibility of strategic management. Strategic decisions such as deciding which products to manufacture or which areas to trade in will be taken here with those decisions impacting on the amount of risk faced by the company. Information will be needed on the potential outcomes of different decisions so the amount of risk can be adequately assessed. Strategic managers will be advised by the risk committee. Responsible for implementing the decisions of strategic managers and ensuring that the different divisions or departments within the organisation are operating correctly Management of internal controls: Managers will have responsibility for implementing strategic managements decisions in this case the actual internal control systems within the company. Similarly, where control weaknesses are identified, tactical managers will need to remedy those weaknesses and where necessary inform strategic mgt of material weaknesses. Management of risk: Managers will be responsible for implementing strategic mgts decisions. They will also be reporting identified risks to strategic mgt, either from environmental monitoring or from use of decision-making tools such as the decision support system (DSS). The latter may identify risks from falling sales for example, which will need strategic management action. Tactical managers will be collecting information on operational risk from lower level managers and recommending control activities to mitigate those risks. DSS: is a computer based system which enable managers to confront ill-structured problems by direct interaction with date and problem-solving programs. Controlling the day-to-day operations of the organisation, reporting queries or problems back to tactical management for decisions as necessary. Management of internal controls: Operational managers will be responsible for the operation of specific detailed internal controls. E.g. controls to ensure that stock is not stolen from company premises. Management of risk: Operational managers will have little or no influence over the risk appetite of the company. They are, though, in a position to identify risks at the operational level & therefore report these to tactical management.

Tactical (divisional management)

Operational (junior management/ team leaders)

28

CHARACTERISTICS OF INFORMATION: The information received by management needs to be of a certain standard to be useful in internal control and risk management and monitoring. The information should meet the criteria of good information: A C C U R A T E

A Accurate C Compliance C Cost-beneficial U User-targeted R Relevant A Authoritative T Timely E Easy to use

IMPORTANCE OF ACCURATE INFORMATION FOR THE MANAGEMENT OF INTERNAL CONTROLS The board have to meet their corporate governance responsibility to ensure that an effective internal control exists within the organisation. In order to do this they will require accurate reports from auditors and managers within the company regarding the current controls, and any weaknesses identified. Good information will enable the board to confirm that the monitoring activities, undertaken by auditors and critical to the internal control system, are being carried out in an effective and efficient manner. Information regarding the costs and benefits of internal controls will enable the board to ensure that resources are not wasted on ineffective, or unnecessary controls. Accurate information regarding the risks facing the organisation will enable the board to be aware of any critical issues that may rise in the near future, and hence take action accordingly to mitigate any problems Board can provide the appropriate direction to the management of the company if they are fully aware of all the facts relating to any given situation. If the facts are distorted, the direction provided may be inappropriate.

29

CHAPTER 9: AUDIT AND COMPLIANCE

CONTROL RESPONSIBILITIES INTERNAL BOARD report on effectiveness to - Overall responsibility - Implement sound system - Review regularly EXTERNAL SHAREHOLDER Shareholder activism: i. voting on controls ii. reading the financial statements (Chapter 5)

INSTITUTIONAL INVESTOR SOS RAINS I - Internal controls AUDIT COMMITTEE review, oversee & assess - financial reporting - controls - external audit - internal audit EXTERNAL AUDITOR UK provide feedback on control deficiencies US SOX Audit report

INTERNAL AUDIT - must be independent - role R E V I E W S - all companies must consider the need depending on: i. size ii. complexity iii. cost/benefit

AUDIT COMMITTEE Formal engagements for Financial reporting, controls & auditor relationships It is a committee of the board of directors consisting entirely of independent NEDs, of whom at least one has had recent financial experience Most of the board objectives relating to internal controls will be delegated to the audit committee

BOARD

*MINIMUM 3 NEDs *1 needs recent financial experience

EXTERNAL AUDIT

INTERNAL AUDIT They manage the relationships between the board & auditors This preserves independence (reduces familiarity and intimidation)

30

ROLE Review, Oversee and Assess

FINANCIAL REPORTING PROCESS Monitor integrity of the FS Treatment of accounting items. E.g. lower of cost and NBV or Revalued amount Disclosure Accounting policies e.g. depreciation method used Straight line or reduced balance

INTERNAL CONTROL SYSTEMS - independent evaluation of control system - review financial controls - monitor adequacy of internal control system - approve annual report IC statement - receive reports from internal and external auditors regarding controls

EXTERNAL AUDIT Prepare a short list of audit firms for shareholders to choose from. Do post-completion reviews (review of how the audit worked) Monitor independence Investigate resignations of external auditors Approve engagement letter MONITORING INDEPENDENCE Example Threat Close/family FAMILIARITY connection to - May be biased to the board director

INTERNAL AUDIT - recruit Head Internal Auditor - set work (i.e. job description) - review audit reports - monitor independence - meet with them once a year with no managers - review effectiveness of work performed

Audit committee solution - Monitor length of service (5 years) - Review family connections

Too dependent on fees

SELF-INTEREST - Auditor may please the client to keep the work

Monitor size of the fee If the fee is too big, they would recommend removing other services

Providing non audit services

SELF-REVIEW - Overlook own errors FAMILIARITY - Biased. Because spending lots of time on the client SELF-INTEREST - Fees becomes huge INTIMIDATION - Fee ADVOCACY - If represent the company

Decide the most appropriate services for the company. Non-audit service policy

31

INTERNAL AUDIT Listed companies = compulsory Must be independent (as much as possible) All companies must consider if an Internal Audit is required.

INDEPENDENCE The internal auditors should be independent of executive management and should not have any involvement in the activities or systems that they audit The head of internal audit should report directly to a senior director or the audit committee. In addition, however, the head of internal audit should have direct access to the chairman of the board of directors and to the audit committee, and should be accountable to the audit committee The audit committee should approve the appointment and termination of appointment of the head of internal audit Threat FAMILIARITY - Biased Solution The internal auditor rotates departments regularly

Example Review controls of a person you know

Review control you implemented

SELF REVIEW - Would overlook own errors

Segregate duties

Denied access to information (executive directors)

INTIMIDATION - Fear of losing job

Report to NEDs only (i.e. audit committee)

WAYS BY WHICH INDEPENDENCE IS MAINTAINED BY THE INTERNAL AUDITOR Managing internal audit: Independence is maintained by the internal auditor being able to decide the scope of internal audit work without being influenced by the board/senior management. Risk management: independence is maintained by the internal auditor being given access to information on all areas of the organisation (risk, controls, financial and operation information) and being able to report freely in any errors or omissions found. Control: independence is maintained by ensuring full provision of information and independent reporting lines (via the audit committee) Governance: independence is maintained by the internal auditor being able to report breaches of corporate governance code without fear of dismissal (as happened in the US prior to SOX) Internal audit work: independence is maintained by the internal auditor being able to show that normal standards of internal audit work have been followed; there has been no pressure to cut corners either from senior management or because the internal auditor decided to carry out work to a lower standard. Communicating results: independence is maintained by the internal auditor being able to communicate to a committee or person separate from the board who also has the power to take appropriate action to the internal auditors report.

