8/19/2019 P1 student notes.pdf
1/178
i
Student
Notes
ACCA Paper P1Professional Acccountant
For exams in December 2008
To be used with the BPP Study Text for exams in December 2008 and
June 2009 2008 edition)
8/19/2019 P1 student notes.pdf
2/178
ii
All our rights reserved. No part of this
publication may be reproduced, stored in a
retrieval system or transmitted, in any formor by any means, electronic, mechanical,
photocopying, recording or otherwise,
without the prior written permission of BPP
Learning Media Ltd.
©
BPP Learning Media Ltd
2008
First edition 2008
ISBN 9780 7517 5713 2
British Library Cataloguing-in-Publication Data
A catalogue record for this book
is available from the British Library
Published by
BPP Learning Media Ltd
BPP House, Aldine Place
London W12 8AA
www.bpp.com/learningmedia
8/19/2019 P1 student notes.pdf
3/178
Introduction iii
C O N T
E N T S
chapter 1
SCOPE OF CORPORATE GOVERNANCEpage 1
chapter 2
APPROACHES TO CORPORATE GOVERNANCEpage 17
chapter 3CORPORATE GOVERNANCE PRACTICE AND
REPORTINGpage 33
chapter 4INTERNAL CONTROL SYSTEMS
page 49
chapter 5
INTERNAL ENVIRONMENT AND OBJECTIVE
SETTINGpage 63
chapter 6
EVENT IDENTIFICATION AND RISKASSESSMENT
page 77
chapter 7
RISK RESPONSE AND CONTROL
ACTIVITIESpage 87
chapter 8INFORMATION, COMMUNICATION AND
MONITORINGpage 95
chapter 9ETHICSpage 109
chapter 10
ETHICS AND PROFESSIONAL PRACTICE
page 119
chapter 11CORPORATE SOCIAL RESPONSIBILITYpage 133
8/19/2019 P1 student notes.pdf
4/178
iv
8/19/2019 P1 student notes.pdf
5/178
1
chapter 1
SCOPE OF
CORPORATE
GOVERNANCE
This chapter sets out the foundations of good corporate
governance, defining what corporate governance is andwhom good corporate governance serves. You mayneed to consider the conflicting interests of
stakeholders and how stakeholders can controlmanagers/directors. We also summarise major issues
in corporate governance.
DEFINITION
CONCEPTS
AGENCY
STAKEHOLDERS
MAIN ISSUES
8/19/2019 P1 student notes.pdf
6/178
2
Definition Main issuesStakeholdersAgencyConcepts
Corporate governance is the system by which organisations are directed and controlled. It is a set ofrelationships between directors, shareholders and other stakeholders.
Risk managementand reduction
Appropriate controlsystems
Framework topursue strategy
Guards againstmisuse of resource
Spirit of codes Accountability tostakeholders
Corporate governance
D E F I N I T I O N
8/19/2019 P1 student notes.pdf
7/178
1: Scope of corporate governance 3
Context
Good corporate governance enables investors to feel confident that their investment is well-
managed and will not be lost as a result of bad decisions, poor management control or greed of the
directors.
Learning example 1.1
10 years ago a fund manager invested $15m in the shares of CAET Corporation, a successful retail
clothing chain. Today the investment is worth only $3m.
What could have gone wrong at CAET Corporation?
What difference could having a better accounting function at CAET Corporation over the past 10
years have made?
Solution 1.1
8/19/2019 P1 student notes.pdf
8/178
4
Definition Main issuesStakeholdersAgencyConcepts
Fairness Take into account all stakeholders with legitimate interests
Transparency Openness, disclosure in financial statements, press releases, websites
Independence Need for independent non-executive directors who can monitor withoutconflicts of interest
Probity Truth-telling/not misleading
Responsibility Management responsible for organisation, means of corrective action andpenalising mismanagement
Accountability Directors answerable for consequences of actions, to shareholders andstakeholders (?)
Reputation Jeopardised by poor risk management/corporate governance, may impactcommercially
Judgement Taking decisions that enhance organisation’s prosperity
Integrity Straightforward dealing and completeness, basis of trust
C O N C
E P T S
8/19/2019 P1 student notes.pdf
9/178
8/19/2019 P1 student notes.pdf
10/178
6
Definition Main issuesStakeholdersAgencyConcepts
Agency Agency in corporate governanceAgency is acting on behalf of another (principal) indealing with others.
