Building Blocks for Business Success

Building Blocks for Business Success

Using corporate governance techniques to generate real business benefits

Building Blocks for Business Success

Using corporate governance techniques

to generate real business benefits

Foreword 4

Introduction 5

Where do I start? 6

The corporate governance context 8

Board structure and balance 12

Independent non-executive directors 16

The role of the chairman 21

The role of the managing director 24

The audit committee 26

Strategic planning 29

Risk management 31

Internal control 34

Internal audit 37

Reporting and information quality 40

Remuneration policies 43

Succession planning 45

Company-wide policies 46

Governance considerations for businesses in difficulty 47

References and further reading 49

Table of contents

4 BUILDINGBLOCKSFORBUSINESSSUCCESS

Grant Thornton and the Institute of

Directors in Ireland have created this

publication to provide a practical resource

for owners and managers of private

companies. The principal focus of anyone

in this group is ensuring that their business

operates in a profitable manner, and

continues to do so regardless of external

events and economic conditions.

The upheaval in trading conditions in

the past few years has shown that it is

difficult for businesses to cope with every

eventuality and deal with constantly

changing risks. Not surprisingly, many

owners and managers have found that the

approach to managing a business in an

economic boom is ill-suited to managing

it in a downturn. The techniques in this

publication are designed to make a

business more resilient and aware of risks

and changing circumstances.

We hope that you will find the

publication useful, and that it will assist

in strengthening the indigenous private

companies that form such a vital part of

the Irish economy.

Cian Blackwell

Partner, Business Risk Services,

Grant Thornton

Maura Quinn

Chief Executive, Institute of Directors

in Ireland

Foreword

5

Objectives

This publication is designed to provide

guidance and assistance to private

companies, not to increase their

compliance burden. Although it covers

many components of the traditional

corporate governance frameworks, the

focus is on governance mechanisms that

contribute to the business — those that

can be shown to add shareholder value if

implemented well, rather than focusing

on theoretical best practice or compliance

and box-ticking.

It is therefore not intended to be a

governance code — management and

boards of directors can, and should,

evaluate each of the recommendations,

assess the potential benefits and,

accordingly, choose what to implement

and how to implement it.

How to use this book

The vast majority of private companies

have, quite understandably, focused on the

management of their business rather than

its governance, and thus are unlikely to

have implemented many of the techniques

discussed here.

Consequently, it is not intended that

organisations aim to implement all of

the recommendations. Instead, we have

prepared an overview chapter, entitled

“Where do I start?”, to assist in prioritising

which recommendations to evaluate first.

This approach allows companies to start

small, with minimal investment, and

continue to critically assess the resulting

benefits as the initiative progresses.

Introduction


This publication contains several dozen

recommendations on changes that can

be made to how a business is governed.

Whilst each recommendation has

been chosen for its ability to benefit a

business, it is not intended that they all

be implemented at once — in fact, the

quantity of effort required, and the level

of change involved, would prove very

disruptive for most businesses.

Instead, owners and managers should

carefully evaluate each recommendation,

to make sure that it can deliver the

required benefit without much disruption

or excessive cost. To assist with this

process, we have included an example of

a prioritised list, providing suggestions

for the order in which to approach

these changes.

In our experience, as businesses invest

more time and effort in increasing the

sophistication of their governance

approach, it becomes easier to add

further enhancements, and the return on

investment becomes easier to achieve.

Where do I start?

7

Suggested priority for governance enhancements

Everycompanyisdifferent,andwillhavedifferentprioritiesandlevels

ofpreparednessforthegovernancemechanismsinthispublication.The

followinglistshouldservemerelyasasuggestionfortheorderinwhich

youapproachtheinitiatives.

Thepriorityofeachinitiativewillbeinfluencedbythesizeofacompany–

foramediumtolargeprivatecompany,forexample,thecomplexityand

scaleofbusinessprocessesshouldincreasetheemphasisonrisk,internal

controlandinternalaudit.

1 Createasingledocumentthatdescribesyourcompany’sstrategy

2 Addanon-executivedirectortotheboard

3 Separateboardmeetingsfrommanagementmeetings

4 Createanauditcommittee,andgiveitaformalroledistinctfrom

management

5 Createaformalroleofchairmanoftheboard

6 Formaliseandstrengthencrucialaspectsofthemanagingdirector’s

role,bydocumentingresponsibilities,linkingremunerationtolong-

termperformance,andensuringasuccessionplanexists

7 Putinplaceariskmanagementprocessthatidentifies,categorisesand

assignsresponsibilityforallmajorrisks

8 Reviewyourmanagementandfinancialinformation–decide

whatyoureallyneed,anddeterminewhichpiecesofinformation

supportyourkeydecisions

9 Createaflowchartforyourmostimportantprocess(es),adding

narrativeexplanationswhereappropriate;identifytherisksrelatedto

theprocesses,andthecontrolsthatmitigatethoserisks

10 Implementaninternalauditfunctiontoreviewcriticalprocessesand

controls,andcheckwhetherrisksarebeingmitigated

11 Collateallpoliciesintoasinglepolicydatabase,makingsurethatitis

comprehensive,clearandproperlycommunicatedtoallstaff


About this chapter

This chapter is intended to provide

further background on corporate

governance — what it is, the types

of organisations to which it applies,

the rationale for implementing good

corporate governance, and the benefits

of doing so. It is included for readers who

wish to learn more about the context and

background to the techniques described

later in this publication.

What is corporate governance?

For a topic as familiar and widely

referenced as corporate governance, it is

a little surprising that there are no widely

accepted definitions of what the term

actually means.

It has been defined in many ways,

encompassing concepts such as “a set

of relationships between a company’s

management, its board, its shareholders

and other stakeholders,”1 or as a set of

practices to “align as nearly as possible the

interests of individuals, corporations and

society.”2 Whilst these phrases are certainly

appropriate, perhaps the most relevant

1 OECD, Principles of Corporate Governance, 2004

2 Sir Adrian Cadbury, Global Corporate Governance Forum, World Bank, 2000

definition is phrased in commercial terms:

corporate governance mechanisms are

“the ways in which suppliers of finance to

corporations assure themselves of getting

a return on their investment.”3

In this context, governance mechanisms

should be seen as those which:

– directly enhance shareholder value; and

– provide assurance that shareholder

value is being enhanced

For a private company, anything which doesn’t

meet one or other of these dual objectives

is simply a waste of valuable resources.

However, determining how to meet these

objectives is not as easy as it might seem. For

a start, enhancing shareholder value is only

feasible if everyone concerned has a clear and

consistent idea of the overall objectives of

the organisation, and the strategy employed

to execute those objectives must be clearly

understood and articulated. The governance

mechanisms should then operate to

support those objectives, by mitigating risk,

ensuring controls are effective, and providing

assurance of this to shareholders and other

stakeholders.

