Private Sector Opinion Stress Testing Corporate Governance Foreword 41 IFC Corporate John D. Sullivan1 Governance Knowledge Publication In the decade since the worldwide financial crisis of 2008, there has been much speculation about what caused the failure, what factors contributed to it, and what can keep it from happening again. IFC has given particular attention to the role poor governance played in creating an environment where such an event could occur—and how good governance practices can contribute to a healthier economy that can withstand the forces that precipitated the crisis. Although governance failure was not the primary cause of the financial crisis, weak governance left the financial system less able to resist the pressures that brought it about, including global payments imbalances, surplus liquidity, weak regulation and prudential supervision, and market- pressure short-termism. This compendium looks at the development of corporate governance since the financial crisis and asks whether governance rules and practices have developed in a way that positions companies better to address systemic risk. The following are some observations to consider: About IFC Corporate Governance Group • We have seen good governance models over the last 30 years, healthy The Group brings together staff from investment support and advisory operations global cross-fertilization of ideas and practices, and nurturing of best into a single, global team. This unified team advises on all aspects of corporate practices, with Western models often acting as the baseline of the governance and offers targeted client services in areas such as increasing board discussions. effectiveness, improving the control environment, and family businesses governance. The Group also helps support John D. Sullivan is an adjunct faculty member at George Mason University’s Schar School of Policy and Government 1 corporate governance improvements and and an independent consultant. He retired in 2016 as executive director of the Center for International Private Enterprise (CIPE), an affiliate of the US Chamber of Commerce. As associate director of the Democracy Program, reform efforts in emerging markets and Sullivan helped to establish both CIPE and the National Endowment for Democracy in 1983. Sullivan is a member developing countries, while leveraging and of the Council on Foreign Relations, the International Finance Corporation’s Private Sector Advisory Group, and integrating knowledge tools, expertise, and the Russian Institute of Directors’ Expert Council. John Sullivan received his Ph.D. from the University of Pittsburgh networks at the global and regional levels. in political science. • However, we have seen some serious breakdowns of those models—some ad hoc, some systemic—over same period in all regions of the world. • Strong reform movements and regulatory changes have come into existence since the crisis. • Many of the breakdowns that led to the crisis were not so much the result of governance design flaws but rather practical implementation/compliance issues, adverse behavioral effects, and perverse incentive systems in business models— leading to the conclusion that corporate governance design can only do so much. • The good-governance advocacy community is squeezed between regulators’ competence, politics, goodwill and intent (or sometimes the lack thereof), and governance practice as it is—significantly limiting the room to manage, or even identify, a possible compliance gap. • Since 2008, much of the crisis-related cost has migrated to fiscal balance sheets, central banks’ balance sheets, and so on, through fiscal damage-control/support measures and exotic monetary policies (record low/negative interest rates, quantitative easement, and the like)—and financial fragility is still very much an ongoing concern. • Improvements in corporate governance models and regulatory steps have been formidable, but corporate scandals keep popping up—some threatening the survival of giants among the reputationally best, and some having been instrumental in creating a separate class of organizations too big to fail, and possibly too big to bail. • Neither upgraded corporate governance measures nor external gatekeepers— regulators as well as the accounting and audit profession—have been able to prevent this from happening, and the audit and accounting profession remains an ongoing weak link in the financial architecture. The occurrence of spectacular corporate scandals since the crisis—Tesco, Toshiba, VW, and Wells Fargo, and the many institutions affected by the LIBOR scandal—suggests that the governance lessons have not been learned, certainly not universally. So we ask, What more needs to be done? How can investors, regulators, and the concerned publics be assured that the board of directors is, in fact, practicing good corporate governance? The contributors to this compendium look at stress-testing governance from several angles: systemic risk in the financial system, risk at the individual corporate level, and the differentiated challenge as exists between companies with dispersed ownership, family ownership, controlling shareholders, and state ownership. In their contributions to this publication, these governance professionals offer valuable observations—and, of course, more questions. 2 ISSUE 40 Private Sector Opinion A Look into the Corporate Governance Machine Room: Why Corporate Governance Keeps Disappointing—And Persistent Taboos to Be Addressed By Jules Muis2 Accepted wisdom is that, overall, world-recognized corporate governance models—with the OECD Code as the overall template—are still much challenged in practice. In the defense of corporate governance architects, when disaster strikes in an open society, the reputation of corporate governance inevitably is much determined by the exceptions. This leaves good-governance positive outcomes—sometimes through the courage of conviction of actors standing tall when challenged—mostly unseen and understated. And vice versa, we can find the same distortion in closed, autocratic societies. There, things may appear to be “under control” (unless it suits the powers that be to expose malfeasance, trumped up or not), but environments with a weak rule of law do not put too much value on transparency. Equally for audit scandals, 80 percent of failures are not a matter of quality standards, but rather of compliance. Despite an abundance of compliance officers that have joined the ranks of designated corporate and accounting firms as reality checkers over the last two decades, 80 percent of those exceptions, we keep guessing, can probably be seen as control overrides, most not leaving a trace, audit trail, or fingerprints. Often a quiet word by top management—on how it wants things—suffices. During the 2008 financial crisis, the weaknesses of corporate good governance in the financial sector in the “developed” world were seriously exposed. And there appeared a systemic failure of its own: managements and boards (and their auditors!) not understanding their own business model and financial products is hard to explain to anyone’s children. Blame could also be attributed to failing regulation. 2 Throughout his international career, Jules W. Muis has been involved in the development and implementation of a broad range of accounting, auditing and governance regulations across both the public and private sectors. Muis, a Dutch national with dual American citizenship, began his career with Philips Electronics and Time Life. In the 1970s he served as Secretary-General of Union Eur-Audit based in Brussels. He became partner at Ernst & Young and its predecessor firms, where he had leadership roles in client- and practice- management in the Netherlands and across Europe; lastly as Executive Partner of Ernst&Young Europe. Muis was President of the Dutch Institute of Registered Accountants, and upon leaving the audit profession, in 1995, became Vice President and Controller at the World Bank and, subsequently, Director General and Chief Internal Auditor of the European Commission. Since formally retiring in 2004, Muis has continued to serve in accounting&auditing leadership roles, inter alia as Chair of the Audit Committee of the International Baccalaureate Organization (IBO), member of the Board of Auditors of the European Stability Mechanism (ESM), and as a member of the Audit Committee of the International Criminal Court (ICC) in The Hague, Netherlands. In the run up to the financial crisis of 2008, Muis issued strong warnings to the audit profession about things to come, i.e. an inevitable crisis notably rooted in warped governance, denial, professional blindness, and systemic financial architectural flaws then persisting. Jules Muis presently serves as Board member of ACT, an educational not-for-profit and, at the recommendation of the World Bank, on the Public Interest Oversight Board (PIOB), overseeing the public interest responsiveness of audit standard setting for the global audit profession. 