Agency costs are the monies and resourcesexpended by principal in monitoring agent.
Accountability
Fiduciary duty (trust and care)
Personal performance Obedience
Skill
No conflict of interest
Confidentiality
Handing over benefits
Agent’s responsibilities
Directors (agents) run company on behalf ofshareholders (principals).
Agency problem – how to prevent directors excessivelyrewarding themselves/underperforming.
Main solution is to link reward with companyperformance:
Profit related pay
Shares
Share option plans
Transaction costs theoryCompanies seek to keep business dealings in-house,managers act opportunistically in their own interests.
A G E N C Y
8/19/2019 P1 student notes.pdf
11/178
1: Scope of corporate governance 7
Context
Directors and management are agents of shareholders (principals). The principal agent problem
refers to the difficulty faced by shareholders in ensuring that management don’t use the firm’s
money and assets for their own ends.
Learning example 1.3
What would be the indicators of directors misusing their position as agents?
Solution 1.3
8/19/2019 P1 student notes.pdf
12/178
8
Definition Main issuesStakeholdersAgencyConcepts
Stakeholder theoryOrganisations have responsibilities to broadrange of stakeholders. Stockholder view thatcompany just responsible to shareholders is
wrong as modern corporations are very largeand social/political/legal impact is therefore great.
Instrumental view – mainly economicresponsibilities with aim of maximising profits
Normative view – ethical/philanthropicresponsibilities as well as economic/legal
StakeholdersStakeholders are groups or individuals whoseinterests are directly affected by the activities ofa firm or organisation.
Stakeholder power mappingLevel of interest
D
Power
Low High
Low
HighC
BA
A: minimal effortB: keep informed, as can influence more powerful stakeholdersC: keep satisfied
D: strategy must be acceptable
Corporate governance accommodates views Repositioning of stakeholders Identify change blockers/facilitators Assess legitimacy/urgency
Results of mapping
S
T A K E H O L D
E R S
8/19/2019 P1 student notes.pdf
13/178
1: Scope of corporate governance 9
Context
Because firms affect people’s lives, some believe that management should accommodate the
interests of more than just shareholders when running companies.
Learning example 1.4
The Board of a medium-sized private company is considering becoming fully listed on the stock
market. The family that presently holds 100% of share capital will have their holdings diluted down
to 30% as more shares are issued and capital is raised.
Classify the following using stakeholder mapping and justify your decision.
(a) Employees of the company
(b) The family that owns the shares at present
(c) The Stock Market's regulators
(d) Customers of the company
Solution 1.4
8/19/2019 P1 student notes.pdf
14/178
10
StakeholdersDefinition Main issuesAgencyConcepts
Proximity to organisationInternal – employees/management
Connected – shareholders, customers, suppliers,lenders, trade unions, competitors
External – government, local government, public,
pressure groups, opinion leaders
Active and passive stakeholdersActive – seek to participate in organisation'sactivities (managers, shareholders, regulators,pressure groups)
Passive – don’t seek to participate in policy-making(shareholders, local communities, government)
Primary and secondary stakeholders
Narrow and wide stakeholders
Primary – need participation to continue as goingconcern (customers, suppliers, government)
Secondary – their ceasing to participate won’t affectcontinued existence (government, managers)
Narrow – most affected by organisation’s strategy(shareholders, employees, suppliers, major customers)
Wide – less affected by organisation’s strategy(government, less significant customers, community)
Voluntary and involuntary stakeholdersVoluntary – those who voluntarily have involvementwith the organisation – employees, customers,
suppliers, shareholders
Involuntary – engage with the organisation withoutchoosing to do so – neighbours, wider public
Knowledge of stakeholdersKnown – Existence known to organisation
Unknown – Existence unknown to organsiation(wildlife, communities affected by suppliers)
Legitimacy of stakeholders
Recognition of stakeholders
Legitimate – valid claims
Illegitimate – invalid claimsWho decides legitimacy?
On what basis?
Recognised – Managers consider interests and viewswhen deciding strategy
Unrecognised – Managers don't consider claims whendeciding strategy
S
T A K E H O L D
E R S
8/19/2019 P1 student notes.pdf
15/178
1: Scope of corporate governance 11
Context
These are examples of stakeholders and the different ways to classify them.