3 Andrei Shleifer and Robert Vishny, A Survey of Corporate Governance, Journal of Finance, Volume 52, No. 2, June 1997

The corporate governance context

9

Additionally, governance mechanisms

play a crucial role in aligning disparate

interests of the various groups involved

in a company, particularly management

and shareholders. Shareholders have a

clear interest in maximising the long-

term performance of the company as a

whole; management, on the other hand,

has a clear interest in meeting their

performance targets and being well-

remunerated for their efforts. These

objectives should be, but frequently aren’t,

compatible. Many of the governance

practices described in this publication are

designed to align these various objectives,

ultimately for the benefit of shareholders.

Governance frameworks and

private companies

Governance codes exist as part of

the regulatory framework for many

types of companies. In the main, these

codes are created for companies with

external stakeholders, i.e. individuals

or organisations who have a vested

interest in the successful operation of the

company, but have no direct control over

the management of the company.

The purpose of governance codes,

therefore, is largely to protect the

interests of stakeholders. The three

categories of companies most commonly

considered to have large groups of

external stakeholders are:

– Listed companies (the stakeholders

being their shareholders,

both retail and institutional)

– Public sector bodies (stakeholders

being taxpayers and citizens); and

– Financial institutions (stakeholders

being account or policy holders, and in

the case of institutions with systemic

importance, all citizens)

Private companies are, not surprisingly,

conspicuously absent from this list. Most

private companies have a very small

number of stakeholders, primarily the

shareholders, and even where there is

some external (non-management or non-

executive) ownership of the company —

for example in the case of private equity

investments — this is generally by parties

with strong links with management.


Overall benefits

Ifchosencarefully,governancemechanismscanconfersignificantbenefits

onabusiness.Subsequentchaptersprovidedetailsofthelikelybenefitsof

eachoftheparticulargovernancepractices,butoverall,goodgovernance

can,andshould,resultinthefollowing:

Benefits of good governance practices:

— Safeguardingthereputationofthecompany

— Supervisingandcontrollingalllevelsofmanagement

— Settingtherighttoneatthetop

— Identifyingopportunitiesforefficiency

— Ensuringthattherisksfacedbythecompanyarebetterunderstood

andcontrolled

Most private companies have tended

to view this as a lucky escape — the

absence of external stakeholders means

that nobody is loudly clamouring for the

imposition of a governance framework on

private companies, and the consequent

regulatory burden can be avoided entirely.

Nevertheless, the experiences of the

economic downturn have shown that

the management techniques adopted in

the previous decade are not necessarily

appropriate to current circumstances, and

in particular many companies, not just

private ones, failed to deal with a changing

risk environment.

The governance practices described in this

publication are designed to address exactly

this — the risks, new and familiar, faced by

businesses operating in current conditions.

11


not have any ownership of the company.

There may also be shareholders who

are not involved in the management of

the company, e.g. family members who

have retired or inherited a shareholding

in the business without being involved

in the day-to-day management, i.e. non-

executive shareholders.

As soon as the membership of these

groups diverges, their goals and objectives

will too. The most effective mechanism to

redress this imbalance is a well-structured

board that can advise and monitor the

whole management team effectively,

represent the interests of non-executive

shareholders, and act as a bridge between

shareholders and management.

A balanced board, preferably with input

from independent non-executive directors

as noted in the next chapter, provides a

vital means of challenging and controlling

executive directors and management,

and ensuring that the objectives of the

company and management are aligned.

The need for board structure

and balance

The typical board in a private company

contains largely the same people as

the senior management team. This is

understandable, and in many cases these

individuals will also be shareholders in

the company — quite possibly the only

ones. Although this three-way overlap

between management, board and owners

is common, it can create problems for all

but the smallest of businesses.

The three-way overlap can be managed

quite easily if each of the three groups

consists of exactly the same people —

that is, there is nobody involved in the

management, direction or ownership

of the company other than the same

individual or small group of individuals.

Since it’s the same people in each

group, their respective interests are, by

definition, aligned and consistent.

However, interests and objectives can

start to diverge as soon as this neat

overlap of groups starts to break down,

and this will almost inevitably happen at

an early stage of a company’s growth. For

example, the needs of the business may

dictate that additional members of the

management team are required, but these

managers are not on the board and do

Board structure and balance

13

Where shareholders and management are

not entirely the same group (i.e. where

there are some non-management or non-

executive shareholders) it gives them a

formal opportunity to meet and discuss

issues. But even where the attendees at

board and management meetings are the

same, segregating the agenda allows for

greater focus on the real issues at stake

within each topic. Some companies insist

on board meetings taking place offsite, to

truly underscore the distinction.

Board diversity

A diverse board provides the company

with access to a wide range of skills and

expertise. Ideally board composition

should reflect important skills such as

financial, audit, risk, strategy, commercial,

marketing, etc and should be able

to understand the perspectives of

shareholders, management, customers,

suppliers, regulators, etc. Board

diversity also sends a clear message to

stakeholders (employees, customers,

banks, investors) that there is a strong and

diverse board in charge of the company.

Rotation of board members should also be

considered — introducing new directors

after a number of years provides fresh

perspectives and a means of preventing

the board from being stuck in a routine.

Distinguishing between management

and directors

It is therefore essential for any large or

growing private company to establish

a distinction between management

and directors. This distinction allows

directors to focus on the supervisory

and governance aspects of their role,

rather than operational aspects, allowing

them to see the big picture without being

distracted by day-to-day business.

However, there is still likely to be a

significant number of board members

who are also senior managers, and

there should be a means of separating

and distinguishing their dual roles

(management and governance). Perhaps

the simplest way of doing this can be

surprisingly effective — separating

management meetings and board

meetings. This can be done by setting

clear and distinct agendas for each,

with minimal overlap, and scheduling

them separately.


Action points

— Holdseparateboardandmanagementmeetings,withaformalagenda

foreach

— Ensurethatthereissufficientdiversityontheboard,makingsurethe

boardhasabroadrangeofviewpoints

— Ensurethattheboardcontainsabalanceofexecutive(management)

andnon-executiveboardmembers

Template – sample board agenda

Atypicalboardagendashouldencompassthefollowingataminimum:

— Minutesofthepreviousmeeting

— Strategicupdate,includinganupdateonthecurrenttrading

conditionsinthecompany’smarketplace,updateonmajor

competitors

— Operationalupdate,includinghigh-leveldetailsoftheperformanceof

thecompany’sproductorservicelines

— Financialupdate,focusingonthecompany’skeyperformance

indicators,managementaccountsandfinancialreporting

— Cashandfinancingupdate,focusedonensuringthatthecompany

remainssolvent,andcoveringcashflowandfinancing

— Legalandregulatoryupdate(whereapplicable)

— Existingprojects–updateonthestatusofprojectsdiscussedat

previousboardmeetings

— Newandproposedprojects

— Anyotherbusiness

15

Atappropriatetimesoftheyear,theagendashouldalsocoverperiodic

processessuchas:

— Budgetsandfinancialplanning

— Annualexternalauditprocess

Ifthecompanydoesn’thaveaseparateauditcommittee,thentheitems

includedintheauditcommittee’sremit(seelaterchapter)shouldbe

includedintheboardmeetingagenda.

