Board Committees Board Committees The The need for

Board Committees

Board Committees � The � The need for board committees audit committee remuneration committee nominations committee risk committee

The need for board committees A board committee is a committee set up by the board, and consisting of selected directors, which is given responsibility for monitoring a particular aspect of the company’s affairs for which the board has reserved the power of decisionmaking. A committee is not given decision-making powers. Its role is to monitor an aspect of the company’s affairs, and: � report back to the board, and � make recommendations to the board.

Shareholders Board of Directors Corporate Secretary Reporting & Disclosure Governance System and Controls Key Areas of Responsibility Board Meetings Board Operations Chairman • Achievement of strategic objectives and value creation • Fulfil responsibilities and duties in law and prescribed functions Strategy Corporate Policies & Procedures Board Governance Instruments Monitoring and Evaluation Board Committees Audit Committee CEO & Management Remuneration Committee Combined Assurance Model Internal Audit Information and Communication Board Committees External Audit Other Committees Executive Committee Other Assurance Providers Internal Controls & Assurance Management

The need for Board Committees � The full board of directors should make a decision based on the committee’s recommendations. �A board committee will meet with sufficient frequency to enable it to carry out its responsibilities. It is important to remember, however, that a board committee is not a substitute for executive management and a board committee does not have executive powers.

The main board committees � Within a system of corporate governance, a company might have at least three or possibly four major committees. These are: a remuneration committee, whose responsibility is to consider and negotiate the remuneration of executive directors and senior managers � an audit committee, whose responsibility is to monitor financial reporting and auditing within the company � a nominations committee, whose responsibility is to identify and recommend individuals for appointment to the board of directors � a risk management committee, where the responsibility for the review of risk management has not been delegated to the audit committee. �

The reasons for having board committees There are two main reasons for having board committees. � � The board can use a committee to delegate timeconsuming and detailed work to some of the board members. Committees can help the board to use its resources and the time of its members more efficiently. The board can delegate to a committee aspects of its work where there is an actual or a possible conflict of interests between executive directors (management) and the interests of the company and its shareholders. However, to avoid a conflict of interests, board committees should consist wholly or largely of independent directors. This means independent non-executive directors.

Need for Audit Committee The collapse of US corporation Enron has already been mentioned. However, it is also interesting for the attitude of the board to the financial reporting methods that were used. � � � In October 2000, about one year before the company collapsed, the finance committee of the board was informed that the company had about $60 billion of assets, of which nearly one half were held in ‘unconsolidated affiliates’ – in other words, ‘off balance sheet’. The board was informed in 2000 that one of these affiliates, LJM, had made $2 million profits in just six months. This was a huge amount of money, even for a company the size of Enron. The board apparently did not question the figure. It could therefore be argued that the directors of Enron failed to fulfil their responsibility for ensuring the reliability of the financial statements.

The need for an audit committee Many directors on company boards have only limited understanding of accounting and financial reporting, but the board is nevertheless responsible for the reliability of the financial statements. In the past, the board has relied on the advice and assurances that it receives from: � � executive management, and in particular the CEO and finance director, and the external auditors. History of corporate governance has shown that when a corporate scandal occurs: � misleading financial statements have been used to disguise the wrongdoing and misdemeanours � senior executives (the CEO and/or finance director) are to blame for the misleading accounts, and the company’s auditors failed to spot the problem: − possibly because they were misled by the company’s executives, or − possibly because the quality of the audit was not as good as it should have been, or − possibly because the auditors were willing to accept assurances from executive management when they should perhaps have asked more questions.

Independence of the external auditors � A critical aspect of good corporate governance is the need for the board to ensure that the external auditors carry out their audit work properly, so that the board of directors is able to rely on the conclusions and recommendations they provide at the end of the audit. There at least two ways in which the independence of the auditors might be at risk: � � Familiarity of the audit firm or audit partner with the company. When the same audit partner is responsible for the audit of a particular client company every year for a long period of time, he or she is likely to become very familiar with the company and its management. Non-audit work and a reliance of the audit firm on the company for a large amount of fee income. An audit firm receives an audit fee each year. In addition, it is common for the audit firm to obtain a substantial amount of fee income from non-audit work, such as providing tax advice and advice on information systems, and carrying out investigations for the company.

Independence of the external auditors The problem of familiarity of the auditors with an audit client can be reduced by either: � rotation of the audit firm, so that the same audit firm does not carry out the audit of any company for more than a maximum number of years, or � rotation of the audit partner, so that the same audit partner is not responsible for the audit of any company for more than a maximum number of years.