Learning example 1.5
The Board of a hotel company is considering acquiring land in an unspoiled area of great naturalbeauty to build a hotel and shopping complex, the first of its kind in the country.
Classify the affected stakeholders using the stakeholder power mapping matrix.
Tutor note. The value of this exercise will be in the application of ICE and what power and interest
each stakeholder has. A good approach is to draw up the matrix and fill it in from class suggestions.
The solution below is merely our suggestion.
Solution 1.5
8/19/2019 P1 student notes.pdf
16/178
12
Definition Main issuesStakeholdersAgencyConcepts
Secretary
Customers
Suppliers
Employees
Executive full-time managers, non-executive monitoring
Arranges board meetings, deals with documents and registers, general administration,reports to chairman
Impact of governance upon their position including their chances of becomingdirectors
Commitment, interest in pay and conditions, need to comply with control systems andadopt culture
Pay, prospects plus working conditions of members, concerned with poor boardcommunication, lax risk and control environment
Co-operation needed for just-in-time supply, poor payment record leads to creditrestriction and poor service
Increased expectations, power to shop elsewhere, ability to make views known, ethicalrequirements
Directors
Sub-board management
Trade unions
Independence required to supply confidence in information, need for audit committeeto reinforce position
Establish rules and standards, carry out inspections. May be enforcement costs orregulatory capture, domination of regulator by regulated
Establish overall control climate, influence investors through taxes, encourge privateshareholdings, provide subsidies and investment trusts
Companies raise money, investors transfer shares, provide regulatory framework forgovernance
Can influence prices, avoid speculative shares, want short-term profits, can influencecompanies through meetings and voting, able to take direct action if dissatisfied
External auditors
Regulators
Government
Stock exchanges
Institutional investors
S
T A K E H O L D
E R S
8/19/2019 P1 student notes.pdf
17/178
1: Scope of corporate governance 13
Context
These are examples of stakeholders and why they are important to organisations.
8/19/2019 P1 student notes.pdf
18/178
14
Definition Main issuesStakeholdersAgencyConcepts
Duties of directorsCorporate governance guidelines reinforce legal andfiduciary duties to act in company’s best interests,use powers for proper purpose, avoid conflicts ofinterest and exercise duty of care.
Accounting and auditingGreater transparency and reliability of accounts,decreasing investor risks.Tougher auditing standardsand requirements for auditors to avoid conflicts ofinterest.
Board supervisionNeed for board to meet regularly to consider effectivelyorganisation’s activities, risks and control systems.
Directors’remuneration
Corporate social responsibility
Board compositionNeed to avoid domination by single individual/smallgroup of executive directors.
Builds on stakeholders’ debate, what responsibilitiesshould organisation and board fulfil.
Directors being paid undeserved and excessiveremuneration and bonuses. Allegations that directorshave been rewarded for making losses.
M A I N I
S S
U E S
8/19/2019 P1 student notes.pdf
19/178
1: Scope of corporate governance 15
Context
These are the main techniques used to assure proper corporate governance. They will be examined
in detail in later chapter.
8/19/2019 P1 student notes.pdf
20/178
16
Reinforcement
Using Chapter 1 of your Study Text
Expand notes on corporate governance concepts (Section 1.2), fiduciary
responsibility (Section 2.2) and stakeholders (Sections 3.10 – 3.26)
Attempt questions ‘Mendelow’s matrix’ and ‘Concepts’ in Chapter 1 Attempt Quick Quiz
Attempt Question 1 ‘Bonus schemes’ from Exam Question Bank at the back of
your Study Text
8/19/2019 P1 student notes.pdf
21/178
17
chapter 2
APPROACHES
TO CORPORATE
GOVERNANCE
In this chapter we summarise the factors that haveinfluenced the ways corporate governance hasdeveloped. You may be asked about these in part (a) ofa question before you consider specific corporategovernance arrangements later in the question. Wealso give details of the major worldwide codes,
particularly those that have international impact.Corporate social responsibility is a major topic in thisexam, and the themes we cover will occur in manyquestions.