32

ROLES OF INTERNAL AUDIT R Controls based E V I E W S

R Review control activities (financial and operational controls): to ensure they are effective and there are no fraud and error E Examine timeliness of information: to ensure issues are dealt with quickly V Value for money auditing (3Es): to ensure the best service is obtained from suppliers I Identify the risks to the company: to ensure they are managed and dont affect the companys objectives E Examine compliance with the law: to ensure no penalties or damage to the reputation of the company W Work with audit committee: to provide operational support (to the NEDs who come in only 6 months a year) S Special investigations (one-off matters): to ensure one-off issues are not repeated (such as BP oil spill)

TYPES OF AUDIT WORK: The internal audit department will carry out many different types of audit, as highlighted by the departments varied roles. Examples of audit types are: Financial audit: involves examining records and evidence to support financial and management reporting in order to detect and prevent fraud. Operational audit: covers examination and review of a business operation, the effectiveness of controls and identification of areas for improvement in efficiency and performance including improving the 3Es of VFM auditing Project audit: about looking at a specific project (e.g. commissioning a new factory) and asking whether these were done well and lessons that can be learnt from any mistakes made. Value for money audit: an area that internal auditors have been getting increasingly involved in the VFM audits. Also known as best value audits, it assess services/suppliers in 3 main areas: Economy best price: looking at the inputs to the business (or process, and deciding whether these are the most economical that are available at an acceptable quality level. Efficiency best use of resources: considering how well the operation converts inputs to outputs. E.g. monitoring wastage in a manufacturing company or quality control failures Effectiveness best result: examining whether the organisation is achieving its objectives. There must be clear objectives for this purpose. Difficult for NFP organisations. Social and environmental audit: An environmental audit aims to assess the impact of the organisation on the environment. Normally involves the implementation of appropriate environmental standards such as ISO 14001 and EMAS. The social audit will look at the companys contribution to society and the community. Contributions could be made through donations, sponsorship, employment, education, health & safety Management audit: a management audit is defined as an object and independent appraisal of the effectiveness of managers and the corporate structure in the achievement of the entities objectives and policies. Its aim is to identify existing and potential management weaknesses and recommend ways to rectify them.

FACTORS EFFECTING THE NEED FOR INTERNAL AUDIT The scale, diversity and complexity of the companys activities: the larger, the more diverse and the more complex a range of activities is, the more there is to monitor (and the more opportunity there is for certain things to go wrong) The number of employees: as a proxy for size, the number of employees signifies that larger organisations are more likely to need internal audit to underpin investor confidence than smaller concerns 33

Cost/benefit considerations: management must be certain of the benefits that will result from establishing internal audit and they must obviously be seen to outweigh the costs of the audit. Changes in key risks: the introduction of a new product, entering a new market, a change in any of the PESTEL factors or changes in the industry might trigger the need for internal audit Problems with existing internal control systems: any problems with existing systems clearly signify the need for a tightening of systems and increased monitoring An increased number of unexplained or unacceptable events: system failures or similar events are a clear demonstration of internal control weakness

WHY AN ORGANISATION MAY CHOOSE TO REPORT ON INTERNAL CONTROLS TO ITS SHAREHOLDERS - Companies that are more open with their disclosures regarding internal controls may benefit from increased shareholder satisfaction as they know their asses are being well looked after - By reporting on their internal controls, a company opens itself to additional scrutiny by shareholders (and other interested parties) which may improve corporate governance - The knowledge that their work will be reported on externally may help regulate the work of the audit committee - By making the chair of the audit committee available for questions at the AGM, the company demonstrates that it has nothing to hide, therefore increasing shareholder confidence.

CHAPTER 10: RISK AND THE RISK MANAGEMENT PROCESS

DEFINITION OF RISK: It is an opportunity/danger associated with an uncertain future event. Risks can have an adverse (downside exposure) or favourable (upside potential) impact on the organisations objectives. Eg. A company decides to introduce a new product FAILS = MARKET SHARE REDUCES SUCCESS = MARKET SHARE INCREASES

Needs to be managed = RISK MANAGEMENT Risk Management: is the process of reducing the possibility of adverse consequences either by reducing the likelihood of an event or its impact, or taking advantage of the upside risk. It is key to effective internal control. In turn, following good corporate governance procedures (including having sound internal control systems) will decrease the impact of many risks on an organisation. It is the responsibility of mgt to establish a risk mgt system. PROCESS OF RISK MANAGEMENT STAGE RISK IDENTIFICATION: risks are identified by key stakeholders. Risks must obviously be identified before they can be managed. RISK ASSESSMENT: risks are evaluated according to the likelihood of occurrence and impact on the organisation. This assessment provides a prioritised risk list identifying those risks that need the most urgent attention. RISK STRATEGY/PLANNING - T A R A P3: planning involves establishing appropriate risk mgt policies. Policies include ceasing risky activities through to obtaining insurance against unfavourable future events. Contingency planning involves establishing procedures to recover from adverse events, should they occur. RISK MONITORING: risks are monitored on an ongoing basis. Where risks change, new risks are identified then those risks are added to the risk assessment for appropriate categorisation and action Strategic & operational risks Business risk MCRLTPLED - Assessing importance: 2 criteria 1. Probability (%) 2. Severity ($) = RISK MAP ***New syllabus: Environment/Correlation/Perception T transfer A Avoid: if cant avoid risk, then, A L A R P R Reduce A Accept -

Risk audits (Examiner Article) Done by the internal or external auditor

34

RISK IDENTIFICATION: The risks businesses face will vary greatly between companies and derive from a number of different sources, including those shown below. ACCA BUSINESS RISKS: According to the examiner, business risks are strategic risks that threaten the health and survival of the company RISK MY MARKET DETAIL: The risks associated with.. .the industry the company operates in and from its customers SOURCES/EXAMPLES - Failure to provide goods customers require - Market sector overall declines - Resource is running out (shortage) - Competition - Companys credit rating is decreased - Customers are not paying on time or dont pay at all - There are going concern problems so suppliers are paid late - Production of poor quality products - Product recalls/adverse publicity against company - There is a breach of regulations. E.g. Companies Act - Company is sued by third party for breach of contract - There is lack of investment in R&D - Competitors achieve technological advantage - Directors receive high bonuses when company is making losses - Company trading in sector with adverse reputation (e.g. arms trade with enemy countries) - Customers are not paying quickly enough - There is a poor credit rating - There is poor cash management IMPACT - Company ceases to trade

CLASS

CREDIT

giving credit to customers (bad debt), or taking credit from suppliers

- Company may not be able to obtain loans or credits - Company may not obtain materials for production - Loss of market share - Share price drops - In the extreme company closure - Adverse publicity - Fines and penalties payable by company and/or officers - Products appear to be out of date - There is loss of market share - Adverse publicity - Possible boycott of company products