3 ISSUE 40 Private Sector Opinion The corporate landscape since has shown no such sector-specific systemic collective failure—thanks to, on the one hand, additional corporate and regulatory governance reforms and more conservative macro- and micro-risk management policies and tighter macrofinancial oversight and regulation, which reduces financial-market risk profiles. On the other hand, the 2008 crisis created ever larger financial institutions, hand in hand with the introduction of exotic monetary policies, using the printing press, boosting liquidity, and conveniently keeping financial high-risk entities out of the wind—creating in the process new systemic risk of its own. How this will pan out, in balance, only the future can tell. Further, the post-2008 banking crisis, LIBOR, and the auto-industry “diesel” scandal— next to too many other corporate scandals of all stripes that continue to pop up like bad pennies every year—prevent us from declaring victory in the foreseeable future, if ever. We briefly explore what lies beyond a box-ticking good corporate governance code exercise—and focus on the question: How can companies with state-of-the-art governance codes, despite all of the reforms, nevertheless go astray? Corporate Governance: Its Sandwich Position In the overarching financial-architecture scheme of things, corporate good governance is sandwiched between two forces. One, which is basically beyond a company’s control, is quality regulatory and macro-oversight. And we now know what can happen if this is too weak: witness the 2008 financial crisis. This paper does not address these weaknesses but points out that the good-governance community would be well served by including them in future discussions—and examining more closely what more it could do to minimize the concomitant external risks they pose to even well-intentioned, well-run, organizations. The other force is the corporate internal controls, in the underbelly of any organization. Corporate internal controls are predicated on checks and balances, subject to the corporate oversight mechanisms addressed by corporate governance codes. But these codes hardly ever drill very deep: boards do not and should not want to micromanage corporations. The annual blessing of the external auditor—limited to the fairness of the financial statements as a whole, and accordingly, implicitly also the proper workings of good governance as designed—is to give added comfort to boards, shareholders, and other stakeholders. Yet this system all too often also breaks down, surprisingly. We focus on the weakness in assumptions underlying generally accepted good governance designs, coined here as the “orphans” in corporate governance design and debate. 4 ISSUE 40 Private Sector Opinion The Orphans First, we identify the main orphans in governance code design and statutes, underlying thinking, assumptions, and workings. And we focus in particular on the question, Why can’t we get it right at the entry level—in the machine room of corporations, a.k.a. internal corporate controls? Why do corporate operational checks and balances so often fail reasonable expectations? Surely, when corporate governance disaster strikes, something has also gone terribly wrong on the captain’s deck, in corporate oversight by boards, audit committees, external auditors. But in particular when we speak about fraud and collusion at the top level—the corporate apple not being rotten to the core but from the core—most corporate scandals would not have been possible without management having the ability to override extant garden- variety internal controls. In corporate scandals, as in macro-oversight/regulatory failures, it will be safer to assume that all players in the governance architecture are part of the problem as well as part of the solution. Much corporate governance reform attention has been given to failed managements and boards and the organizing principle at oversight level. Some have established direct links from board to dedicated corporate reality checkers, such as beefing up the internal audit function. Yet most of the ongoing failures would not have been possible if the corporate internal controls had worked properly. To better understand that, we have to go down into the corporate machine room. “Checks and Balances”—A Useful Misnomer Checks and balances is the core concept for organizations ready to meet quality corporate governance standards. But the much vaunted checks and balances are limited in what they (can) achieve in reality, while suggesting, by the standards’ own crisp terminology, much more. Eliminating perverse incentive systems and promoting ethics can do a lot in making checks and balances more effective. But there will always be a residual risk that things go wrong, seriously wrong. For the corporate governance community and oversight bodies to better understand that, it needs its own reality check. The traditional response to scandals has been to expand the checks and, less so, strengthen the balances. Much more of the same: incrementalism at work—for more than two decades. As if the law of diminishing returns does not apply to controls. The embedded illusion that more is better disturbingly keeps us from asking, How come it keeps failing, too often, at respected companies with household names? ISSUE 40 5 Private Sector Opinion When discussing checks and balances in corporate governance, we predicate our designs on the assumption that the good guys—designated corporate reality checkers—can hold the other guys, good and bad, in check and to account. A more realistic, cautious premise would be that everybody, each actor in the system of checks and balances, is or can be part of the problem and is part of the solution. Remember that every scoundrel found out today was yesterday’s trusted employee or CEO. Our control systems are based on trust, not distrust, not even healthy skepticism. That is good, cost effective, and efficient—for the trustworthy, that is. But ineffective, very dangerous, and potentially costly when faced with the less principled among us. And some of those are in the position of holding the key to corporate power, CEOs and CFOs. Following, are some of the core misconceptions that lead to a too optimistic expectation of what corporate good governance can do. Some of those can be tweaked to better control effectiveness; they’re good to know, dangerous not to know, but simply a fact of corporate life. 1. Corporations are not democracies. Hold onto that simple, if not simplistic thought. In the corporate world, at machine-room level, “checks and balances” or “division of duties” separating the management, custodial, and accounting (read: reality checkers) functions, are often seen as the equivalent of the trias politica, or separation of powers in democratic governance. They are not. Besides, relatively few countries, a tiny minority of the world actually, have accepted a democratic code—with a mixed record at best regarding the application of the rule of law. In the context of checks and balances, this puts corporations operating in rule-of-law deficit/challenged environments already one step behind those operating in a democratic environment, where corporate controls will have better traction. Enter corporate governance in a rule-of-law setting. Despite the extra protections embedded in a strong legal framework, the picture emerging certainly has not been a proud example to the rest of the world over the last two decades. The reality is that corporations are not democracies. They do, within limits, consider public interest, but they will inevitably put, often by statute, corporate interest first. Decisions are made top down with, barring the exceptions, little bottom-up input, if any. Hence the much vaunted checks and balances are not the same as the separation-of-powers concept as applied to governments, which better spreads/distributes power. And even governments, in the present world, often stop at a national-interest-first stage and may also be corrupted. Think tax havens. 6 ISSUE 40 Private Sector Opinion Whatever a company’s formal organization chart, it is its informal organization that tells us where and what the effective internal power structure is and how it is exercised. And of course that power rests with management first—amended as the case may be, in some European continental countries, by employee input at the board level. But that is just a detour, not a change of destination. See the sordid VW example (and many other car manufacturers) where short-term employee interests and shareholders interests trumped long-term reputational considerations. Employees in many corporations—also in democratic countries—work at the pleasure of the powers that be, that is, management. Designated corporate reality checkers, from CFOs/ controllers to the quality control or research departments, risk management departments, or legal department, are by definition accountable to and career dependent on executive powers. We understandably do not want an organization run by bookkeepers or lawyers. We rather consider the CEO as reality-checker-in-chief, whatever his or her persona and self-interest. By definition and for good corporate reasons, this lopsided internal power dynamic, cushioned by whatever “independence statute” or “whistleblower statute” corporations may adopt, is a hard reality. And it has its reasons. And it is there to stay. Because the business imperative has it that in the choice between an organizing principle of one dog wagging 100 tails or 100 tails wagging one dog, the former will serve the interest of the organization better than the latter. Given that reality—an inevitable, inherent tail-risk of abuse of power—the question is, Can we do better? 