DEVELOPMENT OF GUIDANCE
BASIS OF GUIDANCE
MAJOR GOVERNANCE CODES
SARBANES-OXLEY
CONTRIBUTION OF CODES
CORPORATE SOCIAL RESPONSIBILITY
8/19/2019 P1 student notes.pdf
22/178
18
Contributionof codes
Development ofguidance
Corporate socialresponsibility
Sarbanes-OxleyMajorgovernance codes
Basis ofguidance
Internationalisation
Governance development
Investor treatment Financial reportingweaknesses
Individual countrycharacteristics
Corporate scandals
Openness Integrity Accountability
Main goals
D E V E L O P M E N
T O F
G U I D A N C E
8/19/2019 P1 student notes.pdf
23/178
2: Approaches to corporate governance 19
Context
Most codes and rules on corporate governance have developed since 1990. Understanding theregulations and differences between them can be helped by understanding the circumstances underwhich they developed.
Learning example 2.1
Go to www.wikipedia.org and search the following terms. Make brief notes on the scandals, notingin particular the date, the name of the CEO and the financial practices that were concealed andwhich led to the scandal.
(a) Parmalat
(b) Enron
(c) II Robert Maxwell
Solution 2.1
8/19/2019 P1 student notes.pdf
24/178
20
Contributionof codes
Development ofguidance
Corporate socialresponsibility
Sarbanes-OxleyMajorgovernance codes
Basis ofguidance
Principles-based approachMost corporate governance codes have been drawn upon the basis of a principles-based approach with broadguidelines supplemented by limited specificrequirements. Danger may be that over-broad principlesare not strong enough.
Insider systemsMost companies listed on stock exchange are controlledby a few individuals.
Avoids inflexible rules
Less burdensome
Allows scope for development
Comply or explain
Emphasis on investor judgement
Advantages of principles
Outsider systemsShareholdings are widely dispersed, manager/ownerseparation.
Strong owner-manager linksLonger-term view
Discrimination v minorityLack of monitoring/governance
Robust governance regime
Hostile takeover threat constrains managementAgency problem
Short-term priorities
Advantages/Disadvantages
Insider Outsider
B A S I S O
F
G U I D A N C E
8/19/2019 P1 student notes.pdf
25/178
2: Approaches to corporate governance 21
Context
Corporate governance develops to keep pace with changes in firms’ behaviour and the economiccontexts that firms operate in. This leads some countries to prefer the certainty of a system basedon strict rules. Others prefer the adaptability and flexibility of codes based on principles.
Learning example 2.2
Consider the advantages listed for principles-based approaches opposite. Use them to help you.
(a) List the disadvantages of rule-based approaches.
(b) Suggest advantages of rule-based approaches.
Solution 2.2
8/19/2019 P1 student notes.pdf
26/178
22
Contributionof codes
Basis ofguidance
Corporate socialresponsibility
Sarbanes-OxleyMajorgovernance codes
Development ofguidance
Cadbury reportReport aims to address weaknesses in director-auditorarrangements, particularly perception that auditorsoften capitulate to directors. Code of Best Practicecovers role of the board, audit, financial reporting andshareholder relations.
Combined CodeCode derives from Cadbury, Greenbury and Hampelreports, supplemented by:
Turnbull report – risk and internal control Smith report – audit committees Higgs report – non-executive directors
Hampel reportPrinciples-based approach, requiring companies tocomply with, or explain departure from, best practice.
King reportGreenbury reportNon-executive directors determine executive directors’remuneration and service contracts limited to one year.
South African report, advocating integrated approachto variety of stakeholders and importance of socialand environmental as well as economic activities.Report emphasises need for shareholder activism anddisclosure as regulatory measure.
OECD principles
Shareholder participation and voting on directors
Shareholder/stakeholder rights
Equitable treatment of all shareholders
Stakeholders rights protected
Timely/accurate disclosure of material matters
Board responsible for strategy and monitoring
Board should act with due diligence and in company’sbest interests
Principles
ICGN reportInternational Corporate Governance Network hasprovided practical guidance for boards to operateefficiently and compete for scarce capital.