REALLY

REPUTATION

LIKES

LEGAL

damaging the companys brand/image (reduces confidence, lowers future sales) non-compliance with legislation/law

TAKING

TECHNOLOGICAL

use of technology in the business (e.g. obsolete equipment) appearing dishonest (directors) e.g. directors take a bonus when the company makes a loss the companys cash flow and ability to repay debt (going concern)

P1

PROBITY

LESSONS LIQUIDITY

- Company may not obtain materials needed for production or not pay for labour - Company may have to borrow at a high rate for short-term funding to cover liquidity problems - Company cannot meet its commitments which may lead to company failure 35

EVERY

ENVIRONMENTAL

DAY

DERIVATIVE

poor environmental performance (reputation goes down and breach of environmental law, therefore fines ... the use of financial instruments. Derivatives are complex, which increases the risks of fraud and error. Risk that customers will not buy new products (or services) provided by the organisation or sales demand for current products and services will decline unexpectedly Businesses might be exposed to risks from unexpected increases (or falls) in the price of a key commodity Arises from the possibility of movements in foreign exchange rates, and the value if one currency in relation to another Risk of unexpected gains or losses arising as a consequence of a rise or fall in interest rates Depends to a large extent on the political stability in the countries in which an organisation operates and the attitudes of governments towards protectionism

- Breach of relevant legislation - Company trading in sector with adverse reputation (e.g. testing on animals)

- Adverse publicity - Fine payable by company

- Losses made on forward exchange contracts - Financial statements do not adequately disclose companys transactions/ assets/liabilities

- Financial loss to company - Adverse publicity - Possible closure of business if losses are large

OTHERS PRODUCT

COMODITY PRICE

CURRENCY

INTEREST RATE

POLITICAL

36

REGULATORY

Arises from the possibility that regulations will affect the way an organisation has to operate Is the risk of losses, possibly fines, resulting from noncompliance with laws or regulations Risks facing organisations from changes in economic conditions, such as economic growth, recession, taxation policy, international trading conditions

COMPLIANCE

ECONOMIC

ENTERPRENEURIAL This is the necessary RISK risk associated with any new business venture or opportunity HEALTH & SAFETY Many companies engage in potentially hazardous activities, such as coal mining, that can give rise to injury or the loss of life For non-bank companies, it is the risk arising from exposures to high financial gearing and large amounts of borrowing

GEARING

CATEGORIES OF RISK: 1. STATEGIC RISKS: affect the overall mission of the company. It threatens the going concern of the organisation These are risks arising from the possible consequences of strategic decisions taken by the organisation. E.g. one company might pursue a strategy growth by acquisitions, whilst another might seek slower, organic growth. Growth by acquisition is likely to be much more high-risk than organic growth, although the potential returns might also be much higher. It also arises from the way that an organisation is strategically positioned within its environment. E.g. a company may decide to expand into higher or lower risks areas perhaps by manufacturing new products or simply enhancing older products. 37

Strategic risks should be identified and assessed at senior mgt and board or director level. PESTEL and SWOT techniques can be used to identify these risks. (P3) 2. OPERATIONAL RISKS: affect the day-to-day activities of the company It refers to potential losses that might arise in business operations. It may arise as a result of inadequate r failed internal processes, people and systems or external events. It includes risks of fraud or employee malfeasance, poor quality production or lack of inputs for production. They can be managed by internal control systems.

RISK ASSESSMENT Second state of risk management Assess the importance of risk using 2 criteria: Probability (likelihood that the risk arises) Severity (impact on the organisation if the risk does arise) = RISK MAP LOW PROBABILITY (%) HIGH Sainsburys stop contract Factory worker leaves Recession LOW SEVERITY ($) HIGH Contaminate 100k choc bars

The map identifies whether a risk will have a significant impact on the organisation and links that into the likelihood of the risk occurring. This provides a framework for prioritising risks in the business Risks with a significant impact and a high likelihood of occurrence need more urgent attention than risks with a low impact and low likelihood of occurrence. The significance and impact of each risk will vary depending on the organisation: e.g. an increase in the price of oil will be significant for airline company but will have almost no impact on a financial services company offering investment advice over the internet.

The severity of the risk can also be discussed in terms of hazard. The higher the hazard or impact of the risk, the more severe it is.

New..ish bits of syllabus (2 Articles) 1. ENVIRONMENT: the industry, the company, employees. E.g. Baked beans Static Environment (Theres no change ever in the industry)

All companies are on spectrum

E.g. mobile phones

Dynamic Environment (theres constant change in the industry) - Risks constantly change, hence companies need regular risk assessment, and need to invest more in risk management. 38

2. RISK CORRELATION: these are risks that are related. E.g. Mars chocolate do not recycle: - increase in reputation risk - increase in environmental risk These risks above are positively correlated i.e. the risks are related and they may move together in the SAME DIRECTION. As the environmental risk increases, so does the reputational risk. E.g. Mars invests in recycling plant: - reduction in reputation risk and environmental risk - increase in liquidity risk These risks are negatively correlated. The risks are related but move in OPPOSITE DIRECTION. As more money is spent on reducing the environmental damage, therefore reducing the risk, there is an increase in the financial risk, as the company is depleting its cash reserves substantially. 3. RISK PERCEPTION: This is how risks are perceived.

SUBJECTIVE DATA Data is hard to quantify/measure with certainty

OBJECTIVE DATA Data is easy to quantify/measure Creates more ROBUST risk management

WHY INCUR RISK? To gain competitive advantage: to generate higher returns, businesses may have to take more risk in order to be competitive. Not accepting risk tends to make a business less dynamic, and implies a follow the leader strategy. To increase financial return: incurring risk also implies that the returns from different activities will be higher benefit being the return for accepting risk. Benefits can be financial decreased costs, or intangible better quality information

In both cases, these will lead to the business being able to gain competitive advantage! WHY MANAGE RISK? To identify new risks that may affect the company so an appropriate risk management strategy can be determined To identify changes to existing or known risks so amendments to the risk mgt strategy can be made. For e.g. where there is an increased likelihood of occurrence of a known risk, strategy may be amended from ignoring the risk to possibly insuring against it. To ensure that the best use is made of opportunities: organisations are identifying risks associated with new opportunities to increase the probability of positive outcomes and to maximise returns To enhance shareholder value by improving performance To benefit from higher rewards associated with higher risks

BUSINESS RISKS: can either be: GENERIC: that is, the risk affects all businesses. E.g. changes in the interest rate, non-compliance with company law, or poor use of derivative instruments. Generic risks can also affect different businesses in different ways, a company with substantial borrowing will be affected more by an increase in interest rates than a company with little or no borrowings. SPECIFIC: the risk is specific to individual business sectors. Banks and Mining companies both face reputational risk. Banks high profits and overcharging customer, Mining companies poor working conditions and prolonged 39

ill health resulting from working in mines. The overall point is that the risk profile is different for each sector even though the risk areas can remain the same.

