Good Corporate Governance (GCG) Being a good corporate citizen is good risk management Margaret Jackson Chairman Qantas Airlines, March 2004
Being a good corporate citizen is good risk management Margaret Jackson Chairman Qantas Airlines, March 2004
What is GCG (1) Corporate governance is defined as the process and structure used to direct and manage business affairs of the company towards enhancing prosperity and corporate accounting with the ultimate objective of realizing shareholders long-term value while taking into account the interest of other stakeholders
What is GCG (2) Corporate governance is about maximizing shareholder value legally, ethically and on a sustainable basis, while ensuring fairness to every stakeholder the company s customers, employees, investors, vendor-partners, the government of the land and the community. Corporate governance is a reflection of a company s culture, policies, how it deals with its stakeholders, and its commitment to values
Objectives of GCG Good corporate governance serves several important objectives: It enhances the performance of corporations, by creating an environment that motivates managers to maximize returns on investment, enhance operational efficiency and ensure long term productivity growth. It also ensures the conformance of corporations with the interests of investors and society, by creating fairness, transparency and accountability in business activities among employees, management and the board
Key GCG Practices Reliable financial reporting The role of audit and audit committee Continuous disclosure
Improving GCG Commitment to good corporate governance Equitable treatment of shareholders and other financial stakeholders The control environment Transparency and disclosure The role and functioning of the Board of Directors
GCG in Practices (1) Good corporate governance practices must be nurtured and encouraged to evolve as a matter of best practice but certain aspects of operation in a body corporate must of necessity require minimum standards of good governance.
GCG in Practices (2) Effective corporate governance requires a clear understanding of the respective roles of the board and of senior management and their relationships with others in the corporate structure.
GCG in Practices (3) The board and its audit committee should take reasonable steps to be comfortable that the corporation's financial statements and other disclosures accurately present the corporation's financial condition and results of operations to stockholders, and that they do so in an understandable manner.
GCG in Practices (4) The CEO and senior management run the corporation's day-to-day business operations The CEO should be a person of integrity who takes responsibility for the corporation adhering to the highest ethical standards. A corporation should have a code of conduct with effective reporting and enforcement mechanisms.
GCG in Practices (5) A substantial majority of directors of the board of a publicly owned corporation should be independent of management, both in fact and appearance Every publicly owned corporation should have an audit committee comprised solely of independent directors
GCG in Practices (6) The selection of an outside auditor should involve an annual due diligence process in which the audit committee reviews the qualifications, work product, independence and reputation of the proposed outside auditor. Audit committee meetings should be held frequently enough to allow the committee to appropriately monitor the annual and quarterly financial reports
GCG in Practices (7) A corporate governance committee should be comprised solely of independent directors. A compensation committee should look... at the overall compensation structure of the enterprise to determine that it establishes appropriate incentives for management and employees at all levels. Directors should be incentivized to focus on long-term stockholder value.
GCG in Practices (8) The board should have an effective mechanism for evaluating performance on a continuing basis. The goal of stockholder communications should be to help stockholders understand the business, risk profile, financial condition, and operating performance and trends of the corporation.
GCG Index Internal mechanism The composition of boards of directors Executive compensation The ownership structure Financial transparency and disclosure
External Mechanism The market for corporate control The legal infrastructure and protection of minority shareholders Product market protection
Benefits of GCG Enhances the performance of corporations By creating an environment that motives managers to maximize ROI Enhance operational efficiency Ensure long-term productivity growth Ensures the conformance of corporations with the interests of investors and society By creating fairness, transparency and accountability in business activity among employees, management and the board.
Requirements for Developing GCG (1) GCG requires a mindset within the corporation which integrates the corporate code of ethics into the day-to-day activities of its managers and workers Corporations have to create systems, Structures and incentives to promote transparency, since transparency brings accountability. Business leaders must walk the talk
Requirements for Developing GCG (2) Broader market reforms The world should adopt a uniform global accounting standard Market are based on trust
GCG and Risk Management (1) Corporate strategies often focus on the most likely future scenario and the benefits of a strategic initiative. Creation of a sound governance, riskmanagement, and internal control environment starts by making it part of the strategic-planning exercise
GCG and Risk Management (2) While the strategy is being considered, managers and board members should be asking a number of questions: 1. What are the major risks of this plan? 2. How much risk exposure are we willing to accept? 3. What mitigating controls need to be in place to effectively limit these risks? 4. How will we know if these controls are working effectively?
GCG and Risk Management (3) By considering risks as part of the planning process, controls can be built into the design, the costs of errors and reworking in the initial rollout can be reduced, and the ongoing initiative can be more successful because monitoring can reveal when activities and results are missing their intended goals, so that corrective actions can be initiated more promptly. as these strategies are being implemented, all managers and employees in the organization must have an understanding of the risk exposures and controls in their particular areas of responsibility
Information of RM and GCG (1) An information risk management structure that has clearly defined roles and responsibilities is consistent within the organization's overall risk management structure has a good interface with other risk management areas is responsive to feedback and direction from the Board An information risk assessment process that is consistent across the whole of the organization has inherent integrity identifies the nature and extent of the information risks facing the organization assesses the likelihood of the information risks materializing establishes the cost benefit analysis of implementing controls to manage information
Information of RM and GCG (2) A process for determining and managing the acceptable level of information risk to the organization A set of policies, standards and procedures to ensure that all information risks are managed within the organization's risk appetite reduce the potential business impact of incidents by use of control measures (to prevent, detect and recover) monitor the effectiveness of implemented controls regularly
Information of RM and GCG (3) A process for the regular monitoring of the information risk management process for both effectiveness and integrity A process for reporting information risks to the Board with facilities to enable the assimilation of all feedback into the information risk management processes A process to communicate information risks to the organization's stakeholders both internal and external
Conclusion (1) Risk management is interwoven with the standards, guidelines and best practice publications Poor risk management is often why governance fails Inadequate risk management and accountability leads to poor governance
Conclusion (2)
Conclusion (3) Corporate governance is as much about systems, procedures and policies as it is about culture, values and ethics It embraces risk management and compliance Good governance leads to better accountability