Board’s role in strategy/monitoring emphasised
Directors need appropriate skills/experience
Directors show independent judgement
Directors fulfil fiduciary duties
Formal process of director evaluation
Shareholders’ voting rights protected Major changes require shareholder approval
Returns benchmarked v similar equity cos
Full disclosure of voting rights
Code of ethics
Need to manage stakeholder relationships productively
ICGN guidance
Organisation for Economic Co-operation andDevelopment produced non-binding principles toaddress the interests of global investors. Companiesshould work towards achieving principles, andprinciples are guidelines for individual countries todevelop own codes
M A
J O R
G O V E R N A N C E
C O
D E S
8/19/2019 P1 student notes.pdf
27/178
2: Approaches to corporate governance 23
Context
The Examiner may require you to cite particular codes as examples.
Learning example 2.3
Explain the reasons for the growth of codes of corporate governance since 1990.
Solution 2.3
8/19/2019 P1 student notes.pdf
28/178
24
Sarbanes-Oxley Contributionof codes
Development ofguidance
Corporate socialresponsibility
Majorgovernance codes
Basis ofguidance
Sarbanes-OxleyThe Sarbanes-Oxley Act was a response to thecollapse of Enron, one of America’s biggest companies.The Act is more prescriptive than codes in other jurisdictions, impacting on disclosures, audits, ethicsand directors’ share trading.
Lack of transparency in accounts Non-executive directors weak Lack of external audit scrutiny Directors’ use of inside information Dishonesty and law-breaking
Weaknesses at Enron
Corporate responsibilityChief executive/chief finance officer certify:
Appropriateness of accounts
Accounts fairly reflect operations and financialcondition
If accounts have to be restated, they forfeit theirbonuses.
Auditing requirementsThe non-audit services auditors can provide aresignificantly restricted and auditors are subject tovarious other rules:
Compulsory partner rotation
Retention of audit papers
Quality control standards
Review internal control systems
Audit committeesEvery listed company should have an auditcommittee consisting of independent directors, withmember(s) with financial expertise. Audit committeeshould be responsible for:
Appointment, compensation and oversight ofauditors
Discussing key accounting policies with auditors
Setting up complaints mechanisms
Internal control reportsAnnual accounts must contain internal control reportsthat:
State management responsibility for controlstructure/financial reporting procedures
Assess effectiveness of control structure/financialreporting procedures (with audit report)
State whether code of conduct for senior financialofficers has been adopted
Whistleblowing Off-balance sheet transactionsEmployees/auditors will be granted whistleblowing
protection if they disclose private employerinformation to parties involved in a fraud claim.
There should be appropriate disclosure of material off-
balance sheet transactions.
S A
R B A N E S - O
X L E Y
8/19/2019 P1 student notes.pdf
29/178
2: Approaches to corporate governance 25
Context
Sarbanes-Oxley Act 2002 is a statutory or rules-based framework of corporate governance that wasintroduced to stop a repeat of the abuses that came to light when Enron collapsed in November2001.
Learning example 2.4
Compare the provisions of the Sarbanes-Oxley Act with the UK’s Combined Code and identify anyareas in which SOX has provisions not in the Combined Code.
Solution 2.4
8/19/2019 P1 student notes.pdf
30/178
26
Contributionof codes
Development ofguidance
Corporate socialresponsibility
Sarbanes-OxleyMajorgovernance codes
Basis ofguidance
Highlightedadvantages of good
governance
Emphasised keydangers
Providedbenchmarks
Promoted goodpractice
Emphasisedaccountability
Stressedtransparency
Contribution of codes
C O N T R I B U
T I O N O
F
C O
D E S
8/19/2019 P1 student notes.pdf
31/178
2: Approaches to corporate governance 27
Context
Having codes of corporate governance has raised investor awareness of the things to watch out forand to guard against in the behaviour of the boards they appoint.
8/19/2019 P1 student notes.pdf
32/178
28
Contributionof codes
Development ofguidance
Corporate socialresponsibility
Sarbanes-OxleyMajorgovernance codes
Basis ofguidance
Carroll’s modelFour levels of responsibilities:
Economic – shareholders/employees/customers
Legal – comply with laws Ethical – act in fair and just way Philanthropic – generosity to employees/
community
Collaboration time-consuming and expensive Culture clashes with certain stakeholders
Collaboration on some issues, conflict onothers
Lack of consensus between differentstakeholders
Problems with stakeholder view
CSR and stakeholdersBusinesses benefit from goodwill and other aspectsof society and therefore owe those particularlyaffected by their activities certain duties in return.