2. Control overrides have it. Under pressure, everything becomes fluid. The incentive is thin for challenged designated reality checkers within companies to make a public issue of their dissent from the views of the powers that be—unless there is no other way out. The incentive to share it with corporate oversight bodies, over the head or against the will of management, may be greater, yet the dissenter will be looking for another career after this one. And being tainted as unduly difficult and uncooperative is not a recommendation. Quietly disappearing through the side door or bending over backwards is, from a personal-interest perspective, often a better option. There is a family to be fed. ISSUE 40 7 Private Sector Opinion As a rule, control overrides leave few fingerprints. Much of the bending of the rules can be done through stealth pressures. Examples include salami techniques (small infractions of the rule, cumulatively adding up to a critical-mass violation), excessive use of “corporate speak” (coded language), or introducing syndicated responsibilities with no clear ultimate responsibility for anyone involved in key decision making, except at the very top. Another means is legalistic gymnastics, rationalization—emphasizing the legal department’s advocacy role rather than its objective compliance judgment. Thus when looking at corporate governance failures it becomes clear that whatever formal checks and balances are introduced, the informal organization—effective power as exercised—is a far more prevalent source, a force for good and evil in governance, than formal design can ever capture. In a corporate setting, “might makes right” takes preference over “right makes might.” It may take some, or a lot of, ruthlessness, but that is part of the corporate game—within limits, that is. Compliance officers may be able to tick their boxes on formal compliance with the rules, but invisible power-politics procedures bypassing those rules—control overrides—are more difficult to map. And definitely harder to report over the head of one’s boss. 3. Checks and balances. Checks and balances are crucial, inevitable. But we say little about the question of how they play out and in whose interest. The fact that corporations are autocracies does not mean there is or can be no fair play. But in the inevitable confrontation in the corporate machine room between “might makes right” and “right makes might,” history has it that the “righteous” can play a considerable role in making sure good governance, as a rule, works. But when power is exerted (it does not even have to be abused), the corporate reality checkers are the weaker party, by design and in reality. Why and When Governance Fails The 2008 financial crisis was the pits of governance and regulatory performance; the financial sector did not understand its own business model, not even its own products. We have not seen a similar breakdown since, but there have been too many others, some of an equally systemic signature, such as LIBOR and widespread tinkering with exhaust emission indexes. To understand that, we first need to understand the, by definition, weak foundations of corporate governance. 8 ISSUE 40 Private Sector Opinion Again, it cannot be said enough, corporations, institutions, are not democracies. They are for all practical purposes autocracies, vulnerable to invisible top-down overrides. Designated operational reality checkers—not only accountants, controllers, and CFOs, but also risk managers, research and quality control, and legal officers—hierarchically always play second fiddle. CEOs are the ultimate reality checkers, but too often they’re wrapped up in their own aspirations about how their corporate world should be presented. Boards can be a good countervailing oversight power, but even the best of them can only do so much. Boards cannot fry a chicken out of an omelet. The governance concept of checks and balances is sound, but it has to operate on a skewed playing field—a slippery slope, inclined to favor effective power at the expense of transparency reality checkers. Also, corporations operating in a flawed rule-of-law environment are even more mortgaged. In conflict situations, reality checkers will have to take into consideration not only corporate politics but also the broader legal and political environment. There are no silver bullets— only rubber bullets, to marginally improve on that score. What we need first of all is to recognize the people factor: bad people and good systems make for trouble, but good people and bad systems can still be made to work for the better. Hence having the right people is the most indispensable ingredient for a healthy governance structure to work the way it is designed. But we cannot regulate, legislate, or arm-twist good ethics and sound character. We can at best regulate specific behavior, aspire to recruit the sane and sound. But in any competitive, for-profit setting, there are a lot of distractions. What To Do About It: Some Low-Hanging Fruit Within the present constellation are a few remaining low hanging fruits that are cost effective and that can further strengthen the hand of corporate governance oversight— boards, audit committees, external auditors—without micromanagement, if only the will is there. 1. Streetwise versus process driven A streetwise board/audit committee will be a good beginning. A streetwise audit committee goes beyond meeting protocols, compliance, hearings, and PowerPoint presentations. It will selectively drill deep, seek to take the temperature at workplace level, look for the effective power structure, and get its clues from there. But that is just a beginning. Each board member should realize that audit committees are not a substitute for every director’s own responsibility to understand a corporation’s business model, dynamics, and inherent risks. In a, by definition, autocratic environment, those risks are and will remain always considerable, especially for champion companies with dominant CEOs. ISSUE 40 9 Private Sector Opinion 2. A broad-sweep assertion An annual signoff by all designated corporate reality checkers—not limited to CFOs and controllers but including designated reality-checking functions such as research, risk management, quality control, legal, and others—can do miracles, if accompanied by a broad-sweep bottom line that vouches that signatories are “not aware of any matters that might materially embarrass the organization in the future.” The same signoff should to be expected from the presumed reality-checker-in-chief, the CEO. This is to smoke out and hold to account those who keep their concerns too close to their chest for too long. Using this approach, probably 80 percent of scandals could have been avoided or limited at an earlier stage. 3. A reality check on organization charts The official corporate (formal) organization chart should be complemented with one that depicts the informal, effective power structure, with gap analyses, at audit committee level. 4. Separating key bean makers from bean counters CFOs wear two hats: money management and money counting. Audit committees, for financial control purposes, look primarily at the CFO, not the controller, as the financial reality-checker-in-chief. That should change. And the controller should be recognized as the first and last line of corporate reality-checking defense, as an independent player. The controller’s effective ranking in the corporation’s pecking order should be well understood. Often, the controller is placed too low in the organization. Also, a CEO’s unwillingness to sit with the controller for 15 minutes a week to discuss the main risk factors, as the controller sees it, is a danger to the corporation and to the CEO. The CFO, with a dual role as financial bean maker and bean counter, is too conflicted to play financial reality- checker-in-chief. 5. Internal audit: What comfort do we really get? A mature internal audit department is crucial by itself, but it says little about the comfort it adds at the corporate/board level, and may even give false comfort. Understanding the internal auditor’s real mandate and focus is crucial: Is it corporate controls as a whole? Or piecemeal audits, open-ended, leading to a piecemeal comfort only? The latter, piecemeal comfort only, is applicable to most organizations and does not add up/give cover to (management and board) responsibility/expression of an opinion on the adequacy of controls as a whole. This is a dangerous disconnect for board members unaware of the “best effort only” comfort they get from many internal auditors, rather than overall “in control” results comfort. 10 ISSUE 40 Private Sector Opinion 6. Matching expectations with commensurate rights Instilling a corporate culture includes introducing proper legal protections, through a bill of rights, that make clear at all corporate levels that all designated corporate reality checkers, including quality control, legal, research, risk management, are not only there for management but also of management. Designated corporate reality checkers are to have a special employee statute to enable and protect them and the corporate bodies they serve, including shareholders, by being expected/charged to meet their professional obligations first. 7. Use and misuse of expertise The truism—that it is possible to use and misuse expertise—is a frequently ignored no- brainer. But it is indispensable for monitoring and overseeing good corporate housekeeping. 8. Public interest versus private interest in an oligopolistic, unlimited for- profit setting Public accountants—commercially a most successful industry in the last two decades, working in the public interest in the context of an unlimited for-profit business-model setting—are the only game in corporate town to have escaped regulatory scrutiny of (and reform pressure on) their earnings model. From 1995 to 2008, the income of partners in the large firms tripled, while at the same time audit failures exploded exponentially. There is a task, also for the corporate governance community, to get to the bottom of whether this is correlation or causation, but certainly whether the status quo (traditional earnings model) still fits not only the public task but also corporate interests. 