Marking your own homework: how to get governance right
27 June 2019
It’s easy to become complacent about governance, and the closer you are to decision-making the harder it is to see how the process really works. But with closer scrutiny from regulators on accountability, a systematic governance review, looking at culture as well as controls, is a wise precaution.
The trouble is, it’s easy to assume that because everything looks OK on paper, then your governance is working well. Senior leaders aren’t usually in the habit of questioning their own governance arrangements because they often assume that if there’s a governance problem they’d know about it; after all they’re the ones making the important decisions. The paradox is that the more an individual is involved in decision-making, the harder it is for them to stand back and consider how those decisions are actually made.
Take the example of the Commonwealth Bank of Australia. In 2017, the Board of Directors rated the organisation’s governance as “world class” based on the bank’s annual assessment of its own performance. Yet in April 2018, the Australian Prudential Regulation Authority found “significant shortcomings in the governance of nonfinancial risks. For much of the period under review, the Board did not demonstrate rigour of oversight and challenge to Commonwealth Bank of Australia management.”
Elsewhere, enforcement actions increasingly have governance at their heart. Take the £32 million fine for Santander UK plc in December 2018 for failings in their probate and bereavement process. The final notice states:
“Despite staff acknowledging that the deceased customer accounts issue was a “Bank wide risk” and the potentially high number of affected customers and assets, the issue was not escalated within Santander until November 2014. At the end of 2013, the matter was not on the agenda of any senior management committee, there was no formal reporting requirement, and no individual was given responsibility to scope, understand and fix the problems”.
All of these are governance failings: failure to escalate, lack of management information, and unclear delineation of responsibility. And particularly in firms that have grown fast, it’s easy for those at the top to believe that they know what’s going on.
How to get governance right
So, how do you make sure you’re really getting the accurate picture needed for effective governance, and that delegation and escalation are working as intended?
Benchmarking is part of the answer; this involves comparing your governance structures and processes with industry good practice. Benchmarking is not enough to unearth all the potential problems, however.
What’s really needed is an objective and proportionate review of your governance framework. This goes further than looking at the design of your governance arrangements; firms need to demonstrate their effectiveness in decision-making and achieving customer outcomes.
By looking separately at design and effectiveness, it becomes possible to understand the root causes for any governance weaknesses identified – an understanding that is key to effective remediation. For example, a different solution will be needed for a firm whose ExCo has an ambiguous remit (design) compared with a firm whose ExCo doesn’t follow that remit in practice (effectiveness).
A review should, at least, evaluate the following:
Well-run firms make effective decisions in a balanced and efficient manner. A review could look at:
- the extent to which there’s rigour and an absence of bias in decision-making.
- the role of compliance and risk in challenging first-line decision-making.
- the strength of the customer voice in decision-making.
Board and committee structure and composition
It’s important for boards and committees to have the right balance of members, with no overrepresentation from any particular area – such as the front office. A review can consider:
- the clarity of purpose and remit of boards and committees. For example, is it clear whether committees have a decision-making or an advisory role? How do these roles play out in practice?
- the clarity of responsibilities of committee members
- whether members have the knowledge, experience and diversity to challenge what’s put in front of them and hence make effective decisions.
Escalation and oversight
Boards and committees must exercise, and be able to demonstrate, ongoing and effective oversight of items they have delegated. Being able to demonstrate that senior managers have taken reasonable steps will go a long way if a regulatory issue is identified. The review should ask:
- How open and transparent the executive is in communicating with the board, particularly about bad news.
- Whether management information is monitoring what matters and enables decision-makers to form appropriate judgments.
Getting ahead of the regulators with a governance review
A comprehensive governance review considers where there might be weaknesses or room for improvement across your governance and control framework. This could be in relation to your board and committee structure, conflicts of interest, MI, outsourcing or product governance. As well as ensuring compliance, a review like this can make you more efficient, reduce costs and improve your reputation. It can be difficult to do all of this internally, partly because some distance is needed. For an objective evaluation of governance, it often pays to involve an external party.
How Bovill can help
Our governance specialists can carry out a full governance review on your behalf or advise you on different areas. We work with firms of all shapes and sizes so get in touch to find out how your governance compares.