Significance of responsibilityLarge businesses in particular face expectations thatthey will act in a socially responsible fashion.
C O R P O R A T E
S O C I A L R
E S P O N S I B
I L I T Y
8/19/2019 P1 student notes.pdf
33/178
2: Approaches to corporate governance 29
Context
Most corporate governance seeks to protect the interests of the shareholder against poormanagement of businesses. Corporate Social Responsibility (CSR) considers management’sresponsibility for protecting and advancing the interests of the wider society.
Learning example 2.5
Classify the following statements using the Carroll model.
(a) ‘We believe in giving something back to the community providing the firm can afford it’.
(b) ‘Our CSR statement is just something to attract the customers that care about those things’.
(c) ‘We are proud that our new factory, as well as cutting our costs, has allowed us to givedecent housing and education to families in a developing country’.
Solution 2.5
8/19/2019 P1 student notes.pdf
34/178
30
Corporate socialresponsibility
Contributionof codes
Development ofguidance
Sarbanes-OxleyMajorgovernance codes
Basis ofguidance
Ownership responsibilitiesBy buying shares, shareholders buy a responsibility toensure that company is managed in ways consistentwith public welfare. Ownership responsibilities of institu-tional shareholders have been stressed, institutionalshareholders’ large % shareholdings meaning theyshould be actively involved and pressure managers.
Shareholders with small % holdings aren’tinfluential
Shareholders can easily dispose of shares andthis loosens feelings of obligation
Ownership view problems
Objectives
Mission statements
Ethical codes
Governance codes
Stakeholder board representation
Corporate social reporting
Impact of CSR
C O R P O R A T E
S O C I A L R
E S P O N S I B
I L I T Y
8/19/2019 P1 student notes.pdf
35/178
2: Approaches to corporate governance 31
Context
This deals with the issue of whether firms should be run in just the selfish interests of the investorsor for society as a whole.
Learning example 2.6
Cafédirect plc is a UK listed company that imports, roasts and distributes coffee beans, cocoa and
tea to consumers via conventional supermarkets and shops to rival the products from traditionalproviders like Nestle, General Foods and Kenco. Its website www.cafedirect.co.uk states:
In 2004, we successfully executed the UK’s biggest ethical public share issue to become a
publicly listed company, raising £5 million from 4,500 investors. The opportunity enabled ourgrower partners, consumers, employees and founders to own a share in the company and to bedirectly connected to each other.
Today we work with 39 grower organisations across 13 developing countries ,encompassing 264, 666 farmers and directly improving the lives of more than 1.4 million
people.
Cafédirect is the innovative result of Oxfam, Equal Exchange, Traidcraft, and Twin Trading’s
decision to bypass the conventional market and buy coffee direct from disadvantaged growers indeveloping countries. Since 2000 alone we have invested more than £3.3 million of our profits directly into the businesses and communities of our growers , and paid more than£13 million over and above market prices for our raw materials.
Assess Cafédirect from the perspective of wider ownership responsibilities.
Solution 2.6
8/19/2019 P1 student notes.pdf
36/178
32
Reinforcement
Using Chapter 2 of your Study Text
Scan and note principles v rules, insider v outsider system (Section 1)
Learn detail of these codes (Section 2)
Learn the detail of Sarbanes-Oxley Act 2002 (Section 3)
Attempt Questions ‘Combined Code’ and ‘Writing a code’ in Chapter 2
Attempt Quick Quiz
Attempt Question 2 ‘Cedric Coffee’ from Exam Question Bank at the back of
your Study Text
8/19/2019 P1 student notes.pdf
37/178
33
chapter 3
CORPORATE
GOVERNANCE
PRACTICE AND
REPORTING
Corporate governance practice is a key area in thissyllabus, and you can expect many questions onwhether an organisation is following good practice.
ROLE OF BOARD
BOARD MEMBERSHIP
NON-EXECUTIVE DIRECTORS
DIRECTORS' REMUNERATION
STAKEHOLDER RELATIONSHIPS
REPORTING
8/19/2019 P1 student notes.pdf
38/178
34
ReportingRole of board Stakeholderrelationships
Directors’remuneration
Non-executivedirectors
Boardmembership
Scope of board’s roleThe board should have a formal schedule of mattersreserved to it for decisions. Board is also responsiblefor overseeing strategy, monitor ing risk, controlsystems and management, and ensuring effectivecommunication.