9. One firm worldwide versus one name worldwide? The disconnect between the “one firm worldwide” impression that large audit firms give in proposal situations, on the one hand, and the way member firms of large international networks distance themselves from one another in legal disputes, on the other hand, needs to be nailed better by regulators as well as the corporate governance community. Add to that the very different audit legal-liability regimes between countries worldwide, hence different “moral hazard” exposures. And add on top of that, side letters to engagement letters, called “general conditions,” clarifying the mutual understanding between auditor and auditee as to the auditor’s (often reduced) scope of responsibilities and professional and legal accountability. In particular in the EU, “general conditions” side letters often escape scrutiny by boards and audit committees. ISSUE 40 11 Private Sector Opinion It is imperative that the corporate governance world gain better clarity about what extra comfort a company really gets by using firms working under one worldwide name. Behind every audit failure stands a dysfunctional CFO. But behind every corporate scandal stands also an external auditor who should be held to account if there is too much of a disconnect between promises made during proposal situations and, in more difficult times, when a new shoe drops. In Closing For the sake of argument, these recommendations are predicated on the vulnerable assumption that corporate boards, unlike all other players in the micro- and macrofinancial architecture, are composed of people of good will, well intentioned, aware of their responsibilities. It ignores the fact that boards themselves, and their members, are not only part of the solution but can also be a major part of the problem. Which means that the ongoing risk profile of corporate governance as pictured here is understated rather than overstated. Therefore, we stop just short of the recommendation that board members had better put their assets in the name of their domestic partners. The preconditions for the duties of boards to work as designed remain a most vulnerable proposition, even under the best of circumstances. 12 ISSUE 40 Private Sector Opinion Systemic Risk and Governance By Peter Montagnon3 The global financial crisis prompted policymakers to take a close look at governance. While this was, at least in part, an effort by governments to shift the blame away from their own policy and regulatory failings, it is clear that weak governance played an important role in the build-up of systemic risk. Boards were too slow to challenge, and executives were too complacent about risk, as pressure mounted to deliver returns to shareholders and bonuses to their colleagues. Regulatory Response The result was far-reaching amendments to legislation, including the Dodd-Frank Act in the United States and the Capital-Requirements Directive IV, the Shareholder Rights Directive, and new narrative reporting requirements for companies in the EU as well as the elaboration of new international standards by the Financial Stability Board. As far as the financial sector is concerned, these included curbs on the ability of banks to pay bonuses (and the introduction of clawback arrangements on those that were paid), new disciplines on the governance of risk, and tighter requirements on directors. There were also new rules on debt, whereby creditors were expected to take a hit in any bailout (though without any corresponding increase in their control rights). Also, the regulations set some limits on the business model in banks, such as the Volcker Rule in the United States, which restricted banks from trading on their own account, and the ring-fencing constraints in the United Kingdom, whereby commercial and retail banking operations are to be separated from investment banking and trading. This in itself created additional governance problems because of the lack of a clear line of accountability of the board of the ring-fenced entity to the shareholders of the holding company, who ultimately provide the capital. In the broader governance sphere, the Shareholder Rights Directive sought to impose a greater emphasis on shareholder stewardship across the EU. Shareholder voting rights were strengthened, particularly with regard to remuneration. New requirements for say-on-pay were introduced. Institutional investors were required to disclose more about their voting policy, and there was an attempt to tighten up the operation of the proxy advisory agencies. Peter Montagnon is Associate Director of the Institute of Business Ethics. He also serves as a member of Board of the Hawkamah Institute, 3 Dubai and as a Visiting Professor in Corporate Governance at the Cass Business School. He is a member of the expert committee appointed by the shareholders of Sika AG in Switzerland to monitor conflicts of interest and related party issues connected with the hostile bid for that company by St Gobain. Previously he held senior governance-related positions at the Association of British Insurers and the Financial Reporting Council. As a journalist at the Financial Times for two decades his assignments included Head of the Lex Column, Asia Editor and Capital Markets Editor. He is a past chairman of the International Corporate Governance network and was a member of the European Corporate Governance Forum from 2006 to 2011. From 2013 to 2017 he was a member of the corporate governance advisory board of the Norges Bank Investment Management. ISSUE 40 13 Private Sector Opinion The United States also saw the introduction of say-on-pay and a fresh push for improved shareholder rights with regard to board elections. Meanwhile, Japan introduced both a governance code for companies and a stewardship code for investors, and stewardship codes were also introduced in other countries, including South Africa and Malaysia. The OECD also introduced a limited series of changes to its Corporate Governance Principles. Ten years on, it is not clear what benefits these changes have delivered. In some cases, such as the EU Shareholder Rights Directive, the legislation is still too new to evaluate. A particularly intractable problem appears to be the short-term nature of financial markets, with investors expecting quick returns that make it hard for companies to develop a sound long-term business strategy. Continuing concerns The long spell of easy money also means there are again worries about a credit bubble, this time in the car-loan sector rather than in mortgages, and as far as behavioral change is concerned, the scandal at Wells Fargo, where employees were caught creating fictional accounts to meet management targets, suggests continuing weakness in governance. It appears therefore that the governance reforms introduced since the financial crisis have not yet led to significant transformation. Meanwhile, a succession of scandals in the nonfinancial sector—including the emissions scandal at Volkswagen, the accounting and strategic debacles at Toshiba, the accounting scandal at BT’s Italian division—are evidence of continuing general problems. Two particular scandals in the U.K. retailing sector, the pensions crisis at the now bankrupt BHS and the labor standards issues at Sports Direct, prompted the government of Prime Minister Theresa May to propose wide-ranging changes to governance, including fresh curbs on remuneration and the representation of workers on boards. This has some global relevance because of the United Kingdom’s traditional leadership role in governance, for example through the development of governance codes and the concept of comply or explain. So what needs to be done? First, it is clear from developments since the financial crisis that governance issues are not just a banking matter. True, part of the objective of the governance reforms introduced in banking after the crisis was the mitigation of systemic risk. Such risks do not normally apply in the nonfinancial sector, though they could in key services such as power and telecommunications. Poor governance does constitute an existential risk for individual companies, while collapse or scandal at major corporations can have significant social, political, and economic ramifications. The failure of Tokyo Electric Power to respect a number of key governance standards was a critical contributor to the Fukushima 14 ISSUE 40 Private Sector Opinion disaster, while weak governance, including the absence of shareholder rights and the underrepresentation of independent directors, clearly played a role in the VW scandal. We could also cite the failure of controls that led to the bribery scandal at Rolls-Royce and failure of the BP board properly to address the risks associated with joint ventures in the run-up to the Macondo disaster. Systemic risk therefore should not be seen just in financial terms, but also as a social risk. And if a company destroys itself as a result of poor governance, then the risk might as well be systemic for its employees, shareholders, creditors, suppliers, customers, and other stakeholders. This question is becoming more acute with the risk of extremely powerful global corporations in the technology sector, where governance is very weak. Companies like Alphabet Inc. and Amazon have a global reach, and they face very limited competition. Facebook has been slow to respond to the suggestions that it was a vehicle for Russian interference in the U.S. presidential election and in the United Kingdom’s EU referendum. The technology sector also raises a new issue for governance: that the operation of some companies has become so complicated that boards are no longer easily able to understand or direct what is happening. Knowledge, power, and understanding reside at the coalface of such companies, while boards can easily become more and more outsider bodies, even though they still bear a lot of formal responsibility. We need a broader view of governance and a new approach. A New Approach It is now a quarter of a century since the report by Adrian Cadbury (itself in the wake of scandals including the plundering of the Mirror Group pension scheme by the company’s fraudulent owner Robert Maxwell). Cadbury introduced the concept of comply-or-explain on which the U.K. Corporate Governance Code and other codes around the world are based. That in turn led to valuable reforms, including widespread acceptance of the need to separate the roles of chairman and chief executive, the allocation of an important role to independent non-executives, the creation of audit committees, and