Toensuretheyareeffective,boardmeetingsshouldstickcloselyto

theagenda.


Defining independence

So what is independence? This can be a

surprisingly difficult question to answer,

even for companies that have a regulatory

requirement to include independent non-

executive directors on their boards. Some

companies take a checklist approach,

defining a director as independent if they

meet a list of certain criteria. Although

this can be useful, in practice it is far

better to pose a single, overall question —

is this particular director impartial, and

free of any significant vested interests

related to the company? If so, then he

or she can be regarded as independent.

The typical list of criteria can help in this

regard, but shouldn’t replace that single

overall question. Independence is, after

all, a state of mind.

In the previous chapter we looked at the

need to introduce balance and diversity to

a board, so that it can act as an effective

governance mechanism. A crucial aspect

of board balance is the split between

executive directors — i.e. those involved in

the day-to-day running of a company —

and non-executive directors, (NEDs)

who are involved at board level but not at

management level.

In private companies, non-executive

directors will often be shareholder

representatives, such as family members

in a family business. A private company

with external investors — seed capital,

venture capital, or government-supported

investment — may have shareholder

nominees on the board.

However, there is a separate class of non-

executive director that is common on large

companies’ boards and is becoming more

widespread amongst private companies —

the independent non-executive director.

These directors, by definition, do not have

a vested interest in the company outside

their role as a director, and are brought

onto a board to provide the benefit of their

expertise rather than to directly represent

shareholders’ interests.

Independent non-executive directors

17

Criteria to bear in mind when assessing independence

Anindependentnon-executivedirectorislikelytomeeteachofthe

followingcriteria:

— Notaformeremployeeofthecompany

— Notashareholderinthecompany

— Notcloselyrelated(bybirthormarriage)toanyonewhoisasenior

employeeorshareholderinthecompany

— Nosignificantfinancialrelationshipswiththecompany,i.e.nota

creditorordebtorofthecompany

— Nosignificantcommercialrelationshipswiththecompany,i.e.nota

customer,supplier,jointventurepartner,businessadvisor,etc.

— Remuneratedwithaflatfee,ratherthanonthebasisofthecompany

meetingcertainperformancetargets

Inassessingeachoftheabove,companiesanddirectorsshouldconsider

boththedirectorinapersonalcapacity,andanyothercompaniesofwhich

heorsheisadirector.


An independent director can also be an

excellent choice as a board chairman,

if the company wishes to appoint one

formally (see the next chapter).

Although there are some potential

drawbacks to appointing an INED —

primarily the cost — the benefits above

should outweigh them.

How much will it cost?

The cost of engaging an independent non-

executive director will vary, depending

on factors such as the director’s skills

and experience, the complexity, size

and turnover of your business. At

present there is no specific norm for

non-executive directors’ fees. Much

depends on the circumstances of time,

responsibilities and membership of board

committees. Chairing sub-committees for

example would command an additional

remuneration over and above the basic

annual fees.

The Boardroom Centre at the Institute of

Directors in Ireland can offer guidance on

what to expect to pay and assistance in

sourcing an independent non-executive

director for your board (see References

and Further Reading chapter).

The benefits of independent non-

executive directors (INEDs)

Companies considering appointing an

independent director should assess the

benefits of doing so. If carefully chosen,

the benefits of introducing an INED to the

board should include:

– Bringing an outside viewpoint

with valuable relevant experience,

particularly when dealing with

matters of strategic importance

– Offering an unbiased perspective

and greater objectivity, which

management and shareholders are

not in a position to provide due to

their closeness to the company

– Offering assurance to external parties

(e.g. banks or investors) that the

board has the appropriate levels of

experience and objectivity

– Acting as a facilitator and negotiator

to aid in reaching consensus and

reconciling differing viewpoints

amongst board members

19

Choosing an INED

Thepotentialappointeeshouldobviouslybeindependent,basedonthe

guidelinesoutlinedpreviously,butideallyshouldmeetthefollowingcriteria:

— Shouldbeabletodevotesufficienttimetotherole–iftheINEDhasa

full-timeroleelsewhere,boththecompanyandtheindividualmustbe

satisfiedthatthisiscompatiblewiththepositionofINED.

— Shouldhaveappropriateexperience,whichwilldependonthenature

ofthecompanyandtheexperiencethatalreadyexistsontheboard.

CompanieswilltypicallylookforINEDswithexperienceoftheir

industry,aswellascross-sectoralskillssuchasfinance,audit,risk,

strategyorcommercialexpertise.

— Shouldhavetheappropriatepersonalattributesthatwillsupport

therole–whichwillrangefromtrustworthiness,totheabilityto

challengeanddebatematterswiththerestoftheboardandwith

management.

— Shouldbesufficientlycredibletoexternalparties–seekingexternal

opinionsonaconfidentialbasismaybeappropriate.

— Ideally,shouldbewell-connectedandinapositiontoassistthe

companyonacommercialbasis,throughcontactsandnetworks.

Inordertoprepareashortlistofappropriatecandidates,companies

shoulduseastructuredapproach.IthasbeencommoninIrelandand

elsewheretoselectboardcandidatespurelythroughinformalmethods,

i.e.personalcontactsandnetworks.Thisapproach,althoughstillused,

hasbecomefarlesswidelyaccepted,duetoitsassociationwithcronyism

anditslackofrigour.


Apreferableapproachistouseanappropriateintermediaryoragency,such

astheBoardroomCentreoperatedbytheInstituteofDirectorsinIreland

toprepareashortlistofcandidates.Evenwherecompaniesdoincludeon

theirshortlist,candidateswhohavebeenintroducedthroughinformal

means,itisstillessentialthatallpotentialboardmembersgothrougha

processofvettingandinterviewswithkeystakeholders.Iftheboardhas

achairman(seenextchapter)thenheorsheshouldleadtheselection

process;ifnot,thenapanelcomposedofrelevantstakeholders(e.g.key

shareholders)andadvisorsshouldbeassembled.

Action points:

— ConsiderwhetheranINEDcanaddvaluetoyourcompany

— Determineyourpotentialbudgetforanindependentdirector’sfees

— Usetheapproachesoutlinedabovetoprepareashortlistandstartthe

interviewprocess

21

The evolving board

In practice, smaller companies are likely

to enhance the board on an ongoing and

evolutionary basis. This will typically

mean engaging an ordinary independent

non-executive director as the first step

in enhancing the board. This is often

followed by then formalising the role of

the chairman at a later stage, perhaps by

promoting the INED to the role of chair

and engaging an additional INED. This

gradual approach ensures that the board

and company are not subject to disruptive

change, and allows the company to

confirm that arrangements are beneficial

before making further investments.

Board processes

The chairman is responsible for ensuring

that the board runs smoothly and

effectively, including managing the

agenda and conduct of board meetings,

and ensuring that all critical matters are

appropriately debated by the board and

that decisions are reached. Formalised

and defined board processes are therefore

important, and should be a major focus

for a new chairman.

The role of a chairman

A chairman holds a distinct and important

role in a company, one that should be

clearly distinguished from that of the

managing director or chief executive.