Mergers and takeovers Acquisitions/disposals of major assets Investments Capital projects Loans/borrowing facilities Major foreign currency transactions
Matters for board decision
Legal responsibilities Avoidance of conflict of interest Time limits on appointments Limits on service contracts Departures from office Insider dealing
Legal and regulatory frameworks
Nomination of directorsNomination committee should oversee appointmentsand make recommendations to the board. Needs toconsider:
Executives/non-executives
Gaps in current board’s skills
Expanding board diversity
Continuity and succession planning
R
O L E
O F
B O
A R D
8/19/2019 P1 student notes.pdf
39/178
3: Corporate governance practice and reporting 35
Context
The Board is the ‘controlling mind’ of the business. It is supposed to control the business rather
than control the day-to-day operations. For the governance of the business to be adequate the
Board must have the right members, the right to take important decisions, and to be aware of its
legal and regulatory duties.
Learning example 3.1
Advise a director on their legal or regulatory duty in the following circumstances:
(a) He holds shares in the company but has seen a profit forecast that means profits and share
price will probably fall in the near future.
(b) He has taken up a non-executive directorship with one of the firm’s suppliers.
(c) He has been recently convicted of a serious criminal offence involving privately obtaining
bank loans by deception.
Solution 3.1
8/19/2019 P1 student notes.pdf
40/178
36
CPD and appraisalsAll board members should have training coveringstrategy, management, legal responsibilities andcompany related issues.
There should be annual appraisals of the performanceof the whole board and of individual directors.
Performance against objectives Contribution to strategy/environment Response to problems Considering right matters Communication Effectiveness of board committees Quality of feedback Adequacy of decision-making
Board appraisal
Advantages of multi-tier boards
Supervisors/supervised separationDeters management fraudBetter links with stakeholders
Better use of non-executive time
Disadvantages of multi-tier boards
Lack of accountabilityDon’t receive information from managers
Supervisory board decision-making restrictedLess effective at questioning managers
Companies in some countries are run by two or moreboards, often with supervisory/management role split.
Multi-tier boards
R
O L E
O F
B O
A R D
8/19/2019 P1 student notes.pdf
41/178
3: Corporate governance practice and reporting 37
Context
This develops the issue of ensuring the effectiveness of the Board. Board effectiveness will be
influenced by how able the Board members are (CPD), how in-touch with the business they are
(unitary v multi-tier) and whether they are monitored (appraisal).
Learning example 3.2
A recent report on European corporate governance states:
Germany's supervisory boards, normally made up of 20 non-executive directors, are required by
law and are meant to oversee a management board as part of a two-tier system to bring stability
and long-term perspective. In practice they have few foreigners on them – just 7% compared with
Switzerland's 45%. This leaves an elite group of German non-executive directors, often sitting on
each other's boards, to run most of Germany's top companies. They have the fewest meetings a
year and are paid the third-most in Europe. The main issues are all discussed and agreed by
shareholder representatives beforehand, reducing the effectiveness of meetings hugely.
Evaluate German Supervisory Boards using the headings of
(a) Principal agent problem
(b) Effectiveness of corporate governance(c) Board diversity
(d) Stakeholder representation
Solution 3.2
8/19/2019 P1 student notes.pdf
42/178
38
ReportingRole of board Stakeholderrelationships
Directors’remuneration
Non-executivedirectors
Boardmembership
Board membershipCompanies need to consider optimumsize, balance of executive and non-executive directors, and diversity ofmembership.
Division of responsibilitiesNo one individual should have unfettered control. Ideally chairman andchief executive should be different people; if not there should be a strongindependent element on the board with a recognised senior member.
Board committeesBoard committees supervise specificareas, doesn’t absolve main boardfrom overall responsibilities. Key
committees: Nomination (this chapter)
Internal audit (Chapter 8)
Remuneration (this chapter)
Risk management (Chapter 5)
Strategic development
Investment analysis
Risk management
Recommendations toboard committees
Responsibilities of CEO
Running board
Accurate board information
Effective shareholdercommunication
New director induction
Board appraisal
Board development
Signing off accounts
Responsibilities of chairman
B O A R
D M
E M B E R
S H I P
8/19/2019 P1 student notes.pdf
43/178
3: Corporate governance practice and reporting 39
Context
Segregation of duties is a well-known internal control. This principle applies to Boards too.
