The Financial Reporting Council (FRC) has released their long awaited consultation on the UK Corporate Governance Code. Unlike the wide-ranging review in 2018, this consultation is focused on the legislative and governance reforms the Government proposed within their response to the consultation ‘Restoring Trust in Audit and Corporate Governance’. Niall Savage and Maria Diver of the Audit Committee Institute explain the implications below.
The main proposed changes deal with the need for a more robust framework of prudent and effective risk management and internal controls. They are aimed at providing a stronger basis for reporting on, and evidencing the effectiveness of, the framework during the reporting period.
The revisions also reflect the wider responsibilities of the board and audit committee for expanded environmental, social and governance reporting as well as appropriate assurance where commissioned by the company, in accordance with a company’s Audit and Assurance Policy. The introduction of the Audit Committees and the External Audit: Minimum Standard has led to some proposed amendments to remove duplication, and to highlight the importance of audit tendering in the context of expanding audit market diversity. Other proposed changes address areas where the FRC believe reporting can be improved.
Section 1: Board leadership and company purpose
The key proposed revision in this section of the Code is a new Principle setting out an expectation that companies should focus on activities and outcomes when reporting on their governance activity, to demonstrate the impact of governance practices.
“When reporting on its governance activity the board should focus on outcomes in order to demonstrate the impact of governance practices and how the Code has been applied. Where the Board reports on departures from the Code’s provisions, it should provide a clear explanation.”
The Code Provisions have also been revised to clarify that the annual report should address:
- how environmental and social matters are taken into account in the delivery of the company’s strategy, including its climate ambitions and transition planning.
- how effectively the desired culture has been embedded throughout the company; and
- the outcomes of the chair’s engagement with shareholders during the period
Highlights
- Increased focus on environmental, social and governance reporting including both new disclosures and clarification of the audit committee’s role
- New disclosures to address investor concern about over-boarding
- Enhanced transparency around succession and senior appointments, including any targets or initiatives designed to achieve greater diversity and inclusion
- Strengthened board accountability for the effectiveness of the risk and internal control framework
- An explicit board declaration on the effectiveness of risk management and internal control systems
- New disclosures around malus and clawback arrangements
Section 2: Division of responsibilities
To address the increased concern from investors about the number of board positions held by listed company directors – as evidenced by changes to voting guidelines in this area to limit the number of directorships a director can hold – it is proposed that:
- all significant director appointments should be listed in the annual report, along with a description of how each director has sufficient time to undertake their role effectively in light of commitments to other organisations. This should also describe any actions taken as a result of such an assessment; and
- the annual performance review should explicitly consider each director’s commitments to other organisations, and their ability to discharge their responsibilities effectively.
Section 3: Composition, succession and evaluation
The proposed revisions are intended to support the FCA’s recent policy statement on diversity and inclusion without introducing additional, duplicative targets or regulations.
The Principles are to be amended to include a reference to inclusion, and to give equal weight to all protected and non-protected characteristics, to encourage companies to consider diversity beyond gender and ethnicity.
The revised Provisions aim to provide improved clarity on company approaches to succession planning and board and senior management appointments; and to improve transparency around the role of any targets or initiatives companies have chosen to use to achieve greater diversity and inclusion in their boards and executive management.
In describing the work of the nomination committee, the annual report should now address:
- succession planning for both board and senior management positions, in order to deliver the company’s strategy, including an explanation of how the committee has overseen the development of a diverse pipeline for succession;
- the appointments for the board and senior management, including the search and nomination procedures and promotion of diversity; and
- the effectiveness of the diversity and inclusion policy, including progress towards company objectives and adherence to established initiatives.
Section 4: Audit, Risk and internal control
The role and responsibilities of the audit committee have been enhanced to reflect the committee’s role with respect to environmental, social and governance reporting; Audit and Assurance Policies; and the new ‘Audit Committees and the External Audit: Minimum Standard’.
The roles and responsibilities now include:
- monitoring the integrity of narrative reporting, including sustainability matters, and reviewing any significant reporting judgements;
- developing, implementing, and maintaining the Audit and Assurance Policy;
- engaging with shareholders and other stakeholders on the role of the audit committee, the scope of work of the external auditor, and the approach to the Audit and Assurance Policy;
- following the ‘Audit Committees and the External Audit: Minimum Standard’;
- promoting effective competition during tendering for an external auditor, to support audit market diversity.