best-practice approaches to remuneration and succession planning. The common feature of these reforms, however, is that they are all procedural. They describe how boards should organize themselves to be best placed to make good strategic decisions, oversee risk, and have clear lines of accountability to those that provide the company’s capital. They are not very helpful in equipping boards to address issues of substance. Behavior issues One reason for this may be an aversion to micromanagement. There is an inevitable tension between boards of directors and executives. The latter resent attempts by the board to muscle in on the day-to-day management of the company. Hence the convention that, ISSUE 40 15 Private Sector Opinion while boards are supposed to challenge and ensure due process, it is the role of the executive to devise and implement strategy. However, this can lead boards to ignore two important issues of substance: the need to define and shape appropriate behavior throughout the company and the impact of the company on society from which its franchise or social license to operate is derived. These two issues come together in the need for the company to develop and embed values that will determine the way it does business—from the business model to its approach to employees, customers, and suppliers. It is hard to think of a corporate scandal in which individual bad behavior did not play a part. Sometimes this is put down to a rogue element whose personal values were out of keeping with those of the organization as a whole. More often, however, it is the organization’s own values that are at fault. Boards are unaware of this, or directors know there is a problem but choose to ignore it. Group dynamics are at play here. When working with others under pressure, individuals do not necessarily follow their own personal value systems. They behave as the group does, and the group responds to the pressures that are put on it. This is well illustrated by the situation at Volkswagen, where a powerful chief executive, who was not properly accountable to his board and broader stakeholder base, wanted to lead the world’s biggest automaker. To do so required an increase in U.S. market share, which turned out to be impossible to achieve without the development of diesel cars that were both incredibly clean and incredibly economical. One possible explanation is that, faced with this conundrum and worried about what would happen if they failed, the engineers did what many groups would do in the circumstances: they cheated. The issue for Volkswagen—and for other companies in a similar position—in the aftermath is not only to find out what happened but also why. Too often companies facing a scandal stop at the question: what? They do not like to address the question why, because the leadership is afraid that the answer will show up its own weaknesses. Yet the question is vital if the problems that gave rise to the scandal are to be fixed. The easy route out is to find someone to blame and scapegoat, and to tighten the rules so the trick cannot easily be repeated. That this issue was not addressed in the response to the financial crisis is suggested by a remark from a U.K. clearing-bank executive who suggested that the problem in retail banking was solved because bankers, by regulation, have to check whether a product is suitable to the customer. It did not occur to him that executives should want to deliver products that serve the customer well. One problem in dealing with the financial crisis was the widespread recourse by regulators to fining institutions. This hit shareholders, who had already suffered from major losses, with an additional penalty, but it did nothing to introduce a real element of personal accountability in the executive class that had presided over the scandal. 16 ISSUE 40 Private Sector Opinion Boards have to go further. They have to address and answer the question: Why did people behave inappropriately? Better still they should have been thinking at the outset of the behaviors they require, of what is acceptable and what is not, and embedding these expectations throughout the workforce. This is done through example, or tone from the top, through the development and promulgation of codes of behavior for all employees, and through trusted speak-up or whistleblowing arrangements, which boards should monitor. This imperative applies strongly in companies where innovation is happening at a rapid pace and where the operation has become so technical and complex that boards cannot easily direct it. Companies need to ensure, for example, that highly skilled software programmers are aware of the behavior that is expected of them, of the values that should drive that behavior, and the broader consequences of their inability to understand the social impact of their innovation. Facebook is a brilliant concept, but it is unlikely that its founders ever considered the global security risk it might one day pose. Boards need to work at building social awareness at every level. Some Silicon Valley companies have made a point of employing philosophers to help bring a more thoughtful and ethical dimension to their work.4 Social impact The question of social impact is just as important as the development of appropriate behavior within the company. Companies will never have a long-term future if they are at odds with the society from which they derive their franchise. One of the reasons the banks got into so much trouble was that their business models tended to center on the idea of extracting value from their customers rather than delivering value to them. Now they are paying a heavy price in extra regulation. Similarly, U.K. business has found it difficult to engage in the policy debate surrounding Brexit. That the public does not care to listen to them almost certainly has something to do with voter repugnance toward their executive remuneration policies. Boards have to be sensitive to these issues and steer executives away from strategies that will bring the company into conflict with society even when they also deliver short-term commercial success. Values Values are at the heart of all this. Some are commercial, such as innovation and entrepreneurialism. Yet the ethical ones—respect, honesty, reliability, and a determination to deliver value—are also fundamental to the organization’s future. To see why, consider the opposite. Few people would ascribe much future to a company known for its lack of respect for stakeholders, dishonesty, unreliability, and lack of concern about delivering See, Coren, Michael J., “Silicon Valley executives are hiring philosophers to teach them to question everything.” Quartz (website) April 18, 4 2017. Also, Ha, Anthony, “Google’s in-house philosopher: Technologies need a ‘moral operating system.’” VB (website) May 14, 2011. ISSUE 40 17 Private Sector Opinion value. Few indeed would probably want to work for it. Values are important, and boards must define what they want. The business model flows from this definition of values, as do all the company’s relationships. Boards must also assure themselves that what they have is what they want. This means moving away from the merely procedural. Boards must start being more outward-looking. It involves a change of mindset and an adaptation of the traditional agenda. Boards cannot measure culture, but they do need to consider indicators that point to whether the culture is good or bad. These might include customer complaints, employee attitudes expressed in staff surveys, the health and safety record (including near misses), regulatory breaches by senior executives, attitudes in the supply chain, and the prevalence of related-party transactions. A company whose employees, customers, and suppliers are happy has a future. One where this is not the case does not. These issues are now the natural territory of risk and reputation committees. Integrated Reporting An important contribution to this debate has come through the development of integrated reporting, which is now mandatory for companies in South Africa and increasingly adopted around the world. 5 The key concept here is connectivity. Companies draw not only on their financial capital but also on other forms of capital, such as human resources and the environment. They have an impact on these capitals and they need to recognize that they cannot simply consume them as if this did not matter. In their reporting they need to explain not just how they use their financial capital but also how they use these other resources. One of the important aims of integrated reporting is to ensure that businesses take a long-term approach to strategic decisions. Ownership and governance Having established the relevance of culture, behavior, and social impact to the governance agenda, it is time to consider how these might be addressed by companies with different types of ownership. Traditional governance, as exemplified by the Cadbury Code, was designed to work in a market where dispersed ownership was prevalent. Shareholders were given the role of arbiter through the comply-or-explain approach and the ability to dismiss boards whose explanations for noncompliance turned out to be unacceptable. This approach does not work easily in companies where there are controlling shareholders, including sometimes the state, or where the company is unlisted and privately held. Governance experts increasingly note that the dispersed ownership model, common in the United States and the United Kingdom, is less common internationally. Global governance needs to adapt to this reality. An obvious answer in situations where shareholders are not For more details, see https://integratedreporting.org. 5 18 ISSUE 40 Private Sector Opinion available to hold companies to account is to resort to regulation. Yet regulation and the law cannot require people to behave properly, because there can be no reliable definition of compliance or noncompliance for which people could be prosecuted. Disclosure The U.K. Companies Act 2006 has fudged this issue. Its Section 172 (duty to promote the success of the company) enjoins directors to have regard for stakeholder issues, ethics, and the long-term consequences of their decisions, but has been widely ignored by boards and not enforced. 