The chairman is charged with leading the

board, rather than the company, and is

responsible for board-level processes and

board meetings. For a small company,

the chairman will frequently deal with

the important governance processes that

are in place, including external audit, risk

management and internal audit, where

these exist. The chairman provides crucial

support for the MD, allowing him or her to

focus on the demanding role of running the

business.

The role of the chairman should ideally

be seen as an extension of the role of an

independent non-executive director —

despite the role of running the board, a

chairman should be non-executive, i.e. not

involved in the day-to-day management

of the company. An independent

chairman is preferable — all of the

benefits of independence described in

the previous chapter will also apply to a

chairman, arguably even more so given

the importance of the role. The following

sections provide a detailed list of typical

roles for the chairman.

The role of the chairman


by management, to help ensure that

there is no confusion between the roles.

Suitable templates exist for this, including

those issued by the Institute of Chartered

Secretaries and Administrators (ICSA) —

see the References and Further Reading

chapter at the end of this publication.

One useful technique to assist with

formalising board processes and

distinguishing between board and

management is to prepare a ‘schedule

of matters reserved for the board’. This

sets out which decisions and matters are

to be performed by the board, and which

The role of the chairman

— Buildastrong,effectiveandwellbalancedboardand,where

appropriate,boardcommittees

— Reviewboardcompositionandtakeanactiveroleinchangestoboard

composition,includingtheselectionandinductionofnewboard

members

— Clarify,agreeanddocumenttherolesandresponsibilitiesofthe

board,itscommitteesandindividualdirectors

— Ensurethattherespectiverolesandresponsibilitiesoftheboardand

managementareunderstoodbyall

— Ensurethatthereisaneffectiveworkingrelationshipbetweenthe

boardandmanagement

— ManagetheprocessofsuccessionplanningfortheroleofMD/CEO

— Overseetheperformanceevaluationandcompensationofthesenior

managementteam(seetheRemunerationPolicychapter)

— WiththeMD,setthe‘toneatthetop’andcultureofthecompanyand,

inparticular,settheappropriatecultureofgoodcorporategovernance

— Providedirectionandadvicetomanagementonmattersofcompany-

wideimportance

— Inconsultationwiththeboardandmanagement,settheagenda

forboardmeetings,andensurethatmeetingsareconductedin

accordancewiththeagendaandgoodpractice

23

— Ensurethattheboardhasadequateresourcestosupportitswork,in

particular,timelyandrelevantinformationinadvanceofmeetings

— Ensurethatthereiseffectivecommunicationbetweenmanagement,

theboardandshareholders,andactasapointofcontactforall

shareholderswhoarenotinvolvedinthemanagementofthecompany

Action points

— Engageanindependentnon-executivedirectorasthefirststepin

addingbalanceanddiversityofskillsandviewpointstotheboard

(seepreviouschapter)

— OnceanINEDisinplace,consideraddingtheroleofchairman,either

asanenhancementtotheexistingINED’sroleorasanewrole

— Formallydocumenttherespectiveresponsibilitiesoftheboard,

includingthechairman


However, it is not uncommon for a single

individual to take on both roles — often

where a dominant MD is reluctant to cede

any senior responsibilities to another

individual. There are risks associated with

such a situation, where the role of the MD

is not adequately separated from the role

of the chairman — principally the lack

of an independent individual capable of

giving shareholders assurance that the

MD is acting in their interests.

The managing director’s role in a

governance context

The role of the managing director or

chief executive is largely concerned with

the management of the company — i.e.

the strategy, operations, etc. — rather

than its governance. The role of the

chairman, as noted in the previous

chapter, is primarily concerned with

leading and running the board.

The role of the managing director

Key points in separating the role of the chairman and CEO/MD

— Separatingtherolesobviouslyinvolvesappointingaseparatechair–

butthereismoretoitthanthat

— Thechairmanshouldbeindependentandideallyhavenoprevious

connectiontothecompany

— Toensurethattheboundariesoftherolesarenotblurred,thereshould

beaclearstatementoftherespectiveresponsibilitiesofeachrole,e.g.

writtentermsofreferenceforeach

25

Action points:

— Ideally,identifyandappointanindependentchairman

— MakesureboththechairmanandtheCEOhaveclearlyunderstood,

documented,distinctroles

— Iftherolescannotbeseparatedandheldbydifferentpeople,atleast

makesurethatthetworolesareclearlydefined,sothattheCEO

knowswhatallshareholdersexpectofhimorherwhenexercising

theroleofchairman


nature of the responsibilities of an audit

committee, objectivity and independence

from management are essential.

What if I don’t have a full-time finance

department?

For small companies, particularly start-

ups, it is not uncommon to have no

full-time finance staff. This need not

be an issue — in fact, many companies

have found that there are benefits to

outsourcing the finance function to a

professional firm, including removing the

responsibility for managing the finance

function, leaving the senior executives

to focus on the operational aspects of

the business, and providing access to

professional accounting and financial

reporting expertise as required.

However, where a company has no

finance team, or only a small team, this

can increase the need for the board to

devote attention to the financial aspects

of the business, and thus increase the

benefits of forming an audit committee.

Responsibilities of an audit committee

The responsibilities of an audit committee

are vital to a company’s survival and

success, and potentially very broad in

scope. It is therefore important to note

Role and composition of an audit

committee

The role of the audit committee is to

provide oversight of finance, internal

control, risk, audit and related matters.

Although the board as a whole is

ultimately responsible for these matters,

it makes sense in both large and small

companies to delegate this role to

a committee with the appropriate

expertise to ensure that sufficient

attention is devoted to these critical

matters. Regardless of composition,

the audit committee should have clear

responsibility for the crucial matters

within its remit — the company’s risk

management, internal control, internal

audit and financial reporting (see

subsequent chapters on each of

these areas).

Composition of an audit committee

Under the governance regulations for

listed companies and financial institutions,

the audit committee is a sub-committee

of the board, comprised entirely of

independent non-executive directors.

For smaller companies without such

regulation, the composition will vary

in practice, and it may comprise, for

example, an independent non-executive

director and the head of finance. Given the

The audit committee

27

Templates for the terms of reference of an

audit committee are freely available and

can be used as the basis of a description

of the audit committee’s responsibilities.

Links to templates are included in the

References and Further Reading chapter.

explicitly what those responsibilities

are, to ensure that all parties — the

committee, the board as a whole,

management and shareholders — are

clear about what the committee will do.

Major responsibilities of an audit committee

Theroleofanauditcommitteecanbedividedintoanumberof

importantareas.