TOOLS AND TECHNIQUES FOR QUANTIFYING RISKS A number of tools can be used to quantify the impact f risks on the organisation, some of which are described below: Scenario planning: in which different possible views of the future are developed, usually through a process of discussion within the organisation Sensitivity analysis: in which the values of different factors which could affect an outcome are changed to assess how sensitive the outcome is to changes in those variable Decision trees: often used in the management of projects to demonstrate the uncertainties at each stage and evaluate the expected value for the project based on the likelihood and cash flow of each possible outcome Computer simulations: such as the Monte Carlo simulation which uses probability distributions and can be run repeatedly to identify many possible scenarios and outcomes for a project Software packages: designed to assist in the risk identification and analysis processes Analysis of existing data: concerning the impact of risks in the past.

CHAPTER 11: CONTROLLING RISK

RISK STRATEGY/PLANNING T A Methods of managing risk R A ACCEPT REDUCE LOW STRATEGY TRANSFER AVOID SEVERITY ($) HIGH

LOW PROBABILITY (%) HIGH

T TRANSFER RISK Transfer risk to a 3rd party. In some circumstances, risk can be transferred wholly r in part to a 3rd party, so that if an adverse event occurs, the 3rd party suffers all or most of the loss. Insurance businesses arrange a wide range of insurance policies for protection against possible losses. Outsourcing Factoring Joint venture (share)/ franchising

A AVOID RISK stop activity that creates the risk. i.e. An organisation might choose to avoid a risk altogether. However, since risks are unavoidable in business ventures, they can be avoided only by not investing, or not undertaking the activity that gives rise to the risk in the first place (or withdrawing from the business area completely) !!! May not always be possible R REDUCE RISK reduce the possibility that the risk arises or the financial impact if it does. Controls Risk diversification (spread your risk) : Lots of products Lots of location 40

A ACCEPT RISK Take no action and incorporate the risk into the business. Simply accept that the risk may occur and decide to deal with the consequences in that particularly situation. The strategy is appropriate normally where the adverse effect is minimal. For example, there is nearly always a risk of rain; unless the business activity cannot take place when it rains then the risk of rain occurring is not normally insured against.

New....ish Risks cant always be eliminated due to cost or because the product is very profitable So companies should A L A R P i.e. They should ensure the risk is As Low As Reasonably Possible If the organisation cant avoid it, transfer it to reduce it as low as possible, however the costly nature of risk reduction should be taken into account. The ALARP principle expresses a point at which the cost of additional risk reduction would be grossly disproportionate to the benefits achieved. The ALARP principle is usually applied to safety critical, high integrity systems where health and safety risks cannot be eliminated e.g. Oil rigs. E.g. a company spends 1million to prevent a member of staff suffering from a bruised knee is obviously grossly disproportionate. Whereas a company spending 1million to prevent a major explosion capable of killing 150 people is obviously proportionate.

RISK MONITORING This is an independent review of risk mgt to ensure it is effective. It is done by the Internal or external auditor = RISK AUDIT Risk audit is a systematic way of understanding the risks that an organisation faces. It is not mandatory for all organisations but, in some highly regulated industries, a form of ongoing risk assessment and audit is compulsory in most governance jurisdictions. Refer to the Examiners article published in Student Accountant in March 2009 Risk and Environmental Auditing)

STAGES OF RISK AUDIT IDENTIFY RISKS ASSESS RISKS REVIEW This is where the auditor re - performs the 1st stages of risk management and then use their independent results as a benchmark. Reviewing the controls that are in place to prevent and/or detect the risk and assessing if they are appropriate. - Any identified risks? - Poorly assessed risks? - Poorly managed risks? Reporting findings to the risk committee. Informing the board (or risk committee where one exists) about risks which are outside acceptable levels or where controls over specific risks are ineffective. PROCESS OF EXTERNAL REPORTING OF INTERNAL CONTROLS AND RISKS 1. Identify reporting situation Internal control failure/directors making inappropriate decisions (as in Enron) 2. Check compliance with legislation/ethical guidance Companies Act/Stock exchange requirement/professional ethical guidelines may require disclosure 3. Make report if required Document reason for report (e.g. qualified audit/report whistleblowing) and make report to appropriate third party.

REPORT

41

INTERNAL OR EXTERNAL RISK AUDITORS? Speed of work and familiarity

Internal audit teams have the advantage of familiarity with the organisations culture, systems, procedures and policies. Given their familiarity with the nature of the business and how things are supposed to work, internal audit should be able to perform a highly specific and focussed risk assessment. It can be argued that an external team would take a long time to develop the same understanding and could never, in practice, maintain the same knowledge of a companys nuances as it evolves as an internal team. Flexibility

Internal teams are flexible in terms of the way they are deployed. As they are controlled by management, they can be directed to perform a variety of engagements that can be changed at a moments notice. All engagements with external auditors are subject to the restrictions of engagement letters, availability of resources and the fees they charge Quality of work

Internal audit should produce work that is written and structured according to the expectations and norms of the organisation, which is therefore relevant for the intended use. External teams could be criticised for pitching their reports at too high a technical level for the intended guidance or perhaps in an area the audience was not specifically concerned with. Objectivity

External teams should comply with IFACs (and ACCAs) code of ethics. They should therefore be more objective than an internal team, who will suffer from over familiarity with the company. It is likely that external auditors will have no link to anybody inside the organisation being audited and so there will be fewer prior friendships and personal relationships to consider Shareholder confidence

The fact that these threats are avoided or reduced will create a higher degree of confidence for investors and, where applicable, regulators Innovation

An external auditor brings a fresh pair of eyes to the task, identifying issues that internal auditors may have overlooked because of familiarity. When internal employees audit a system or department, they may be so familiar with the organisations routines, procedures, culture, and norms that a key risk might be overlooked or wrongly assessed. Current skills and knowledge

Best practice and current developments can be introduced if external consultants are aware of these. Given that consultants typically promote themselves on the currency of their skills, it is often more likely that their knowledge will be more up to date than that of internal staff whose skills may be geared specifically to their organisations needs and expectations. PURPOSE OF RISK AUDITING Risk auditing assists the overall risk monitoring activity (last step in the risk management process) by providing an independent view of risks and controls in an organisation As with any audit situation, a fresh pair of eyes may identify errors or omissions in the original risk monitoring process In many situations, audit work is obligatory (e.g. SOX requirements). Following review, internal and external audit can make recommendations to amend risk management system or controls as necessary. 42

RISK RESPONSIBILITIES INTERNAL BOARD: disclose significant risks recognise overall responsibility for maintain controls systems in the company raise risk awareness consider the risk appetite of the company devise effective strategies to control risk

EXTERNAL SHAREHOLDER - Shareholder Activism i.e. Go to AGM Ask questions about risk