6 Yet in drawing attention to this aspect of directors’ duties, it has created a good starting point for discussion about the new governance approach. It has laid out a list of issues about which boards, including those of companies above a certain size that are privately held, could be expected to disclose publicly. This has not happened yet, but it seems likely to be introduced in the wake of the U.K. government’s recent green paper on corporate governance reform. Requiring disclosure not only informs the public, but it also draws attention of boards and directors to what is expected of them. A carefully crafted requirement for chairmen to disclose how they have organized their boards to take account of the issues raised in Section 172 should be a driver of good behavior, partly because the chairman could be sued for making false statements. Also, while legislation such as Section 172 is hard to enforce, manifest failure by boards to take account of it, for example by flagrant and persistent abuse of employees or by systematic tolerance of bribery, could lead to severe penalties, including the disqualification of directors or even, in really extreme cases, the withdrawal of the privilege of limited liability. Conclusion This approach could be applied regardless of the ownership structure. Ultimately, however, it is up to governments and regulators to foster a climate where boards want to deliver the new style of governance because they recognize that this will be good for their company. This may sound far-fetched, but it is worth remembering that the Cadbury Code succeeded not so much because shareholders were willing to apply the sanction if dismissing the board—indeed most explanations for noncompliance have always been readily accepted— but more because companies ultimately concluded that the procedures and processes set out in the code were a simple matter of good common sense. With a bit of gentle persuasion, directors might be persuaded that the same is true of the new challenges surrounding values, behavior, and social impact. The relevant portion reads as follows: A director of a company must act in the way he considers, in good faith, would be most likely to 6 promote the success of the company for the benefit of its members as a whole, and in doing so have regard (amongst other matters) to—(a) the likely consequences of any decision in the long term, (b) the interests of the company’s employees, (c) the need to foster the company’s business relationships with suppliers, customers and others, (d) the impact of the company’s operations on the community and the environment, (e) the desirability of the company maintaining a reputation for high standards of business conduct, and (f) the need to act fairly as between members of the company. ISSUE 40 19 Private Sector Opinion Three Vital Elements: Board Access, Whistleblowing, and Attestation By Denis Duverne7 The global crisis in 2008 and the long history of corporate scandals—ranging from Enron and WorldCom in the United States, Pescanova in Spain, Satyam in India, to most recently Tesco in the United Kingdom—are reminders of the ongoing importance of corporate governance. Arguably, all the major corporate scandals have been precipitated by a failure of corporate governance in one form or another. The four pillars of corporate governance are widely acknowledged: • Transparency —Ensuring timely, accurate disclosure of all material information, including the financial situation, performance, ownership, and corporate governance (including potential conflicts of interest) • Accountability —Ensuring that management is accountable to the board and that the board is accountable to shareholders • Fairness —Treating all shareholders, including minorities, equitably • Responsibility —Recognizing shareholder rights However, in addition to the four pillars, sound corporate governance should incorporate the following three elements: • Independent access to the board of directors by internal audit, legal, compliance, and risk management • Whistleblowing • Formal attestation by the senior executives of the company Mr. Denis Duverne is a graduate of the École des Hautes Études Commerciales (HEC). After graduating from the École Nationale 7 d’Administration (ENA), he started his career in 1979 at the Tax Department of the French Ministry of Finance, and after 2 years as commercial counsellor for the French Consulate General in New York, he became director of the Corporate Taxes Department and then responsible for tax policy within the French Ministry of Finance from 1986 to 1991. In 1991, he was appointed Corporate Secretary of Compagnie Financière IBI. In 1992, he became a member of the Executive Committee of Banque Colbert, in charge of operations. In 1995, Mr. Denis Duverne joined the AXA Group and assumed responsibility for supervision of AXA’s operations in the US and the UK and managed the reorganization of AXA companies in Belgium and the United Kingdom. From February 2003 until December 2009, Mr. Duverne was the Management Board member in charge of Finance, Control and Strategy. From January 2010 until April 2010, Mr. Duverne assumed broader responsibilities as Management Board member in charge of Finance, Strategy and Operations. From April 2010 to August 31, 2016, Mr. Denis Duverne was director and Deputy Chief Executive Officer of AXA, in charge of Finance, Strategy and Operations. Mid- 2014, Mr. Denis Duverne became a member of the Private Sector Advisory Group (PSAG), which brings together international leaders of the private sector whose shared goal is to help developing countries improve their corporate governance, co-founded in 1999 by the World Bank and the Organisation for Economic Co-operation and Development (OECD). Since September 1, 2016, Mr. Denis Duverne has been non-executive Chairman of the Board of Directors of AXA. 20 ISSUE 40 Private Sector Opinion Independent Access to the Board In most instances, the heads of internal audit, legal, compliance, and risk management (control functions) usually report to the chief executive officer, chief financial officer, or chief operating officer. This reporting line creates an inherent potential conflict of interest and could lead to the control functions being subservient to short-term business considerations. This inherent potential conflict of interest can be effectively mitigated by allowing the control functions to have direct access to the board of directors, with and without the presence of executive directors. The board is responsible for ensuring that the company has an effective ongoing process for complying with internal controls and regulations and for managing risk. The staff members in the control functions, who are charged with ensuring the adherence to regulations and the management of risk, should therefore be able to directly inform the board of directors of their ongoing assessment of the effectiveness of the company’s internal control and risk management practices. This is crucial in enabling the board to discharge its fiduciary duties to the shareholders. Access to the board should be both formal, through planned and regular meetings with relevant committees, such as the audit committee and risk management committee, and informal, through ad hoc meetings when required. The informal interactions can help build trust and a rapport between the control functions and the board. Being able to directly access the board and openly flag concerns is extremely important, especially when there are differences of views between the control functions and senior executives. This dialogue should happen in an environment of complete candor and trust, to ensure that the board receives a balanced view of the issues. Furthermore, direct access to the board sends a powerful signal on the importance of the control functions. It significantly enhances their stature and credibility, and it improves the way they are perceived within the organization. This change in perception is instrumental for ensuring the right tone at the top and increasing the cooperation between control functions and the business operations, thereby reducing the number of issues in the long run. It contributes to building a culture of transparency and compliance in the company. Whistleblowing According to the ACFE8, occupational frauds are much more likely to be detected through an employee tip than by audits, internal controls, or any other means. Whistleblower hotlines and drop boxes allow individuals to bypass the organizational hierarchy and report misconduct without fear of retaliation or of being identified, if they wish to remain anonymous. ACFE, 2008 Report to the Nation on Occupational Fraud and Abuse (Austin, Texas: Association of Certified Fraud Examiners, 2008). 