Role and functions of the audit committee The UK Combined Code states as a principle of governance that the board should establish formal arrangements for: � considering how they should apply the financial reporting and internal control principles, and � maintaining an appropriate relationship with the company’s auditors. It should do this by establishing an audit committee. The Code states that the role and responsibilities of the audit committee should include: � to monitor the integrity of the company’s financial statements and any other formal statements relating to the company’s financial performance � to review the company’s internal financial controls

Role and functions of the audit committee � � � to review the company’s internal control and risk management systems (unless this responsibility is given to a separate risk committee or retained by the full board itself) to monitor and review the effectiveness of the company’s internal audit function to make recommendations to the board about the appointment, re-appointment or removal of the audit firm as auditors of the company (for the board to make a recommendation to the shareholders) approve the remuneration and terms of engagement of the external auditors to review and monitor the independence and objectivity of the company’s external auditors

The Singapore Code of Corporate Governance contains similar guidelines about the role and responsibilities of the audit committee. However, in the following respects, it is more specific than the UK Code: � The audit committee should review ‘the scope and results of the audit and its cost-effectiveness’. � � When the auditors provide a large amount of non-audit services to the company, the audit committee should ‘keep the nature and extent of such services under review, seeking to balance the maintenance of objectivity and value for money’. The audit committee should also review annually the independence of the external auditors.

The nominations committee Appointments to the board as a corporate governance issue � When new appointments are made to the board of directors, it is obviously important that the individual selected should be someone with suitable skills and experience. � � The board as a whole should also consist of individuals who collectively have an appropriate breadth of skills and experience to bring to the discussions and decisionmaking of the board. To ensure that there is a suitable balance of power on the board, the system for nominating and selecting new directors should not put the choice into the hands of one individual or a small group of individuals.

The nomination committee executive directors should have a voice in new appointments to the board. � However, � When the appointment of a new executive director is considered, the executive directors are probably in a better position than NEDs to assess the qualities of internal and external candidates for the position. � The executive directors should be aware of the skills and experience that they lack, and so can offer suggestions about the type of non-executive that they would like to add to the board.

The nomination committee Succession planning � In addition to selecting new directors for the board, the process of nomination also involves succession planning. � Succession planning means planning in advance for the eventual replacement of key members of the board when they eventually retire (or in the event that they are dismissed). Succession planning applies in particular to: � the board chairman � the CEO, and � possibly, the finance director.

The need for a nominations committee There are two main reasons for having a nominations committee: � When a vacancy on the board has to be filled, or when succession planning is considered, the process of identifying and evaluating suitable candidates takes time. The board should delegate the task to a committee to save time and resources. The committee should then make recommendations to the board, so that the full board takes the final decision about any appointment. � The appointment of directors to the board, and the succession for top positions on the board, should be a carefully organised process. The UK Combined Code states that ‘there should be a formal, rigorous and transparent procedure for the appointment of new directors to the board’. Such a formal procedure can be established by setting up a nominations committee. Transparency can be achieved by requiring the nominations committee to present an annual report on its activities to the shareholders.

Main duties of a nominations committee � The UK Combined Code states that the nominations committee should ‘lead the process for board appointments and make recommendations to the board’. The board should decide what the exact duties of the nominations committee should be. The Higgs Guidance suggests that the committee’s duties should include the following. � To identify candidates to fill vacancies on the board, when these arise. � To select a preferred candidate for nomination, and recommend this individual to the board for appointment. � Before recommending any person for appointment to the board, the committee should evaluate the balance of skills, knowledge and experience of board members, and on the basis of this evaluation identify the skills, knowledge and experience that the new director should have. � To consider succession planning. � To review regularly the size and composition of the board, and make recommendations for change if this is considered appropriate. � The Singapore Code of Corporate Governance suggests that the nominations committee should be responsible for the annual performance review of the board and its individual directors.

Composition of the nominations committee � The UK Combined Code makes the following recommendations: � A majority of members of the nomination committee should be independent non-executive directors. A minority of members may therefore be executive directors. � The chairman of the committee should be either the board chairman or an independent nonexecutive director. However, the board chairman should not chair the nomination committee when it is dealing with the appointment of a successor to the chairmanship.