Similarly, in disclosing the work of the audit committee, the annual report should now disclose:
- the matters set out in the ‘Audit Committees and the External Audit: Minimum Standard’;
- the significant issues that the audit committee considered relating to narrative reporting, including sustainability matters, and how these issues were addressed;
- where commissioned by the board, the steps taken by the audit committee to assure environmental, social and governance metrics and other sustainability matters; and
- the audit committee’s approach to developing the triennial Audit and Assurance Policy and the annual implementation report.
Risk management and internal control
The FRC has proposed an approach that fits within a principles and provisions based ‘comply or explain’ Code. It is designed to strengthen board accountability for the effectiveness of the risk and internal controls framework by confirming that the board has put in place and maintains effective systems that deliver the expected outcomes.
The FRC considers that this approach provides improved accountability and transparency, while avoiding disproportionate burdens on business and allowing flexibility for companies to tailor their arrangements to their own circumstances.
The key revision extends the long-standing expectation that boards should monitor the company’s risk management and internal control systems and, at least annually, carry out a review of their effectiveness and report on that review in the annual report, with an explicit provision that the annual report should include:
- a declaration of whether the board can reasonably conclude that the company’s risk management and internal control systems have been effective throughout the reporting period and up to the date of the annual report;
- an explanation of the basis for such a declaration, including how the board has monitored and reviewed the effectiveness of the company’s risk management and internal control systems; and
- a description of any material weaknesses or failures identified and the remedial action being taken, and over what timeframe.
The monitoring and review should cover all material controls, including operational, reporting and compliance controls.
To support the revisions in this area, the FRC announced that an update to their Guidance on Risk Management, Internal Control and Related Financial and Business Reporting will be developed later in the year and finalised once the outcome of the Code consultation is settled. It will build on the current guidance and its predecessor, the 2005 Internal Control – Revised Guidance for Directors on the Combined Code.
It is anticipated that the updated guidance will set out possible structures, responsibilities, actions and recommendations, but also allow companies the flexibility to adapt it to their unique circumstances and characteristics. Ultimately the board will need to be comfortable that the internal controls framework is sufficiently effective to enable them to make the declaration.
Going concern and the Resilience Statement
The Code retains the existing Provision relating to the going concern basis of accounting (without change) for those companies that apply the Code but don’t meet the proposed criteria for preparing a Resilience Statement. Companies which comply with the going concern element of the anticipated Resilience Statement requirement will also be considered to be compliant with this Provision.
The Provision relating to the so-called longer-term viability statement has been revised to require an explanation of how the board has assessed the company’s future prospects. Companies that comply with the (proposed) Resilience Statement requirement will also be considered to comply with this revised Provision.
Companies not subject to the Resilience Statement requirement should report in a similar and proportionate way to those requirements or set out the basis for their assessment in the annual report.
Section 5: Remuneration
The revisions to this section of the Code are designed to strengthen the links between companies’ remuneration policies and corporate performance in the wider sense, including ESG objectives.
Furthermore, a new Provision sets out a requirement for additional information around malus and clawback arrangements to be included in remuneration reports, including:
- the minimum circumstances in which malus and clawback provisions could be used;
- a description of the minimum period for malus and clawback and why the selected period is best suited to the organisation; and
- whether the provisions have been used in the last reporting period. If provisions have been used, a clear explanation of the reason should be provided in the annual report.
Companies should also set out the use of their malus and clawback provisions in the last five years.
Guidance and application date
It is anticipated that the revised Code will apply to accounting periods commencing on or after 1 January 2025. It is intended that this will allow sufficient time for implementation.
The revised Code will be supported by updated guidance, and work is currently underway to revise the ‘Guidance on Audit Committees’ and ‘Guidance on Board Effectiveness’ so that these can be aligned with the revised Code and Audit Committee Standard.
The FRC is also amending the ‘Guidance on Risk Management, Internal Control and Related Financial and Business Reporting’ specifically to take account of changes to the principles and provisions on risk management and internal control.
The process of finalising the revised guidance will continue alongside the Code consultation, and it is anticipated that the new guidance will be available when the new Code becomes applicable.
Responding to the consultation
Comments on the consultation document are requested by Wednesday 13 September 2023. Responses should be sent by email to codereview@frc.org.uk.
Get in touch
If you have any queries on the above, or its implications for your business, please contact Niall Savage or Maria Diver of our Audit Committee Institute. We'd be delighted to hear from you.
Niall Savage
National Head of Audit Markets, National Chairperson of Audit Committee Institute
KPMG in Ireland
Maria Diver
Director
KPMG in Ireland