RISK COMMITTEE mix of executives and majority NEDs DANGER where no risk committee is formed, the audit committee will usually perform similar duties Roles include: Update company risk profile and appetite and report these to the board Raise risk awareness and ensuring appropriate risk mgt within the organisation Establish policies for risk management and continuously review it and make recommendations for amendment to the board when necessary Implement processes to monitor and report risk RISK MANAGER - Is a member of the risk committee, reporting directly to that committee and the board. - The role is more operational than strategic - Policy is set by the board and the risk committee and implemented by the risk manager Roles include: - Primarily to implement risk management policies - Implement changes when required - Identify and evaluate risks affecting the org. - Provision of overall leadership for risk mgt team - Carry out training on risk management - Give advice - Monitoring the status of risk mitigation strategies and internal audits, and ensuring that all recommendations are acted upon - Maintain good relationships with the board and the risk committee - Ensure compliance with any laws and regulations affecting the business - Seeking opportunities to improve risk mgt methodologies and practices within the org. - Producing reports on risk mgt, including any statutory reports (e.g. SOX reports in the US) INTERNAL AUDITOR - Independent monitoring of risks - Carry out risk audit

EXTERNAL AUDITOR - Sometimes, they carry out the risk audits. (e.g. if the company is carrying out SOX or is a bank, this will be a very good practice) - Identify and document internal controls in the company - Test those controls report on material control deficiencies in the auditors report

RISK AWARENESS - Risk must be embedded into the companys culture and systems - A lack of risk awareness means that an organisation has an inappropriate risk management strategy: - Risks affecting the organisation may not have been identified meaning there will be a lack of control over that risk - Risks may occur and the control over the risk is not active due to lack of monitoring and awareness STRATEGIC: High level monitoring of risk TACTICAL: Monitoring of risk at divisional level OPERATIONAL: Monitoring of risk in day-day operations. How to embed risks: - Training - Communication (from top down) - Include in job descriptions - Penalties for bad practice - Automatic procedures - Reward systems which recognise that risks have to be taken in practice. (e.g. not having a blame culture) - ALL MUST BE ON BOARD Limiting factors: - Overall commitment to risk mgt policies at all levels in the organisation - The attitude to internal controls - Governance, i.e. the need to include - Whether risk mgt is a normal part of the orgs culture, i.e. whether it is taken for granted or not.

43

ROLE OF BOARD Overall responsibility for risk management lies with the board of directors They must generate RISK AWARENESS To ensure all the employees are aware of risks as they arise of capable of identifying/recognising risks as they arise. Consider the companys RISK APPETITE How much risks the company is willing to take Depends on 2 factors RISK ATTITUDE risk seeking - risk averse Ensure effective STRATEGIES are in place (TARA) Disclose significant risks to shareholders + RISK CAPACITY - companys limit to risk ($) - size /structure/development

CHAPTER 12: ETHICAL THEORIES

STUDY OF MORAL BEAHAVIOUR ABSOLUTISM Believe in clear rules Unchanging moral rights RELATIVISM Believe right/wrong depends on the conditions at the time Ethics is situational PRAGMATIC APPROACH - Best route CONDITIONS 2 Types - Egoism COMPANY CULTURE GRAY OWENS CARROLL ADAMS - Pre-conventional 7 positions - Conventional - Post-conventional Every country views responsibilities differently. DOGMATIC VS PRAGMATIC APPROACH The idea of absolutism and relativism can be illustrated with two similar concepts A dogmatic approach takes the view that there is one truth and this truth is to be imposed in all situations. This viewpoint corresponds to absolutism. A pragmatic approach attempts to find the best route through a specific moral situation without reference to any absolutist belief. The approach is similar to relativism in attempting to find a solution based on the given belief system of the individuals involved. 44 PERSON KOHLBERG KANT - philosopher 3 Maxims An action can only be right if: - We could all do it - It respects life - Others would agree with it. HAS TO MEET ALL THREE OF THE RULES! TELEOLOGICAL VIEW - Judge outcome of an action as right or wrong CONSEQUENTIALIST APPROACH DEONTOLOGICAL VIEW - Judge motivation for the actions as right or wrong NONCONSEQUENTIALIST APPROACH

DOGMATIC APPROACH - Means that there is only ONE TRUTH

- Utilitarialism

TELEOLOGICAL & DEONTOLOGICAL VIEWS - Boy breaks 15 cups helping mum wash up

Girl breaks 1 cup trying to steal a biscuit Who is worse?

BOY

GIRL - judging the motivation for her action = DEONTOLOGICAL VIEW

Judging the outcome of the action = THEOLOGICAL VIEW

Two types - EGOISM Consider the outcome from the individual perspective UTILITARIANISM Consider the outcome from society perspective. (Is it for the greater good?)

IMMANUEL KANT philosopher (3 MAXIMS) An action can only be right if: 1. CONSISTENCY: We could all do it. The action can only be right if everyone can follow the same underlying principles 2. HUMAN DIGNITY: It respects life (human & animals). Act so that you treat humanity, whether in your own person or in that of another, always as an end and never as a means only. 3. UNIVERSALITY: Others would agree with it. *** It has to meet all three of the rules. If it fails any of them, then doesnt apply (wrong)

Refer to hand-out for Kohlbergs theory on Cognitive Moral Development (CMD) pg. 219

GRAY, OWENS & ADAMS 7 1. PRISTINE CAPITALIST POSITIONS OF SOCIAL RESPONSIBILITY Companys only legal duty is to shareholder i.e. to maximise profit Anything that reduces shareholder wealth (such as acting in a socially responsible way) is theft from shareholders. (CSR is shareholder theft)

2. EXPEDIENT -

Believes in maximising profit but have ENLIGHTENED SELF INTEREST. Responsible companies have better reputation, hence more customers, more sales and higher profits. Recognise some social responsibility expenditure may be necessary to strategically position an organisation so as to maximise profit Believes society granted the company the right to trade and so the companys responsibility is to act in societys best interest Businesses enjoy a licence to operate granted by society so long as the business acts in an appropriate way Recognise that companies damage the environment and tries to reduce the companys impact. (environmental footprint) Recognises that a business has a social and environmental footprint and therefore bears responsibility for minimising that footprint 45

3. PROPONENT OF SOCIAL CONTRACT -

4. SOCIAL ECOLOGIST -

5. SOCIALIST e.g. Amnesty International

Organisation that believes companies (capitalism) oppresses people e.g. racism, sexism Organisation seeks change Believe companies should have feminine qualities (love, care, compassion)

6. RADICAL FEMINIST e.g. Charity organisations 7. DEEP ECOLOGIST/GREE N

Believes capitalism is wrong! Because: 1. it damages the environment 2. it damages society (oppresses people) Company must change Humans have no more right to the planet than any other species