Financial reporting

— Review,andwherenecessarychallenge,periodicfinancialreports,

focusingontrendsandanalysis,keytransactions,accounting

standardsandapproachesused

Internal controls and risk management systems

— Ensurethatmanagementreviewstheeffectivenessofthecompany’s

internalcontrols,andreportstothecommitteeontheresultsof

thesereviews

— Ensurethatthecompanyhasputinplaceappropriateprocessesto

identifyandmitigaterisk,includingfraudrisk

— Ensurethatstaffandmanagementareprovidedwitharrangements

forraisingconcernsinconfidence,i.e.whistle-blowingpolicies

andprocedures

Internal audit

— Actasadvisorwhenimplementinganinternalauditfunction

— Approvetheappointmentorremovaloftheheadoftheinternal

auditfunction,andactastheprimaryreportinglineforthehead

ofinternalaudit

— Approvethescopeoftheinternalauditfunctionandensureadequate

resourcesandappropriateaccesstoinformationisavailable


— Reviewandassesstheannualinternalauditplanandallreports

produced

— Reviewandassessmanagement’sresponsetofindingsand

recommendations

— Monitorandreviewtheongoingeffectivenessoftheinternal

auditfunction

External audit

— Overseetherelationshipwiththeexternalauditor,including

remuneration,termsofengagement,independenceandobjectivity

— Meetwiththeauditorattheplanningandfinalreportingstages

— Reviewandapprovetheannualauditplan

— Reviewthefindingsoftheexternalauditor,includinganymajor

issuesthatwerefoundduringtheaudit,anyaccountingoraudit

judgements,andlevelsoferroridentified

— Reviewtheeffectivenessoftheexternalauditorandconsiderand

makerecommendationstotheboardontheauditor’sre-appointment

orremoval

Action points:

— Decidewhethertheresponsibilitiesnotedaboveshouldbeperformed

bytheboardasawhole,ordelegatedtoanauditcommitteewith

appropriateexpertise

— Ifagreedonbytheboard,formanauditcommitteeconsistingofthe

mostappropriatelyskilledboardmembers;includerepresentation

frommanagementbutaimforacommitteethatisatleast50percent

independent–e.g.oneINEDandtheheadoffinance

— Formallydocumenttheresponsibilitiesoftheauditcommittee

29

Documenting strategy

Thus the company, via the board

and management, should be able

to document and clearly articulate

the objectives and strategy of the

organisation. This provides clarity

and consistency of understanding

between shareholders, the board and

management, and provides a basis for

other governance mechanisms to

operate effectively.

Documenting the strategy in this way is

not merely an aspirational or ‘nice-to-

have’ goal — it is the only practical way

of ensuring that all stakeholders have a

common agreement on strategy. Likewise,

as described in the next chapter, the

strategy document should form the basis

for understanding the company’s risks.

Focusing on results

Furthermore, the strategy document

should not fall into the trap of relying on

vague mission and vision statements.

Although these might set the tone for

a strategy document, they are of little

use unless backed up with substantive

descriptions of the company’s strategic

goals and the means it will use to reach

these goals. The strategy documents

must include quantitative and qualitative

Respective roles in the strategic

planning process

The role of the board in the strategy of the

company should not be underestimated.

In many companies, the MD or CEO has,

effectively, sole responsibility for strategy —

planning, development, execution and

monitoring. However, if the guidance in

the previous chapters is put into practice,

the board will have the expertise, skills

and independence to contribute to the

strategic processes in the company.

The board, as the body that monitors the

activities of the company and protects

the shareholders’ interests, should retain

responsibility for approving the strategic

direction of the company. Whilst in most

cases the executive team will devise a

strategy and present this to the board,

the board’s role should be more than

just rubber-stamping its approval of the

strategy. The board should understand

all significant aspects of the current

strategy and any proposed changes to

it, and should actively challenge, critique

and suggest alternatives to the executive

team’s proposals. Only when the board

and management are satisfied that there

is a workable and mutually agreeable

strategy, should they formally approve it.

Strategic planning


measurements of strategic targets, to

provide the board with a benchmark

to monitor the execution of strategy

by management, and to provide clear

success criteria.

Action points

— Prepareahigh-levelstrategydocumentforthecompany

— EnsurethattheMDandseniormanagementteamcanclearly

articulatethecompany’sstrategy

— Ensurethattheboardhasreviewed,understood,challenged,critiqued

andcontributedtothestrategystatement,andthatbothboardand

managementagreeonthestrategicdirectionofthecompany

31

range of risks such as commercial,

reputational, legal or environmental risks.

The risk management process

The risk management process in any

company should start with a discussion,

at board and management level, about

the company’s risk appetite, i.e. the

level of risk that is acceptable. This will

vary depending on how conservative or

entrepreneurial the company is. The risk

process, at a high level, consists of the

stages in the diagram on the next page.

The first stage, identifying the full range

of risks faced by a company, can often be

the hardest part, particularly if it has never

been attempted before. To assist with this,

many companies use techniques such as

management workshops, to pool ideas on

the risks the company faces, and to reach

a consensus that will form the basis of the

risk register.

The definition of risk is crucial to the

effectiveness of this process. Risk should

not be seen merely as adverse events

viewed in isolation. Instead, risks must

be seen explicitly in the context of the

strategy of the company — risks are

anything which impact the company’s

ability to achieve its objectives.

The risk management context

Risk management has been the victim of

much negative coverage recently. This

is for two reasons: firstly, because of a

perception that risk management projects

are major, costly endeavours that only

the largest companies can afford; and

secondly, because many companies that

did undertake such projects still fell victim

to the financial crisis and recession.

This doesn’t give the full picture. In reality,

smaller companies can implement useful

risk management processes without

much effort or cost. And where risk

management has failed in the past, the

problem often lies not with the process,

but with the assumptions used — such as

the widespread assumption that property

values would never suffer a significant fall.

So, while a formal enterprise-wide risk

management (ERM) system is not

essential, every company should have

processes for ensuring that all major risks,

particularly risks which may be subject to

change, are identified and appropriately

addressed. Often, risk management

is seen as something that the head of

finance should deal with, but this can

result in an excessive focus on the core

financial risks such as fraud or financial

misstatement, at the expense of a broader

Risk management


allows companies to focus on the most

significant risks, e.g. those with high

impact and medium or high likelihood,

and to devote resources accordingly.

Using scenario planning techniques to

help understand how risks can impact a

business can also be useful.

To evaluate and assess risk, companies

should at least estimate the likelihood

and impact of risks. Although it is, in

theory, possible to assign numeric

probabilities and financial cost estimates

to each risk, in practice it is sufficient for

most purposes to merely rank each as

high, medium or low. That at least

Identify andcategorise risks

Evaluateand assess

(likelihoodand impact)

Mitigatewith

appropriatecontrols

Report onrisk exposure

and controleffectiveness

Monitorcontrol

effectiveness

Periodically review and repeat

Action points

— Createariskregister,withinputfromthemanagementteam

— Assessthelikelihoodandimpactofeachrisk

— Considerwhatcontrols–existingornew–couldmitigateeachrisk

The risk management process

33

Template – sample risk register

Ariskregisterneednotbeacomplexdocument.Thesampleriskregisterbelowshows

themajorheadingsthatariskregistershouldinclude,andexamplesofcategorisedrisks

andcontrols.