8 ISSUE 40 21 Private Sector Opinion Whistleblowing is not limited to fraud but can be applied to flouting of company policies and regulations, illegal activities, abuse, waste, public health and safety issues, and dereliction of duty. It is a powerful tool that enables employees, partners, clients, and others to come forward and report any wrongdoing. The importance of whistleblowing was illustrated when the accounting irregularities at WorldCom in 2002 were exposed by Cynthia Cooper9, who at the time was vice president of internal audit. After conducting a thorough investigation in secret, she informed the audit committee of WorldCom’s board that the company had covered up $3.8 billion in losses. At the time, it was the largest incident of accounting fraud in U.S. history. The success of any whistleblowing program is dependent on the culture of the company. The board should ensure that organizational culture allows people to speak out without fear of recrimination, encourages them to report concerns, and protects those that come forward. Boards need to regularly evaluate the effectiveness of whistleblowing policies and procedures as part of their oversight of the system of internal control. In some jurisdictions such as the United States, legislation mandates that the audit committee create a whistleblower program for each public company. Some companies have designated the audit committee chair or an audit committee member as the individual who initially receives whistleblower reports. Other jurisdictions have progressively strengthened the level of whistleblowers’ protection from harassment, to encourage more people to come forward. Formal Attestation by Senior Executives While the board has ultimate responsibility for ensuring the overall compliance with the relevant laws, regulations, and internal controls, management has responsibility for establishing the operational processes and procedures to ensure a robust internal control environment and the right tone at the top. In the United States, the Sarbanes-Oxley Act requires the chief executive officer and chief financial officer to attest annually, under the threat of personal liability for any inaccuracies, that information contained in the financial statements fairly presents, in all material respects, the financial condition and results of operations of the issuer, and that there are no material weaknesses in internal controls. The principle of attestation as a means of establishing direct responsibility can be extended beyond financial statements to other domains, for example, compliance matters in financial institutions and environmental regulations in the industrial sectors. See “WorldCom Whistle-blower Cynthia Cooper” (CFO website, 2008): http://ww2.cfo.com/human-capital-careers/2008/02/worldcom- 9 whistle-blower-cynthia-cooper/. 22 ISSUE 40 Private Sector Opinion Attestation can be required for all the other senior executives in the company, covering areas that are under their domain. Since the senior executives rely on the heads of departments, who in turn rely on line managers, the requirement for attestation will cascade down through the entire organization. Regular (at least annual) attestation of compliance will ensure that senior business leaders take individual responsibility for compliance with laws, regulations, and internal controls. Making senior executives fully accountable for compliance helps set the right tone at the top and can act as a powerful catalyst for establishing a culture of risk awareness and compliance. It is a critical part of fostering alignment between the day-to-day operations of the company and compliance. A common excuse given by many senior executives is that they were not aware of what was happening in their departments. Requiring formal attestation from them provides a strong incentive to pay close attention to what is going on in their departments. Companies should institute a systematic process for mitigating any violations or internal control weaknesses identified during the attestation process. This can then form part of the ongoing assessment of internal controls and risks. Conclusion In an increasingly global and interconnected world, corporate governance has become ever more important. Indeed, the functioning of the global economy is dependent on companies being run efficiently and transparently. While there is no foolproof system, adding these three elements—independent access to the board, whistleblowing, and attestation—will go a long way toward improving corporate governance and, possibly, reducing the preponderance of corporate scandals. ISSUE 40 23 Private Sector Opinion Damage Control: What Should Be Done to Avoid Future Crises? By Fuad Hashimi10 What is the risk of future corporate governance failures causing systemic risk again? Systemic risk is the possibility that an event at the company level could trigger severe instability or collapse an entire industry or economy. —Investopedia At the company level, there are differences in many companies that raise money from the public, namely their size, their products and services, their history, and their leadership— and now becoming increasingly important, their values and culture. Hence adoption of corporate governance principles is not uniform: not every principle or part thereof will work for every company, and neither will every principle be applied in the same way by all companies. However, given the doctrine espoused by Milton Friedman, most companies have adopted the shareholder approach, with every company having the singular goal of maximizing profits and returning a portion of those profits to shareholders as a reward for the risk they took in investing in the company. It is no wonder then that management as well as boards continued to focus on earnings per share, and this has led to short-termism. Perhaps we should realize that the views expressed in Friedman’s world are no longer valid and cannot be upheld, that the doctrine is controversial, and that increasingly citizens are becoming impoverished while corporations continue to gain enormous wealth. Short-termism has to give way to long-termism, as it will permit space and time for the corporate behavior and corporate culture and values to develop, considering that a business cannot be conducted in isolation from the many stakeholders that are affected by it. 10 Fuad Azim Hashimi is a fellow of the Institute of Chartered Accountants in England and Wales and currently heads Pakistan Business Council’s Centre of Excellence in Responsible Business. Through leadership of the Pakistan Institute of Corporate Governance from 2007 till 2016, he played a key role to further corporate governance practices in Pakistan. He is a member of the Private Sector Advisory Group of International Finance Corporation, World Bank Group and of the United Nations ESACP Business Advisory Council and its Sustainable Business Network as well as a regular participant, moderator and speaker at OECD’s Asian Roundtable on Corporate Governance. His career over the past 53 years has provided him with a strong foundation in public accounting (he was a partner for 10 years in A. F. Ferguson & Co, a member firm of PricewaterhouseCoopers) as well as management of diversified business and commercial ventures, in Pakistan and abroad, ranging from banking, office automation and information technology to mutual funds. Hashimi’s other appointments include directorships on the Board of Directors of International Industries Limited (the premium producer of steel tubing, galvanized iron pipes and polyethylene pipes in Pakistan) and Faysal Bank Limited (an established retail and commercial bank in Pakistan having 400 branches) and being a member of the Public-Sector Committee of the Institute of Chartered Accountants of Pakistan. He has previously held directorships on the boards of Clariant Pakistan Limited (the Pakistan subsidiary of a global chemical company), Indus Valley School of Art and Architecture, National Refinery Limited (the largest refinery in Pakistan producing Lube Base Oils), Pakistan Cables Limited (the premier cable manufacturer and market leader in Pakistan now part of General Cables Group), and of Pakistan Security Printing Corporation of Pakistan (the state-owned enterprise that produces currency notes and security paper) and Burj Bank Limited, since merged with Al Baraka Bank (an Islamic Bank in which Islamic Development Bank held equity interest through its investment company ICD) where he was additionally the Chair of their Audit Committees. 24 ISSUE 40 Private Sector Opinion Corporate governance needs to be redefined, away from its current practice leading to shareholder wealth and toward the conduct of business in a responsible manner, creating sustainable value for stakeholders over the short, medium, and long term. This would bring into play important attributes of business conduct such as ethics, values, governance, social responsibility, and sustainable development. For Asian economies, where most corporations are single-majority-controlled by a family or a multinational or the state, moving away from the conformance culture would require a focus on the following key issues: • Implementing responsible business conduct, and • Preventing the abusive nature of related-party transactions. The lead toward responsible business conduct has already been taken by the recent launch of the King IV Report in South Africa, which contributes to integrated thinking at the board and management levels, and the move that is taking place to issue integrated reports in accordance with the guidance provided by International the Integrated Reporting Council, United Kingdom. For preventing the abusive nature of related-party transactions, some jurisdictions such as India have adopted the approach of obtaining approval by the shareholders in the general meeting, particularly where the transactions are recurrent and of an enduring nature, like loans and investments in subsidiaries and associates. Also, to prevent majority control from being exercised unjustly, a concept of approval by the “majority of the minority” has been introduced, which should be conducive to preventing the abusive nature of related-party transactions. As companies move toward creating sustainable value over the short, medium, and long term, the likelihood of individual events triggering a systemic risk will gradually diminish. Boards will be better positioned to identify early warning signals of issues and deal with them on a regular basis. More importantly, management will soon identify the tone at the top and drive the change in corporate behavior. ISSUE 40 25 