Expect 2009 to be a hectic year for international corporate governance and compliance.
In Britain, Europe, Japan, and elsewhere, many companies are still adjusting to the reforms ushered in by the corporate failures of 2002. Now they’ll also need to brace themselves for the expected new wave of regulation, aimed at fixing problems exposed by the financial crisis of 2008. The depth of the current global economic crisis, and the huge stake taxpayers now have in the problem thanks to government bailouts from Berlin to Beijing, has made corporate governance an incendiary issue.
“The public, investors, shareholders, and regulators will no longer tolerate corporate governance failures in 2009,” says Peter Giblin, a corporate governance professor at the CASS Business School in London and president of Integrity Europe, a governance consulting firm. “A few years ago a company could ride out a corporate governance scandal; now the impact could be potentially catastrophic, with many companies going into administration. Tougher and more detailed regulations will be introduced, resulting in an inevitable increase in scrutiny.”
Giblin says executive pay is almost certainly to see more regulation, amid clamor in Britain and Europe that companies link pay more closely to executive behavior and corporate performance. “In 2009 we will see a trend toward all senior management being judged more aggressively on their knowledge of and adherence to proper corporate governance standards and statutes,” he says.
Simon Rawling, a director at the PIPC consulting firm in London, predicts a host of changes to the financial services sector, which is a huge part of Britain’s economy. He expects regulatory action on information and record storage, operational risk, and general corporate governance—but isn’t sure how such changes can successfully be implemented on an international level.
“The last 12 months have proved that we lack any sort of joined-up global governance or regulatory structure,” he argues. “[W]hat is needed more than ever before is a set of compliance and regulation initiatives that are integrated across governments, to effectively manage risk across global economies and global businesses.”
The leaders of the G-20 nations discussed such an approach when they met in Washington in November to discuss the credit crunch and made clear that financial firms will face much tougher regulation in future. Their communiqué talked about the need for banks to improve risk-management practices, to re-examine their internal controls, and to disclose more about risks. The G-20 promised detailed plans by the end of March.
Boyle
One trend to watch in 2009 will be the extent to which new regulations and governance requirements aimed at the financial sector will spill over to affect corporations in other industries. In Britain, for example, the Financial Reporting Council has cautioned against changes to the Combined Code on Corporate Governance because they would apply to all listed companies, not just financial ones. FRC chief executive Paul Boyle used a recent speech to argue that the regulatory focus should be on whether financial firms had observed the existing standards, rather than whether those standards needed to change.
Practice Makes Perfect
While organizations watch anxiously to see whether the credit crunch will hit them with a further wave of regulation, 2009 is a year when many will finally come to grips with reforms from the last financial scandal: the raft of corporate fraud and accounting scams that were exposed in 2002 and 2003, such as Enron, WorldCom, Parmalat, and Ahold.
In Europe, for example, the combined EuroSox directives will finally start to take effect this year. The regulations combine and harmonize disparate directives already in place; the aim is to build trust in European auditing, financial reporting, and corporate governance. One big change is that companies must now disclose their risk-management activities in the annual report, including the principle elements of their risk management and internal control systems, and describe their approach to corporate governance. Management is also legally responsible for ensuring that financial statements provide a “true picture” of the company’s situation.
“EuroSox places greater demand on an enterprise’s financial reporting—meaning more information must be stored, tracked, modelled, and made available to relevant authorities when required,” says Lynn Collier, solutions director at Hitachi Data Systems. “The strain on the business will not only be the additional information being stored, but also making it secure and easily accessible so it can be reported and audited when necessary.”
In Japan, listed companies will face the same as the country’s Financial Institution and Exchange Law—more commonly known as J-SOX—takes hold. These regulations require the same sort of internal controls over financial reporting as the Sarbanes-Oxley Act in the United States; standards set by the Japanese Business Accounting Council require companies to produce an audited assessment and report on their internal control over financial reporting.
The rules went into effect for all Japanese public companies (and their overseas affiliates) as of last April, the start of the fiscal year for most companies in Japan. That means the first annual reports with J-SOX information included will start appearing by summer.
Lawton
Many companies are still in a rush to comply with, and then embed, the J-SOX requirements. “Much of the impact in terms of effort to get compliant has been completed, but the integration of control to make it efficient as well as effective is still in progress in many organizations,” says ISACA International President Lynn Lawton.
Other Efforts
Regulation isn’t always driven by crisis: In 2009, companies must also respond to significant compliance challenges that have been in the pipeline for a while. In Europe, insurers will have to monitor the developing Solvency II accord; 2009 will see the introduction of the European Union’s controversial data retention directive for telecommunications and Internet companies.
In India, meanwhile, the government is introducing a new Companies Act in 2009, aimed at bringing the country’s business law and corporate governance rules up to international standards. In Hong Kong, important changes to the stock market’s listing rules took effect on January 1.
Of course, all this regulatory activity will transpire against a backdrop of global economic recession, when management would rather focus on corporate survival than corporate compliance. Just staying in business will be the biggest challenge many organizations face this year.
No comments yet