Category Risk Impact Likelihood Overall rating

Responsible person

Control(s)

Reputation Defectiveproductcausescustomerinjury

High Med High Qualitymanager,headofproduction

Qualitycontrolprocesses

Reputation Tribunaldisputeoverstaffminimumwage

Med Low Med HRmanager Ensurethatallrelevantstaffareatleastpaidminimumwage(inlinewithIrishlabourlegislations)

Key people Lossofkeystaff High Low Low HRmanager Ensurethatsuccessionplansareinplaceforkeypositions;appropriaterewardsystemisinplaceforkeypersonnel

Business continuity

Mainproductionfacilitiesareunavailable

High Med Med Productionmanager/engineer

Regularmaintenanceperformedtoensurethatcoreproductionfacilitiesarewellmaintained

Key customers

Lossofsignificantcustomer

High Low Low Salesdirector Ensurethatnoindividualcustomeraccountsformorethan10%ofrevenue

Key suppliers

Lossofmajorsupplier

Med Low Low Purchasingmanager

Maintaingoodrelationshipswithkeysuppliers

Cashflow Ineffectivecashmanagementresultsinshortageofcash

High Low Low Financemanager

Monthly/weeklycashflowforecastispreparedandreviewed

Availability of credit

Expirationofcurrentbankfacilitiesresultsindifficultyinobtainingcredit

High Med High FinanceManager

Enterintoproactivenegotiationswithcurrentandotherbanks;maintaingoodrelationshipwithbankbykeepingtheminformedofkeybusinessdecisionsandfinancialstatus


However, a balance must be

struck between creating too much

documentation, and not creating enough.

For most companies, documenting every

process is excessive, but conversely,

failing to document crucial processes

is risky. Undocumented processes

give rise to a risk that they will not be

performed consistently by all staff, or that

management and staff may not have the

same understanding of how a process

operates; they can also make it harder to

train new staff or deal with unexpected

staff absences.

Where major processes are documented,

the process documentation should

explicitly refer to the key controls, i.e.

those that are most important in mitigating

major risks.

Linking internal controls to risk

Internal controls should be matched to

risk, i.e. where there is a risk identified

by the risk management process then it

should be appropriately mitigated by an

internal control. The process of mapping

risks to controls and documenting

controls should not only identify risks

which are not mitigated, but which

controls are unnecessary.

Documenting key processes

Companies should consider documenting

crucial processes to support the risk

management and internal controls

described above, and to ensure that

important processes are understood and

operated consistently.

Internal control

Action points

— Assesswhichprocessesaremostimportanttothebusinessinterms

ofriskandfinancialmateriality

— Prepareaflowchartshowinghowtheseprocessesoperate

— Determinewhatthekeycontrolsareineachoftheseprocesses–

cross-referencingeachkeycontroltotheriskregister

35

The particular details of fraud risks will

vary in each business, but there are a

number of fraud indicators that can be

found in many businesses and that may

point to a potential for fraud.

Internal control and fraud

One of the more significant risks faced by

many companies — and therefore one of

the more important reasons to have robust

internal controls — is the risk of fraud.

Potential indicators of fraud

Whilstitcanneverbepossibletoguaranteedetectionoffraud,the

followingfactorsshouldraisesuspicionsandpromptfurtherinvestigation:

— Oneemployeeresponsibleforanentireprocess,e.g.payments(lackof

segregationofduties)

— Anemployeewhonevertakestimeoff

— Apartofthebusinessthatmaintainsgoodperformancewhenother

indicators–anecdotalevidence,poorperformanceelsewhere–suggest

thatitshouldbeunderpressure

— Looseinternalcontrols,suchaslackofsign-offandapprovalforset-up

ofnewcustomers

— Reconcilingitemsthatmightseemreasonable,butwhichrecuron

everymonthlyreconciliation

— Failuretoperformmonthlyreconciliations

— Employeeswhoseemguardedaboutprovidingaccesstodocuments

andreports,orwhoseektoactasgatekeeperstoallinformation

— Individualswithaccountingorgeneralmanagementresponsibilities

whohaveadministratoraccesstotheaccountingsystem–whilethisis

common,itdoesactasafacilitatortofraud

— Missingdocuments–includingunexplainedgapsinnumerical

sequence


— Documentswhichappeartohavebeenaltered,orwhereonlya

photocopyappearsonfile

— Ahistoryofimpropriety–areaswherepastauditsandreviewshave

foundanomaliesorsuspicionsofinappropriateactivity

— Unexplaineddecisionsand/ortransactions

— Requestsforexceptionstotheprocedures,e.g.advancepayment

requests

— Weakmanagement–employeesareallowedfreereinandcontrolsare

notstrictlyenforced

— Baddebtwrite-offsthatareexcessive,suspicious,hasty,ornot

appropriatelyapproved

— Excessiveorincreasinglevelsofstockspoilage/waste/damagedgoods

— Unusuallevelofaddresschangesforvendorsorpayees

— Multiplepayeeswiththesameaddress

— Anylackofaudittrail:forcomputersystems,atransactionhistory

byusershouldalwaysbeavailable;forpaperrecords,anyerrorsor

changesshouldshowtheoriginalrecordcrossedout,notblankedout

ordestroyed

— Significantpurchases,orpurchasesfromnewvendors,beingmade

withoutmultiplecompetitivequotesonrecord

37

Approaches to internal audit

Although large companies will normally

create and maintain their own internal

audit function staffed with dedicated

auditors, for most companies this is not a

practical option. Internal audit functions

for small and medium companies can be

engaged on an outsourced basis, using an

external firm or contractor to provide the

services, typically on a part-time basis. A

co-sourced approach can also be taken,

typically by medium-sized companies

who will engage a core team or one or

more internal auditors supplemented by

external expertise as needed.

Implementing an internal audit function

need not be prohibitively expensive, even

for small organisations. It is perfectly

feasible to deliver an appropriate internal

audit function, which addresses the major

risks faced by a company, with an annual

budget that runs to tens rather than

hundreds of thousands.

What internal audit does

An internal audit function is a separate

function within a company which provides

assurance that the risk and control

processes are operating effectively, and

evaluates and benchmarks processes

in order to make recommendations for

improvements. Internal audit should act

as an independent insider — more familiar

with the operations of the business than

the board members, but nonetheless

independent of management.

As noted in previous chapters, strategy,

risk and internal control are all closely

linked. From this viewpoint, internal

controls serve to mitigate risks to the

achievement of the company’s strategic

objectives. Internal audit has a crucial role

in ensuring that this process operates, i.e.

ensuring that controls effectively mitigate

risk on an ongoing basis.

Internal audit


How internal audit can benefit

a business

The benefits of investing in internal audit

are frequently debated. In particular,

many executives question the need for an

internal auditor when there is already a

statutory obligation to engage an external

auditor. In practice, the roles of internal

and external auditors are very different —

whereas the external auditor focuses

almost entirely on whether historical

financial statements show a ‘true and

fair’ view, the internal auditor should

cover all current and future risks faced

by a business, not just the risk of mis-

statement in historical financial reports.

