Johannesburg, South Africa
By Jene’ Palmer and reviewed by Terrance M. Booysen
We know that both local and international organisations are continuously having to adapt to operate in uncertain business environments. Locally, the release of the Preferential Procurement Regulations 2017, which places stronger emphasis on ‘radical transformation’, against the backdrop of persisting low economic growth rates are only some of the elements giving rise to further uncertainty. Internationally, the business and regulatory implications of the election of President Donald Trump and the vote in favour of Brexit and how these events will impact on local markets and businesses, is still unfolding. It therefore comes as no surprise that recent governance, risk and compliance (‘GRC’) surveys all indicate an increasing need to improve risk oversight and to balance opportunity management with risk management. The challenge lies in being able to achieve these objectives!
More often than not, organisations are structured and managed as silos. It therefore follows that risk and opportunity management is likely to also be conducted as siloed activities. In addition, audit and risk committees have focused strongly on the management of traditional risks such as that of financial risks and regulatory risks. In fact, Grant Thornton’s GRC 2016 survey confirms that most of an organisation’s GRC investment is applied to these traditional risks. Strategic and operational risks have been afforded a lower priority despite their impact on the sustainability of an organisation.
For organisations to succeed in these turbulent times, it is imperative that risk and opportunity management be inculcated into the culture of the organisation and that risk and opportunity management systems, processes and analytical information be integrated across the organisation. This can be achieved by implementing a Corporate Governance Framework®.
The board is responsible for setting the ‘tone at the top’ and for ensuring that board members and senior executives alike understand their roles and responsibilities in the organisation – particularly as they pertain to enterprise wide risk and opportunity management. The Corporate Governance Framework® provides the board and senior executives a singular schematic view of the risk and opportunity management areas (i.e. the governance components) which are important to the organisation. In addition, the framework provides a high-level view — on a simple red, amber, green (‘RAG’) methodology — of the extent to which all these governance components are being efficiently and effectively monitored and controlled. The likelihood of important non-traditional risk areas being overlooked is therefore significantly reduced.
A properly implemented Corporate Governance Framework® also facilitates transparency and information sharing and as such very quickly identifies how different governance components are interdependent and integrated – thereby equipping the board and its senior executives with the knowledge required to take the necessary corrective action to mitigate risk and exploit opportunities as they arise across the organisation. The Corporate Governance Framework® is not simply an organisational organogram or authority matrix.
Fast and effective decision-making is required for organisations to navigate their way through these tough socio-economic times. GRC studies confirm that those organisations who have adopted good governance practices and who manage general and specific risks well, produce better operational results. The Corporate Governance Framework® enables access to transparent and timeous information and highlights those governance components which need to be prioritised. Investment and resource allocation decisions can therefore be enhanced.
Nearly all organisations conduct business with third parties, but very few organisations actually manage third party risk (as part of their operational risk). Organisations should be assessing the impact of third party risk on their own supply chain – and ultimately on the sustainability of their own organisations. Not only will a Corporate Governance Framework® facilitate the identification of such risk, but by insisting that third parties also implement such a framework and demonstrate their application of good governance practices, organisations will facilitate the evaluation of the bearing of third party risk on their own operational risk profile. Forearmed is forewarned and the appropriate steps can then be taken to mitigate the identified risk.
The Code for Responsible Investing in South Africa (‘CRISA’) requires institutional investors to incorporate sustainability considerations into their investment decisions and processes. The increased level of transparency which accompanies good corporate governance stimulates perceived investor confidence. Stronger operational results and the improved ability to make decisions transforms into increased access to capital and debt financing – enabling the organisation to leverage its opportunities to the fullest.
So, instead of asking: “Do we really need a Corporate Governance Framework®”, perhaps the conversation should centre on how to implement such a framework. In a constantly changing world, high performers will be differentiated by their ability to effectively and efficiently manage GRC. Expectedly, in developing a Corporate Governance Framework®, it is important to ensure that this framework is tailored to suit the organisation’s business and its environment. There is no one-size-fits all. The development of the framework is a continuous process which matures as the organisation and its leadership evolves.
* The Institute of Directors in Southern Africa (‘IoDSA’) owns the intellectual property of King IV™ and the King IV™ report can be accessed at no cost at: http://www.iodsa.co.za/?page=AboutKingIV)