*** Refer to the Examiners article in February 2008 All about stakeholders part 2

KOHLBERGS COGNITIVE MORAL DEVELOPMENT (CMD) THEORY - Attempts to explain the reasoning process behind moral judgements and how those processes changed as the individual matured from a child to an adult. - In other words, CMD relates to the different levels of reasoning that an individual can apply to ethical issues and problems. - It views ethical decisions from an individuals perspective Kohlberg identified three levels of moral development, with two sub-states within each level giving 6 stages in total - Level one: the individual is focused on self-interest, external rewards and punishment - Level two: the individual tends to do what is expected of them by others. In a business context, managers are normally on Level 2 - Level three: the individual starts to develop autonomous decision making which is based on internal perspectives of right/wrong ethics, etc., rather than based on any external influences. CRITICISMS OF THE THEORY - It has gender bias the fieldwork for the theory was drawn from interviews with young American males - There is too great an emphasis on rights and justice compared with other bases of morality - People tend to use different moral reasoning strategies in different situations implying that there is no sequence of stages. Refer to hand-out given in class for further explanation

46

CHAPTER 13: PROFESSIONAL AND CORPORATE ETHICS

3 Ps 1. PUBLIC INTEREST defined as that which supports the good of society as a whole. E.g. role of professions o Accountancy: as a profession that reports in the interest of shareholders Support capitalism o Medicine o law

Relationship responsibility Act in the publics Interest PUBLIC rights - to trade and make profits - respect: - granted a title 3. PROFESSIONALISM - action taken to support the public interest. How? - O P P I C Five fundamental principles - be socially responsible

PROFESSION 2. PROFESSION Body of knowledge and skills that supports the public interest Adherence to common code of values and conduct Acceptance of duty to society: in return, members Are granted a qualification and usage of a title e.g. - professional experience - practical experience - accounting standards - codes e.g. ACCA code of ethics

THE ACCOUNTING PROFESSION Over time, the profession appears to be taking more of a proactive than a reactive, approach A REACTIVE APPROACH Taking responsibility for any negative consequences of accounting practice and, where appropriate, amending those practices to remove those consequences. E.g. the inclusion of off balance sheet financing in the accounts of companies after the downfall of Enron. In this sense, the accounting profession was reacting to a situation. A PROACTIVE APPROACH Seeking out and positively contributing to the public interest. E.g. the accounting profession recognises that guidance on how to carry out an environmental audit is not available. Hence, guidance is provided in the public interest as a benefit to society rather than waiting until society as a whole requests the guidance. VALUE LADEN ROLE OF ACCOUNTANTS - i.e. too much focus on money GRAY: Capitalism is flawed/wrong o capitalism is damaging the environment o oppresses people (E.g. Nile pays 3p to people in third world countries because it is cheap, to make profits) - need social and environmental change - accountants support capitalism = role is also flawed = social and environmental changes are needed Paul Gilding: The Earth is full (video on TED) Introduce Social & Environmental Accounting Implement S & E controls Audit S & E performance Advice on maximising tax Write new standards for S &E issues 47

COPPORATE ETHICS - Relates to the application of ethical values to business behaviours - It encompasses many areas ranging from board strategies to how companies negotiate with their suppliers - It goes beyond legal requirements and is to some extent discretionary - Many companies provide details of their ethical approach in a corporate and social responsibility (CSR) report - Key areas of corporate ethics include: Purposes and values of business Employees Customer relations Suppliers Shareholders Society implementation CODE OF ETHICS provides guidance on behaviour

Corporate code Code tailored to an individual company. E.g. M&S Contents: Communicate values a principles Ethical behaviour to key stakeholders Shareholders Customers Suppliers Employees

Professional code E.g. IFAC Code of Ethics 1. Fundamental principles OPPIC 2. Conceptual Framework *** Looks at the: - threats (to objectivity) - safeguards - conflict resolution

Professional code of ethics: are issued by most professional bodies; the ACCA code was revised and issued in 2006. - The main reason for professional codes of ethics is to ensure that members/students observe proper standards of professional conduct. - Members and students will therefore refrain from misconduct and not make any serious departure from the ethical code - Id the standards are not observed, then disciplinary action may be taken - Maintenance of a professional code of ethics helps the accountancy profession to act in the public interest by providing appropriate regulation of members A. FUNDAMENTAL PRINCIPLES: are obligations (or responsibilities) placed on members of a professional institute. - The principles apply to all members, whether or not they are in practice. - Taken from the ACCA code of conduct, they are listed below. O P P I C

O Objectivity: members do not allow bias or conflict of interest in business judgements. Accountants need to ensure that their business/professional judgement is not compromised because of bias or conflict of interest Professional competence and due care: duty to maintain professional knowledge and skill at appropriate level. Accountants are required to have the necessary professional knowledge and skill to carry out work for clients. Also, accountants must follow applicable technical and professional standards when providing professional services. P Professional behaviour: member must comply with relevant laws and avoid actions discrediting the profession. Accountants must comply with all relevant laws and regulations. An accountant is required to treat all people contracted in a professional capacity with courtesy and consideration. Similarly, any marketing activities should not bring the profession into disrepute. 48

I Integrity: members should be straightforward and honest in all professional/business relationships. Integrity implies fair dealing and truthfulness. Members are also required not to be associated with any form of communication or report were the information is considered to be: - Materially false or to contain misleading statements - Provided recklessly - Incomplete such that the report or communication becomes misleading by this omission C Confidentiality: information on clients not disclosed without appropriate specific authority. The principle of confidentiality implies 2 key considerations for accountants: 1. Information obtained in a business relationship is not disclosed outside the firm unless there is a proper and specific authority or unless there is a professional right or duty to disclose 2. Confidential information acquired during the provision of professional services is not used to personal advantage. The main reasons for disclosure are when it is: Permitted by law and authorised by the client Required by law, e.g. legal proceedings or disclosing information regarding infringements of law There is professional duty or right to disclose (when not barred by law) e.g. provision of information to the professional institute or compliance with ethical requirements.

B. CONCEPTUAL FRAMEWORK: provides guidance on how the principles are applied. - It also helps to identify threats to compliance with the principles and then applies safeguards to eliminate or reduce those threats to acceptable levels. - It recognises that ethical issues may have no correct answer and therefore provides the generalised guidelines and principles to apply to any situation.

THREAT to OPPIC

SAFEGUARD

CONFLICT RESOLUTION

Self-interest Familiarity Intimidation Self-review Advocacy

E.g. Controls - process for resolving the threat if - Ethical training safeguard fails. - Ethics managers - Whistleblowing policy (Confidential method of communicating Unethical practice/behaviour) - Corporate code of ethics

A threat to independence is any matter, real or perceived, that implies that the accountant is not providing an independent view or report in a specific situation. An ethical threat is a situation where a person or corporation is tempted not to follow their code of ethics An accountant needs to be independent so others can place reliance on his/her work. 49

- Lack of independence implies bias, meaning less reliance would be placed. Safeguards seek to reduce or eliminate threats. They vary depending on the specific threat. An ethical safeguard provides guidance or a course of action which attempts to remove the ethical threat They will fall into three categories created by the: 1. Profession - these include: - Education and training including CDP requirements - Setting of corporate governance regulations and professional standards - Monitoring of professional work including disciplinary proceeding 2. 3. Work environment examples include: Internal control systems Review procedures Disciplinary procedures Organisational codes of ethics Separate review and reporting for key engagements Individual these include: Complying with professional standards Maintaining records of contentious issues Mentoring Contacting professional bodies with queries

BENEFITS OF A CODE - Provides framework for conflict resolution - Provides guidelines for similar ethical disputes and methods of resolution - Provides the boundaries across which it is ethically incorrect to pass.