For example, a well-managed internal

audit function will frequently focus on

critical commercial risks, such as the

risks that revenue and profit are not

being maximised. From an external

auditor’s perspective, there is no reason

why a company cannot get a clean audit

report regardless of the extent to which

revenue is being maximised — as long as

transactions are properly recorded and

accounted for. The benefit of internal audit

primarily lies in this crucial difference and

much broader scope. The following table

summarises the differences between the

two audit functions.

The internal audit process

The most widely accepted internal

audit approach is to use a risk-based

process. Starting from the existing risk

register and risk management processes

undertaken by the company, the internal

auditor creates a strategy that focuses on

the highest-risk processes, departments

or functions within the business, and

aims to review these in turn over the

course of a multi-year audit plan.

Once this plan and the associated

priorities have been agreed with the

board, the internal auditor conducts a

review of each area in turn, focusing on

the risks within that part of the business,

and examining the design and operational

effectiveness of the controls that mitigate

the risks.

The internal auditor then prepares a

report identifying control gaps and

recommending improvements to better

mitigate risk, validating the details with

management prior to presenting to the

board. Management should provide

responses to each of the points raised,

and an action plan for resolving the issues.

39

Essential differences between internal and external (statutory) audit

External audit Internal audit

Scopeislimitedtofinancialstatements,andwhethertheyshowa“trueandfairview”

Scopeshouldcoverallpartsofthebusinesswhereriskexists

Approachisdrivenbythematerialityofbalancesheetandprofitandlossitems

Approachisdrivenbythelikelihoodandimpactofrisksineachareaofthebusiness

Perspectiveislargelyhistorical,asidefromthefocusonwhetherthebusinessisagoingconcern

Perspectiveshouldaddresscurrentprocessesandcurrentandfuturerisksfacedbythebusiness

Operatesonanannualbasis,althoughfrequentlyincludesaninterimaudit

Operatesyear-round,accordingtoanannualormulti-yearplan

Mustbeperformedbyanindependentexternalfirm

Canbeperformedbyaninternalresourceorteam,althoughcertainlevelsofindependencemustbemaintained

Externalauditisalegalrequirement Nolegalrequirementforinternalaudit–shouldbedoneonlywherethereisabenefit

Action points

— Assesswhetheryourcompanyhasreachedapointwherean

independentinternalauditfunctionisjustified

— Considerwhethertodevelopanin-houseinternalauditfunction,

oroutsourceit

— Preparecostestimates,orobtainquotes,fordevelopingthe

auditfunction


The board and management of a company

should agree what information they

actually need, not just what they are

accustomed to getting. What they need

should be defined by reference to how

they make decisions — information is

valuable and essential if it affects what

decisions need to be made.

The need for high-quality information

in a business

Previous chapters have emphasised the

importance of the board in governing

a company. In order to fulfil this role,

the board must have access to the right

information to understand how the

company is operating and performing.

Likewise, the management team must

have access to an even broader range of

information to enable it to perform its

ongoing duties.

Unfortunately, many companies suffer

either from insufficient information, or

from too much — a surplus of irrelevant

information. To deal with this, awareness

of what information is needed for critical

strategic decisions is essential — it’s

frequently not the traditional financial and

management information that is required.

Reporting and information quality

Common indicators of poor quality management information

— Historical,notforward-looking

— Point-in-timeratherthantrends

— Presentationofinformationcanbepoor

— Focusedoninternal(notexternale.g.banks,grantauthorities)

— Toomuchdetailandvolumeofinformation

— Preparedonanad-hocbasisratherthanautomated

— KPIsandmetricsnotdefined

41

Suggested minimum financial data

Thefollowinglistprovidessuggestionsforthesortofinformationthat

shouldbeavailabletoboardsandmanagementteams:

Historical reports

— Incomestatement(profitandlossaccount):showstherevenue,

expenses,andtheprofitorlossofthecompanyforaspecificperiod

oftime

— Balancesheet:thefinancialpositionofthecompanyonaspecificdate,

intermsofassets,liabilities,andshareholders’equity

— Cashflowstatement:thesourcesandusesofcash,i.e.cashinflows

andoutflows

— Marginreports:moredetailedthantheincome/profitandloss

reports,theseshowhowmuchmargin/grossprofiteachproductor

servicelinemakes;theyshouldbesubdividedasappropriatetoallow

comparisons,e.g.acrosscategories,departments,salesteams,products,

geographicalregions,etc.

— Financingandcreditreports:informationcoveringboththe

company’sowncredit-worthiness,includingdetailsofitsfinancing

status,andthecredit-worthinessofthecompany’scustomersand

debtors

— Salesgenerationreports:informationonthegenerationofnewsales

opportunities,andtheextenttowhichtheyaretranslatedintosales

orders

— Customerservicereports:informationindicatinglevelsofcustomer

satisfaction,e.g.numbersofservicerequests,complaints,warranty

claims,etc.,anddetailsoftheresolutionofcustomerissues,

complaintsclosed,resolutiontime,etc.


Forward-looking reports

— Monthlybudgetsandvarianceanalysis:alistofplannedfuture

incomeandexpenseswhichcanbeupdatedperiodicallyand

comparedagainstactualincomeandexpenditure

— Salesforecastandtrendanalysis:forexample,usingsalesfiguresfrom

thesamemonthintheprioryearcoupledwithinformationonthe

currenteconomicclimatetopredictsalesforamonthinthefuture

Action points:

— Performacriticalreviewofalloftheinformationbeingproducedfor

themanagementteamonaperiodicbasis–whousesit,howoften,

andforwhat(ifany)purpose?

— Establishwhichkeyperformanceindicators(KPIs)arenecessaryto

makeongoingbusinessdecisions,andensurethatthereportsand

informationbeingproducedreflectstheseKPIs

43

Devising an appropriate approach

To be successful, a remuneration policy

should be based on a set of performance

metrics that shareholders and managers

mutually agree indicate a positive financial

result for the company. These metrics

will typically incorporate revenue and

profit targets, but must be devised so

that they measure profitability in the

long term, not just short term profit

peaks that may not be sustainable. Once

those measures are agreed, a significant

proportion of executive remuneration

should be made conditional on achieving

those targets. Proportionality should be

built in to the mechanisms, so that partial

achievement of goals, results in partial

award of contingent remuneration, where

appropriate. However, the goals should

be set, and made sufficiently difficult

to achieve, to ensure that executives

are genuinely encouraged to reach the

targets. Remuneration should not be

based on reaching once-off targets, but

on continuously reaching targets over a

period of time.

The need for remuneration policies

Remuneration is obviously a critical

concern for larger companies — listed

companies are required to have a specific

sub-committee of the board devoted

to remuneration. This allows them to

put in place remuneration policies that

ensure that the senior management team

is rewarded for acting to the benefit of

shareholders, i.e. by generating profit

and long-term shareholder value, the

executives are generating wealth for

themselves; conversely, a remuneration

policy should ensure that executives

are not rewarded for failing to generate

shareholder value.

For smaller companies, these goals

are just as important, although the

mechanisms used to achieve them

can be very different. Remuneration

policy should be driven primarily by the

shareholders, and should be done in a

planned and proactive manner, not just as

an annual ad-hoc negotiation exercise.