Private Sector Opinion Gender Diversity on Boards By Fuad Hashimi11 Diversity of boards is critical to board effectiveness. Broadening the composition of the board helps expand perspectives at the top. While most boards recognize the importance of diversity in appointing directors of different ages and with different educational and geographical backgrounds and functional expertise, they tend to underestimate the benefits of gender diversity. There are several benefits to appointing more women on boards. Research is available correlating the increased presence of women on boards to a greater return on sales and a higher return on equity than the rest. Experts also believe that companies with women directors deal more effectively with risk, in that not only do they better address the concerns of customers, employees, shareholders, and the local community, but also they tend to focus on long-term priorities. Women directors are likely to be more in tune with women’s needs as a consumer body than men are, which helps develop successful products and services. Research by Catalyst, a not-for-profit organization that seeks to expand opportunities for women, shows a strong link between the presence of women on boards and sound corporate reputations. Female directors serve as role models and therefore improve female employees’ performance and boost companies’ images. Several rating agencies, as well as investment funds such as CalPERS and Pax World Funds, use the extent of gender diversity as one of their investment criteria. Good corporate decision making requires the ability to hear and consider different points of view that come from people who have different backgrounds, experiences, and perspectives. Companies that have women directors, either executive or non-executive, lead by example. They send a clear message that they value diversity of thought and experience. Advancing women to positions of leadership is increasingly considered smart business for the following reasons: • Diversity of thought: Women on boards bring different perspectives to the difficult issues facing today’s corporations. It is widely believed that diversity of thought results in better decision making. • Stakeholder representation: The makeup of a corporate board of directors should be representative of the company it governs, including its shareholders, employees, and customers. See footnote 10. 11 26 ISSUE 40 Private Sector Opinion • Competitive advantage: A diverse board is better positioned to thrive in today’s global economy, where the pace of change is accelerating and rapidly changing economic realities require nimble, strategic, and well-informed directors. • Availability of essential skills: Senior women executives offer the skills and experience that most boards need, including industry knowledge, operational experience, and functional expertise. There is a huge, untapped pool of talent. For any or all of these reasons, having a gender-diverse board is good for business at all levels. ISSUE 40 27 Private Sector Opinion Focusing on Two Areas of Corporate Governance—To Begin With By Marcos E. J. Bertin12 Taking a broad-brush approach to our discussion of corporate governance, we should identify two areas to start with: improving the board of directors and strengthening the “police” side of regulation. Improvement of the Board of Directors Fortunately, there are already many global and national organizations working to improve and increase the application of best practices of corporate governance. For example: • Directors associations, such as IOD (United Kingdom), NACD (United States), IBGC (Brazil), and Hawkamah (Middle East and North Africa); • Corporate governance institutes in universities, such as the Columbia Millstein Center’s (United States), St. Gallen (Switzerland), and Nankai (China); and • Global organizations, such as OECD, IOSCO, COSO, ICGN, and Business Roundtable. In these many organizations is a huge amount of information that could feed a very valuable global corporate governance knowledge center. Therefore a good question is this: How do we profit from this huge number of success cases with business leaders working worldwide for better corporate governance? Company culture Company cultural is the key to improvement in corporate governance and performance. IFC has made outstanding contributions to corporate governance knowledge worldwide. One of the most effective vehicles is the Latin American Companies Circle, established as a result of a recommendation of the Latin American Corporate Governance Roundtable. Marcos Bertin is currently director of BQCgroup , mentor of the Community Quality in Governance of FUNDECE and chairman of the 12 Quality in Governance Think Tank of the International Academy for Quality. He had 40 years’ experience in executive and board positions in the Gillette Co. and Firmenich S.A. in Buenos Aires, Boston and Geneva (1956-96). He was an invited speaker on total quality management and corporate governance in many international conferences in the United States, South America, Canada, Europe and Asia He is founding and honorary member of the IGEP, Instituto para la Governanza Empresarial y Publica (2012); co-chairman of the Global Cooperation Committee of the ASQ (2003-2007); member of the advisory group of the Hamdan Bin Mohammed Smart University , Dubai UAE (2004- 11) conducted seminars on Governance in Family Companies in Dubai and Abu Dhabi. He was President of the Swiss-Argentine Chamber of Commerce (1996-2000); founder, president and honorary member of FUNDECE ( Business Foundation for Quality and Excellence) (1987 to date) . As Fellow member of the American Society for Quality, in 2008 received the Distinguished Service Medal. He was president and chairman ( 1996-2004) and now honorary member of the International Academy for Quality. Bertin was coauthor with James Harrington of Corporate Governance for Small and Mid-Size Organizations (Paton Professional, 2010), and coeditor with Gregory Watson of Corporate Governance Quality at the Top. (International Academy for Quality, 2007 28 ISSUE 40 Private Sector Opinion Business leaders (board members and top managers) are mainly interested in hearing about their peers’ experiences, and governance is not an exception. This is why it is very important to support the flow of information about successful cases and to encourage discussions among business leaders on why and how corporate governance is good for the business, short and long term. We need more companies groups working à la the Latin American Companies Circle! In addition to improving knowledge, such groups foster a very effective commitment between peers for compliance and management control and guidance. Company ownership clear and transparent Company owners and boards are responsible for aligning the interests of all stakeholders necessary to generate the motivation, teamwork, and other factors needed for sustainable and healthy growth. In some cases it is difficult to identify the owners of a company. It is not clear who is responsible to the community, the shareholders, personnel, suppliers, and other stakeholders. This is a source of possible illegal actions that can be very dangerous to the global economy. This brings us to the need to strengthen regulation. The “Police” Side of the National Securities and Exchange Commissions Many noteworthy improvements ensue from the use of new technologies to obtain information on illegal activities—particularly when those activities become public and result in penalty fees. An example is the significant reduction of money laundering and the elimination of tax havens in Panama and Switzerland, among others, following the recommendations of the OECD. Just as traffic lights, photos, and fines improve traffic flow and reduce accidents and crime, a strengthened “police” side of national SECs can provide incentives to improve corporate governance. National SECs should be more professional, stronger on prevention, and inflexible on fraud and other similar offenses—preferably with global coordination. In Conclusion We already have in place a good foundation and a large selection of tools for working with companies to strengthen corporate governance. To work effectively on the areas we decide to select, we will need to include specialists with experience and who are familiar with the global organizations already working. For the SEC work, IOSCO is a good example. ISSUE 40 29 Private Sector Opinion © Copyright 2018. All rights reserved. International Finance Corporation 2121 Pennsylvania Avenue, NW, Washington, DC 20433 The findings, interpretations and conclusions expressed in this publication should not be attributed in any manner to the International Finance Corporation, to its affiliated organizations, or to members of its board of Executive Directors or the countries they represent. The International Finance Corporation does not guarantee the accuracy of the data included in this publication and accepts no responsibility for any consequence of their use. The material in this work is protected by copyright. Copying and/or transmitting portions or all of this work may be a violation of applicable law. The International Finance Corporation encourages dissemination of its work and hereby grants permission to users of this work to copy portions for their personal, noncommercial use, without any right to resell, redistribute or create derivative works there from. Any other copying or use of this work requires the express written permission of the International Finance Corporation. All queries on rights and licenses including WITH THE SUPPORT OF subsidiary rights should be addressed to: International Finance Corporation 2121 Pennsylvania Avenue, N.W. Washington, D.C. 20433 www.ifc.org/corporategovernance 2121 Pennsylvania Avenue, NW Telephone: +1 (202) 458 8097 www.ifc.org/corporategovernance Washington, DC 20433 U.S.A.