The nominations committee and appointment of a new chairman � � The UK Combined Code recognises that the appointment of a new chairman for the company requires particular care, to make sure that a suitable candidate is identified who will be able to give the company an appropriate amount of his (or her) time. For the appointment of a chairman, the nomination committee should prepare a job specification, including an assessment of the time commitment expected. A chairman’s other significant commitments should be disclosed to the board before appointment and these should be included in the annual report. Changes to these commitments should be reported to the board as they arise, and included in the next annual report. No individual should be appointed to a second chairmanship of a FTSE 100 company. (It is assumed that one individual would not have the time to perform the role of chairman in two such important companies. )

The risk committee Risk management as a corporate governance issue � The board of directors is responsible for the performance of their company, and is accountable to the shareholders. � Responsibility for financial performance is not simply a matter of trying to maximise profits. There is a need to manage the risks that the company faces. � Risks include: the business risks and strategic risks that the company faces in its operations, and also risks of errors, fraud, losses through mistakes and breakdowns, and other failings in systems and processes.

Responsibility of the board for risk management and risk control � � � The board of directors is responsible for safeguarding the assets of the company and protecting the value of the shareholders’ investment. The board has a duty to make sure that systems, procedures and checks are in place to prevent losses through errors, omissions, fraud and dishonesty. Control measures to prevent or detect such losses are internal controls. The board has the ultimate responsibility for the effectiveness of the internal control system. The board is responsible for protecting the company and its resources from the risks of adverse external events, such as damage to assets from fire or flooding, losses through theft, disruption caused by natural disasters or terrorist attacks, and so on.

Risk management as a task for management � Although the board has responsibility for risk management and internal control, management has the operational responsibility for planning and implementing risk management and control systems. Managing risk is a day-to-day requirement. Risk management and internal control should therefore be: � planned and implemented by management, and � monitored by the board, to ensure that effective systems of risk management and control are in place.

Cadbury Report: Risk Management � The Cadbury Committee, which produced the Cadbury Report on corporate governance in the UK in 1992, described risk management as ‘the process by which executive management, under board supervision, identifies the risk arising from business … and establishes the priorities for control and particular objectives. ’ The Cadbury Report also suggested that risk management should be: � systematic, and � embedded in the company’s procedures, rather than applied occasionally and by means of external review. The Cadbury Report recommended that there should be: � a sound system of financial control, and also � a broader system of risk management.

The role of the board and board committees on risk � Executive management is responsible for designing and implementing systems of internal control and risk management, and management should be accountable to the board of directors. The board in turn should be accountable to the shareholders. The UK Combined Code suggests what the responsibilities of the board should be within the overall system of risk management. The Code states that the board should maintain a sound system of internal control to safeguard shareholders’ investment and the company’s assets. In order to do this, the board should: � conduct a review, at least once a year, of the effectiveness of the company’s (or group’s) system of internal controls, and � report to the shareholders that they have carried out a review.

The role of the board and board committees on risk � � Responsibilities of the audit committee for financial controls The UK Combined Code also states that a responsibility of the audit committee should include the review of the company’s internal financial controls. The audit committee is in a good position to carry out a review of these controls, because of the discussions it has with the company’s external auditors and internal auditors. Board responsibilities for the internal control system and risk management However, the internal control system extends beyond financial controls. It includes not only financial controls, but also operational controls and compliance controls. In addition to internal control, there is also the system of risk management – how the company identifies, analyses and deals with business and strategic risks, environmental risks, and so on.

Review of internal control and risk management � � � Singapore Code of Corporate Governance. Its guidelines are similar to the provisions in the UK Code: The audit committee should review the adequacy of the company’s internal financial controls, operational and compliance controls, and also the risk management policies and systems that have been established by management (collectively, all internal controls). The audit committee should ensure that a review of the effectiveness of the internal controls is carried out at least annually. This review should be carried out by the company’s internal auditors, public accountants or a combination of internal auditors and public accountants. (If public accountants are used, and these are the company’s external auditors, the audit committee must be satisfied that the independence of the public accountants will not be compromised by any other relationship they have with the company. The board should include a comment on the adequacy of internal controls and the risk management system in its annual report and accounts.

Review of internal control and risk management The UK Combined Code states that there should be a board responsibility to review the company’s internal control and risk management systems. This responsibility for review should be carried out by: � the audit committee, or � the full board, or � a risk committee consisting entirely of independent non-executive directors. � The Combined Code does not suggest how the board, the audit committee and the risk committee (if there is one) should carry out their responsibilities for the review of internal controls and risk management.