Remuneration policies


The formalising and documenting of

agreed remuneration processes should

therefore ensure that management

is incentivised to meet the goals of

shareholders and the company, i.e. that

management works towards the long-

term enhancement of shareholder value.

Action points:

— Ensurethattheshareholdersandseniorexecutivesagreeasetofkey

performanceindicatorsfortheseniormanagementteam

— Ensurethatbonuspaymentsandsalaryupdatesaremadeinlinewith

performanceagainsttheagreedKPIs

45

Succession in family businesses

Succession planning can be particularly

difficult in family businesses, when

handing over from one generation to the

next. The most successful approach is

likely to involve separating the ownership

from the management of the company,

and treating each differently — it should

be feasible to pass on shareholdings in

a company to the next generation, but

pass on the management of the company

as a separate and distinct process. This

allows management roles to be performed

by the most capable person in each

instance, regardless of whether this is

any particular person, or even whether

they are family members at all. Doing so

is likely to be the best way to protect the

value of the business for the benefit of

all shareholders.

The need for succession planning

Succession planning, i.e. ensuring that

board and management vacancies,

particularly at MD or CEO level, can be

managed, is essential to ensuring that

the company can continue to operate

effectively in the event of resignation,

illness, incapacity, etc.

Approach to management succession

In some cases, typically in larger

companies, it is feasible to have a deputy

MD who is trained and capable of taking

over as MD should the need arise. Even in

smaller companies, it should be feasible

to identify at least one member of the

management team who is capable of

filling in for the MD on an interim basis,

with appropriate assistance from the

board or external advisors as required.

Action points:

— Makesurethereisalwaysatleastonememberofthemanagement

teamwhoistrainedandpreparedtotakeoverfromtheMDinan

emergency

— EnsurethatallessentialaspectsoftheMD’srolearedocumentedto

enablerapidtransitionwhererequired

— Ensurethatnormal(non-emergency)successiontakesplaceina

formalandplannedmannertoensurethatdisruptiontothecompany

isminimised

Succession planning


Policies do not need to be lengthy or

detailed to be effective, but must be clear

and unambiguous. If well-drafted and

properly communicated, they can provide

several important benefits, including:

– better assurance of good

management and staff practices

– a better defence against legal liability

for management and directors

– annual confirmation of compliance

with policies will focus the minds of

your management and staff on their

obligations.

The need for policies

A company should have a comprehensive

range of formal policies at board,

management and staff level. These

should set standards for appropriate

conduct; many of these may already have

been defined by HR (e.g. bullying and

harassment policies) or IT (e.g. acceptable

use policies), but many policies need

input from multiple functions within an

organisation. Examples of these include

policies on ethics and whistle-blowing,

and policies on information security,

privacy and protection of personal and

confidential data. Companies also have

a legal obligation to implement certain

policies, for example in relation to health

and safety.

Action points:

— Discusswithmanagementandemployeeswhatpolicieswouldprovide

guidanceonhowtoworkandbehavewithinthecompany

— Draftpoliciesforthemostimportanttopics,usingtemplatesorreadily

availableguidancewhereappropriate

— Collateallpoliciesintoasinglepolicydatabase–preferablyonline,

e.g.onaninternalwebserverorintranet–andkeepthemuptodate

— Communicatepoliciestoallemployeessothattheyareclearthat

complianceismandatory

Company-wide policies

47

In practice, since many companies are

already dealing with adverse conditions,

directors and management should be on

the lookout for any indicators, no matter

how minor, of worsening circumstances.

The guidance below provides some

indicators that may point to the

deterioration of a company’s financial

situation, as well as some recommended

actions for directors to bear in mind in

such circumstances.

As companies continue to experience

difficult trading conditions across most

sectors, it is essential for management

and boards alike to keep a close watch

on their companies to ensure that any

indication of worsening of the financial

position is identified early enough to be

dealt with.

Warning signs that a business may be in difficulty

— Customersaretakinglongerandlongertopay

— Suppliersarereluctant–orunwilling–toextendcredittothesame

extentasbefore

— Bankfacilitiesaredueforrenewal,andthereisnofirmcommitment

fromthebanktocontinuetoprovidecredit

Essential actions to take when a business is in difficulties

— Beawareoftheextentofdutiesowedbydirectorstoshareholders,and

actinaccordancewiththoseduties

— Beabletodemonstratethatyoudidso:

– ensurethatappropriateinformationwasrequestedandobtained

fromthemanagementteamwherethereisanysuspicionof

impendinginsolvency

– askappropriatequestionsandmakesurethatthereisanaudit

trailofthis,containedinboardminutes,emails,etc.

Governance considerations for businesses in difficulty


— Getexternalprofessionaladvicefromaninsolvencypractitioner

— Takeaproactiveapproachtoresolvingissues,particularlythose

involvingcashflowandtheavailabilityofcredit

— Holdboardmeetingsfrequently

— Ensuregoodquality,timelymanagementinformationisavailable

— Avoidincurringunnecessaryexpenditure—eventotheextentof

temporarilyforgoingdirectors’salariestohelpthecompanythrough

adifficultperiod

Action points:

— Beawareoftheindicatorsofworseningfinancialconditions

— Makesurethatboardsandmanagementconducttheirbusinessina

prudentmanner,avoidingrecklesstradinginthefaceofinsolvency,

andeventheappearanceofrecklesstrading

49

Board structure, roles and

responsibilities

Institute of Directors in Ireland,

Directors’ Handbook www.iodireland.ie

The Boardroom Centre, Institute of

Directors in Ireland http://www.

iodireland.ie/the-boardroom-centre

Institute of Chartered Secretaries and

Administrators (ICSA) guidance notes

on corporate governance: http://www.

icsa.org.uk/resources/guidance (Select

Resource Types › Guidance Notes and

Subjects › Governance/Corporate

Governance)


Administrators: ICSA Guidance on Terms

of Reference — Audit Committee http://

www.icsa.org.uk/assets/files/pdfs/

guidance/071012.pdf


Administrators: ICSA Guidance on Matters

Reserved for the Board http://www.icsa.org.

uk/assets/files/pdfs/guidance/071011.pdf

General corporate governance topics

Organisation for Economic

Cooperation and Development, OECD

Principles of Corporate Governance,

2004. http://www.oecd.org/

dataoecd/32/18/31557724.pdf

R. I. Tricker, Twenty Practical Steps to Better

Corporate Governance, Corporate Secretaries

International Association, March 2010.

http://www.csiaorg.com/pdf/research_

paper.pdf

References and further reading

©2011,GrantThornton,InstituteofDirectorsinIreland.Allrightsreserved.

51


Institute of Directors in Ireland

Europa House Harcourt Street Dublin 2

Tel: +353 1 411 0010 Fax: +353 1 411 0090

www.iodireland.ie

Grant Thornton

24-26 City Quay Dublin 2

Tel: +353 1 680 5805 Fax: +353 1 680 5806

www.grantthornton.ie