Leadership SeminarBrief introduction: Governance, Risk & Compliance from

a business perspective

presented to

07 October 2010

Leriba Lodge

CGF Research Institute (Pty) LtdReg. No. 2004/000744/07+ 27 11 476 8264 / 1 / 0 + 27 82 373 2249tbooysen@cgf.co.zawww.cgf.co.zawww.corporate-governance.co.za

• The role of ethics in public life is changing in all 4 sectors of democratic society

public sector

private sector

non governmental sector

large social institutions & government

P r e a m b l e

“Good governance is essentially about effective leadership.

Leaders need to rise to these challenges if there is to be any chance of effective responses. Leaders need to define strategy, provide direction and establish the ethics and values that will influence and

guide practices and behaviour

with regard to sustainability performance”.

King III

• Corporate governance can be described as:

“the system by which companies are directed &

controlled”

• Good corporate governance is about:

'intellectual honesty’ – effective leadership

not just sticking to rules & regulations

• Corporate governance can be described as:

“the system by which companies are directed &

controlled”

• Good corporate governance is about:

'intellectual honesty’ – effective leadership

not just sticking to rules & regulations

What is corporate governance?

Judge Mervyn King

. . . shareholder expectations vs. management . . .

. . . some believe it’s about relinquishing control . . .

International agencies are advocating more effective corporate governance (OECD, World Bank, IMF, EU, CACG)

(CACG) Commonwealth Association of Corporate Governance (OECD) Organisation for Economic Co-operation & Development

Shifting dimensions

Shareholder focus Stakeholder focus

Private sector focus Public sector focus

“One size fits all” “One value set fits all”

Source: Bob Garret

. . . it should not be a case of over regulation & over prescription . . .

. . . but balancing the related concepts . . .

Good corporate citizenship(ethical company)

Sustainability(longevity)

Triple bottom line(performance& reporting)

Stakeholder protection(After)

Shareholder protection(Before)

serving their interests

. . . some differences at a glance

King II King III

Comply or explain Apply or explain

Separate reporting of 3BL Integrated reporting of 3BL

None Shareholder remuneration policy

None Recommendations on remuneration

No written assessment Internal audit - risk based

Not deemed Sub-committees deemed directors

Report to & appointed by the board Audit committee

None Lead independent director

None IT governance

None (passive) Use of the words “must” & “should”

None (save relationships) Alternative Dispute Resolution

None Assessment of internal controls

Interwoven & not strongly emphasised Ethics stand alone chapter

Interwoven & not strongly emphasised Risk governance & management

None (only King I) Stakeholder relationships

(Theme-imperative for 21st century) Responsible corporate citizen

Mandatory for companies listed on the JSE Applicable to all companies

Source: Mervyn King

. . . it’s not about curbing entrepreneurship, but rather curbing rogue directors & management . . .

The sobering thought of running a company - from a fiduciary officer’s perspective

Directors: Standards of conduct

• As a director or as a sub-committee member when gathering information or preparing to act as such, you have:

FIRST FIDUCIARY RESPONSIBILITY

1. Duty to exercise the degree of care, skill & diligence:

exercised by a reasonably diligent individual

reasonably be expected of an individual

the knowledge, skill & supervision of that director

objectivity must prevail & consider all the facts at hand

decisions must be rational

The sobering thought of running a company - from a fiduciary officer’s perspective

Directors: Standards of conduct

• As a director or as a sub-committee member when gathering information or preparing to act as such, you have:

SECOND FIDUCIARY RESPONSIBILITY

• Duty to “act honestly & in good faith & in a manner the director reasonably believes to

be in the best interests of & for the benefit of the company”

Similar to the US, our laws are moving company officers toward more litigious liability in our personal capacities

Personal liability

• Increasingly, company officers will find it more & more difficult to hide behind their companies when they do something wrong

Federal inmate # 61727-054

• Personal liability

Name: Bernard Madoff

DOB: April 29, 1938 (age 71)

Previous occupation: Former stock broker, financial

adviser & chairman of NASDAQ

Charges: Securities fraud, investment advisor fraud,

mail fraud, wire fraud, money laundering, false

statements, perjury, false filings with the SEC, theft

from employee benefit plan

Penalty: 150 years imprisonment & forfeiture of $170

billion

Scheduled date of release: 11-14-2139 (age 201)

Understanding the “G” with GRC . . .

1. “At its most basic level, corporate governance is the interaction of a

company’s management, its board directors, and its shareholders to direct

and control the firm, and to ensure that all financial stakeholders

(shareholders and creditors) receive their fair share of the company’s

earnings and assets.”

Extract: Governance and Risk: George Dallas (Standard & Poor’s)

2. “Governance is the result of those processes implemented by the

organisation which contributes towards providing assurance to stakeholders

that organisational capabilities & resources (time, effort, assets &

money) are applied in such a manner that objectives are achieved

effectively & efficiently in an agreed ethical environment, with careful

consideration of the social, economical & environmental implications.”

Dr CL Pieterse 2006

Understanding the “R” with GRC . . .

1. “Risk management . . .

• is a continuous process, which should be linked to shareholder value

and embedded in the organisation. Assurance should be provided as

to the effectiveness of its operation and the validity of the findings of

risk management reporting . . .

• should be reviewed and updated regularly . . .

• covers all risks - operational, physical, human resources,

technology, business continuity, credit, etcetera . . .”Extract: The Company Director’s Handbook

2. “As business is the undertaking of risk for reward, the identification

of risk in a business is essential. Risks take various forms; namely,

strategic, operational, financial, non-financial and compliance.”

Extract: The Corporate Citizen

Understanding the “C” with GRC . . .

1. Compliance means complying with laws and regulations, policy, practice

codes, standards & business contracts relevant to the business . . .

Extract: The Corporate Citizen (Adapted)

2. Compliance generally implies the organization's adherence to:

• internal rules (e.g. restrictions, guidelines, standards & policies)• external regulations (e.g. King II, ECT Act, SOX)

3. The board must have adequate reports (quantitative / qualitative) that

informs the company’s compliance with regard to all laws and

regulations relevant to the business of the company

4. The Audit Committee provides assurance in terms of inter alia; the

company’s financial reporting as well as compliance with the current

regulatory environment; legal & statutory

G

interaction of a company’s management

direct and control the firm

all financial stakeholders

receive their fair share of the company’s earnings and

assets

result of those processes implemented

contributes towards providing assurance

objectives are achieved effectively & efficiently in

an agreed ethical environment

careful consideration of the social, economical &

environmental implications

R

a continuous process

linked to shareholder value

embedded in the organisation

assurance should be provided

effectiveness of its operation

validity reviewed & updated regularly

all risks - operational, physical, human

resources, technology, business continuity,

credit, etcetera

identification of risk in a business is essential,

namely strategic, operational, financial,

non-financial & compliance

C

complying with laws &

regulations, policy,

practice codes, standards

& contracts

adequate reports

relevant to the business of

the company

provides assurance

compliance with the current

regulatory environment;

legal & statutory

+ +

Combining the GRC to make business sense (value creation)

Conformance = compliance with conventions, rules, or laws

Key SADC downgrades - 2009• Zimbabwe (8 icons)• Congo DRC (7 icons)

Before you take the plunge, ensure that all the belts & braces are in the correct place . . . Before you take the plunge, ensure that all the belts & braces are in the correct place . . .

Thank you

Terry Booysen

CGF Research Institute (Pty) Ltd

+ 27 82 373 2249

+ 27 11 476 8264 / 1 0

tbooysen@cgf.co.za

www.cgf.co.za

www.corporate-governance.co.za