DRAWBACKS OF A CODE - Is a code only therefore may not fit the precise ethical issue - As a code, then it can be interpreted in a different ways two different conflicting actions may appear to be ethically correct to two different people - May be no clear or even ineffective punishment for breaching the code

RULES AND PRINCIPLES-BASED APPROACHES TO ETHICAL DILEMMA RULES-BASED APPROACH: 1. Establish ethical rules that members must follow 2. Ensure members are aware of the rules 3. Ensure members comply with the rules PRINCIPLES BASED APPROACH: 1. Establish fundamental ethical principles that members must follow 2. Ensure members are aware of the principles 3. Require members to identify and address threats to compliance with the principles and male an appropriate response to mitigate each threat BENEFITS: - Recognises that every threat cannot simply be listed - Allows for subjective judgement, so the member can apply the principles in accordance with their specific situation and nature of the threat DISADVANTAGES: - In some situations it may be difficult to confirm that the compliance action was appropriate as two people may make different and valid decisions based on the same threat and circumstances. 50

BENEFITS: - Easy to check compliance as based on fact - Easy to amend rule set as required

DISADVANTAGES: - The list of rules may not be complete - There is no room for individual decision making

WHAT IS CORRUPTION? Corruption is bribery and any other behaviour in relation to persons entrusted with responsibilities in the public r private sector which violates their duties and is aimed at obtaining undue advantages of any kind for themselves or for others. The main forms of corruption are: - Bribery: example, excessive hospitality. Firms are allowed to provide hospitality, promotional or other business expenditure like providing tickets to sporting events, take clients to dinner, and offer gifts to client as a reflection of good relations. However, these should not be of material value. - Embezzlement - Fraud - Extortion WHY IS CORRUPTION WRONG the ethical argument Corruption is inherently wrong: - It has a misuse of power and position and has a disproportionate impact on the poor and disadvantaged - It undermines the integrity of all involved and damages the fabric of the organisations to which they belong. WHY IS CORRUPTION WRONG the business argument There are many reasons why it is in any companys business interest to ensure that it does not engage in corrupt practices. - Legal risks: it is increasingly becoming illegal in a companys home country to engage in corrupt practices in another country - Reputational risks: based on the experience of recent year, companies whose policies and practices fail to meet high ethical standards, or that take a relaxed attitude to compliance with law, are exposed to serious reputational risks. It is also not good enough to claim that other companies and competitors have engaged in similar practices. - Financial costs: there is now clear evidence that in many countries corruption adds upwards of 10% to the cost of doing business and that corruption adds as much as 25% to the cost of public procurement. This undermines business performance and diverts public resources from legitimate sustainable development. - Pressure to repeat offend: there is growing evidence that a company is less likely to be under pressure to pay bribes if it has not done so in the past. Once a bribe is paid, repeat demands are possible and the amounts demanded are likely to rise. Zero tolerance is the only practical solution - Blackmail: by engaging in corrupt practices, company managers expose themselves to blackmail. Consequently the security of staff, plant and other assets are put at risk - Impact on staff: if a company engages in or tolerates corrupt practice, it will soon be widely known, both internally and externally. Unethical behaviour erodes staff loyalty to the company and it can be difficult for staff to see why high standards should be applied within a company when it does not apply in the companys external relations. Internal trust and confidence is then eroded. - Impact on development: it is now clear that corruption has played a major part in undermining the worlds social, economic and environmental development. Resources have been diverted to improper use and the quality of services and materials used for development seriously compromised.

51

CHAPTER 14: ETHICAL DECISION MAKING p.g. 268

There are 2 models for ethical decision making

American Accounting Association (AAA) model (7 questions)

Tucker Model (5 questions)

1. AAA model: provides a framework within which an ethical decision can be made. It suggests that if faced with a dilemma, 7 questions must be asked: The seven questions in the model are: (Frequently 1. 2. 3. 4. 5. 6. 7. I Pray Americans Ban Chocolate Doughnuts)

Frequently Facts: consider the facts of the case? I Issues: what are the ethical issues that arise from the facts? Pray Principles: consider which principles and values are affected? Americans Alternatives: what are all alternative courses of action available (in the exams, talk about 2) Ban Best: select the best course of action in line with principles Chocolate Consequences: consider consequences Doughnuts Decision: what is the final decision?

2. Tucker model: provides a 5-question model against which ethical decisions can be tested. It is therefore used after the AAA model shown above to ensure that the decision reached is correct. i.e. It is used once decision is made to assess if it is ethical. Is the decision: (People Love Fatty Rich Stuff)

People Profitable? is it profitable for shareholders? Love Legal? is it in the best interest of the society? Fatty Fair? is it fair to each stakeholder that is affected? Rich Right? is the overall decision the right one? (Almost conclusion) Stuff Sustainable? is it the right thing for the environment? FACTORS AFFECTING ETHICAL BEHAVIOUR Accountants are normally expected to behave ethically. However, that behaviour also depends on: - The nature of the ethical issue issue related factors, and - The context in which the issue takes place context-related factors Issue-related factors: - How important the decision is to the decision maker - The higher the intensity, the more likely it is that the decision maker will make an ethical rather than an unethical decision Context-related factors: - These factors relate to how a particular issue would be viewed within a certain context. For example: - If certain behaviours are seen to be rewarded, encouraged, or demanded by superiors despite being ethically dubious, decision making may be affected - If everyone in a workplace does something in a certain way, an individual is more likely to conform: this can result in both higher and lower standards of ethical behaviour. Key contextual factors are: - System of reward - Authority - Bureaucracy - Work roles - Organisational group norms and culture - National and cultural context 52

CHAPTER 15: SOCIAL AND ENVIRONMENTAL ISSUES

DEFINITIONS: GARY: - Capitalism is flawed - Need changes o Company must become SUSTAINABLE: Ensuring we meet the needs of present without compromising the ability of future generations to meet their needs. E.g. replant a tree for every tree used in production. SUSTAINABLE DEVELOPMENT: is development that meets the needs of the present without compromising the ability of future generations to meet their own needs o Companies should measure SOCIAL AND ENVIRONMENTAL FOOTPRINT Measure consequences of their operations (inputs and outputs) on society and environment. E.g. Cadbury - Footprint of 49g bar of diary milk = 169g CO - Will reduce by 50% by year 2020

ENVIRONMENTAL FOOTPRINT In the same way that humans and animals leave physical footprints that show where they have been, so do organisations leave evidence of their operations in the environment. They operate at a net cost to the environment. Examples of measuring impact of environmental footprint on the environment include: - Reduction in waste e.g. CO2 emissions - Promotion of sustainable activities e.g. metrics to ensure that dairy farming is sustainable The environmental footprint is an attempt to evaluate the size of a companys impact on the environment in three respects: o The companys resource consumption o Any harm to the environment brought about by pollution emissions o A measurement of resource consumption and pollution emission in terms of harm to the environment in their qualitative, quantitative or replacement terms Where resources use exceeds provision, then the activity can be termed as UNSUSTAINABLE MEASURING FOOTPRINT (i.e. impact of economic activity)

DIRECT Consider consequences of production process E.g. Car - Factory only

INDIRECT Consider consequences of whole supply chain E.g. Car - importing metal - factory - customer uses car - scrap car

53

ENVIRONMENTAL ACCOUNTING 2 Methods attempt to account for sustainability

FULL COST ACCOUNTING Accounts for the total financial and non-financial costs - Economic ($) Financial statements - Social - Environmental Aims to internalise all costs, including those which are incurred outside of the company. E.g. Olympic 2012 Economic: - Stadium - Employing people - Ticket sale - Commercial for local - Business Environment: - Air pollution - Concrete (water use + gas emission) - Impact on wildfire - Fireworks causes pollution Social: - Noise pollution - Delays on transportation - Tourist prices - Rental increases - Redevelopment of Stratford - Happy spirit all over - Tourism was boosted

TRIPLE BOTTOM LINE Expand traditional reporting and account for: - Profit ($): A TBL company will balance the profit objective with the other 2 elements while a non-TBL company will seek to maximise this measure to improve shareholder return. - People: A TBL company would attempt to pay its workers fair wages, maintain a safe working envt and not use child labour, although these practices will decrease the amount of profit available for shareholders Similarly, the company would promote its surrounding community. E.g. by providing educational opportunities or a safe community to live in. (as in Bourneville estate Cadbury) - Planet: refers to the environmental practices of the company to determine whether they are sustainable or not. The TBL company attempts to reduce the ecological footprint by managing resource consumption and energy usage. E.g. Better production processes to reduce resources consumed and toxic waste eliminated because the company believes it is inappropriate to produce toxic waste as the envtal cost of disposal is normally borne by the govt and society as a whole. They try to balance all three

ENVIRONMENTAL CONTROL SYSTEMS Guidance for assessing the organisations impact on the environment

EMAS S E CO N D (Eco-Management and Audit Schemes) YES YES (Disclosure) System External Audit

ISO 14000

YES YES (Contols) ***Internal Auditor might do this - guidance on managing envtal risk (like risk management TARA etc)

Company should set environmental targets o Involve key stakeholders Comply with environmental laws Disclose environmental performance to shareholders

Contents

Company improves environmental performance

Objective

advice on environmental risk and control 54

Voluntary

Need to comply

Voluntary

YES Full environmental statement

Disclosure

YES Confirm that standards have been followed - ISO

BENEFITS OF COMPLIANCE WITH EITHER STANDARD - Reduced cost of waste management - Savings in consumption of energy and materials - Lower distribution costs - Improved corporate image among regulators, customers and the public - Framework for continuous improvement of the companies environmental performance

ENVIRONMENTAL AUDIT Aims to assess the impact of the organisation on the environment Normally involves the implementation of appropriate environmental standards such as ISO 14000 and EMAS Provides the raw date for environmental accounting Voluntary Independent review of environmental performance Can be done by internal or external auditor No rules An environmental audit typically contains 3 elements: STAGE 1. Agreed matrix (what should be measure and how) - Set targets that can be measured 2. Performance review - Measure actual performance against those targets 3. Report - User varies - Compliance or Variance? M &S PLAN A - Set 100 targets

7 point scale

We are not aware of any issues (means they complied)

ENVIRONMENTAL ACCOUNTING - This is the development of an environmental accounting system to support the integration of environmental performance measures and to track internal environmentally significant expenditure. - It builds on social and environmental auditing by providing empirical evidence of the achievement of social and environmental objectives - Without social and environmental auditing, environmental accounting would not be possible. Examples of environmental accounting measures include: - Monitoring water usage - Monitoring energy (including use of renewable and non-renewable energy) - Ensuring inventory is derived from renewable resources where possible - Measuring waste emissions and the companys carbon footprint (amount of CO2 generated) The aims of environmental accounting are: - To use the metrics produced from an environmental audit and incorporate these into an environmental report, and 55

To integrate environmental performance measures into core financial processes to generate cost savings and reduce environmental impact through improved management resources

Benefits of environmental accounting - Cost savings: to utilise resources efficiently and effectively, and in doing so generate cost savings - Environmental improvements: to support the delivery of the environmental audit which will benefit the company and the environment - Corporate governance: to assist in the management of environmental risks and operational costs including the publication of environmental accounting disclosures in corporate documents such as the annual and CSR reports. ENVIRONMENTAL REPORTING Godrey, Hodgson and Holmes have defined environmental reporting as the disclosure of information on environment related issues and performance by an entity. It typically contains details of environmental performance in areas such as: - Measures of emissions (e.g. pollution, waste and greenhouse gases) - Consumption (e.g. energy, water and non-renewable mineral deposits) The information is published in either the annual report and/or as a self-standing report. SOCIAL REPORTING Owen and Scherer explain that there is a significant concept underlying corporate social responsibility; this is that corporations should be concerned about society at large. Social reporting is generally context specific, and typical contents will vary with industry, however the flowing issues should be included in a companys considerations: - Human rights issues - Work place, occupational health and safety - Training and employee issues - Fair pay for employees and suppliers - Fair business practices - Minority and equity issues - Marketplace and consumer issues - Community involvement - Indigenous peoples - Social development - Charitable, political donations and sports sponsorship USEFULNESS OF THIS INFORMATION TO STAKEHOLDERS Social and environmental reporting is becoming increasingly important, as many investors and other stakeholders want to know about the organisations social and environmental footprint in addition to its economic performance. REASONS WHY THE ADDITIONAL INFORMATION IN USEFUL - By reporting on social and environmental issues companies will become more aware of the potential risk, and less likely to suffer unforeseen liabilities due to reputational damage - The ethical performance of a business is a factor in some investors decision to invest - Employees may use ethical performance as a criterion in their choice of potential employer - Some consumers will not buy goods or services from unethical companies - Voluntary disclosure of social and environmental issues may pre-empt potential regulatory intervention - More social and environmental reporting will provide an impetus for internal development and a higher level of Corporate Governance - The benefits of brand strengthening will have a positive impact in share price - Finally, shareholders as owners of the company simply have a right to as much information as possible However, the additional cost of such reporting, and the ambiguous nature of the measure must also be considered.

56