Learning example 3.3
Norman Meany is the Executive Chairman of a company that is about to seek a Stock Market listing.He also holds 30% of the issued shares. He founded the company 25 years ago to provide language
tuition and in the last 10 years has opened private schools. During this time he was the Managing
Director but, shortly before listing last year, changed to Chairman and appointed his deputy to the
role of CEO. The Company has a strategy to expand into other areas of education by acquisition
including running pre-school nurseries and professional training. There are 2 non-executive
directors on the 10 person board. One is a politician involved in education, whom the Chairman
believes may be helpful in getting education contracts, and the other is a partner with the firm’s
corporate lawyers.
Evaluate the corporate governance of this company.
Solution 3.3
8/19/2019 P1 student notes.pdf
44/178
40
ReportingRole of board Stakeholderrelationships
Directors’remuneration
Non-executivedirectors
Boardmembership
Number of NEDsUSA/UK – Independent NEDs at least half of board,others – sufficient for views to carry weight.
Independence of NEDs No business/financial/other connection No share options/pensions Appointment for specified term Ability to take independent advice
Advantages of NEDs
External experience and knowledge
Wider perspectiveComfort for investors
Confidant/enablerBoard members but objective
Disadvantages of NEDs
Independence?
Restricted recruitmentDifficult to impose views
Can’t prevent problemsLimited time
Non-executive directors (NEDs)NEDs have no executive (managerial) responsibilities.They should provide balance and help to reduceconflict between executive directors and shareholders.Majority of NEDs should be independent.
Role:
Strategy Scrutiny
Risk management Board personnel
N O N - E X E C U T
I V E
D I R E C T O R S
8/19/2019 P1 student notes.pdf
45/178
3: Corporate governance practice and reporting 41
Context
Non-Executive Directors are required by most, codes of corporate governance around the world.
They are supposed to represent shareholders' long-term interests and also to bring extra skills and
knowledge to the Board.
Learning example 3.4
Describe why the following might reduce the value of having NEDs on the Board.
(a) Board meetings are infrequent and the agenda and papers are circulated at the start of the
Board meeting by the Company Secretary.
(b) Two of the NEDs have retired from work and use the money they get from being NEDs to
supplement their pensions.
(c) One of the NEDs runs a specialist consultancy and has received additional fees from the
company for providing consultancy advice to the company.
(d) Most of the NEDs have been in their present roles since the company was listed 12 years
ago.
Solution 3.4
8/19/2019 P1 student notes.pdf
46/178
42
ReportingRole of board Stakeholderrelationships
Directors’remuneration
Non-executivedirectors
Boardmembership
Service contractsIf service contracts are too long, premature terminationmay mean significant payments. Service contractsshouldn’t be > 12 months normally.
Remuneration committeeCommittee of independent NEDs determining:
Remuneration policy Specific remuneration packages
PrinciplesUK’s Greenbury committee suggests:
Directors’ remuneration set by independent boardmembers
Bonuses related to measurable performance/enhancedshareholder value
Full transparency in annual accounts
Remuneration statementConsider and disclose:
Remuneration policy
Arrangements for individual directors
Consider allowing members to vote on
remuneration statement in accounts.
Elements of remuneration packageBasic salary – in contract of employment
Performance-related bonuses – limited possiblyto maximum % of pay, shouldn’t be given fortransactions?
Shares – granted on condition can’t be sold
Share options – purchased at specified exerciseprice, encouragement to improve company’sperformance and hence share prices, options(and shares) to be held for certain length of time
Benefits-in-kind – is cost excessive and how
comparable are they with what employees aregiven
Pensions – best practice to make only basicsalary pensionable
Need to attract directors
Interests of stakeholders
Weighting and phasing of different parts of package
Director/manager differentials
Impact of director/manager resigning
Performance measures
Factors affecting remuneration levels
Variety of financial/non-financial measures
Focus on current performance
Avoid short-termism
Reward individual effort
Performance measures
D I
R E C T O R S ' R E M U N E R A
T I O N
8/19/2019 P1 student notes.pdf
47/178
3: Corporate governance practice and reporting 43
Context
The problem of ‘fat cat’ directors awarding themselves excessive pay rises, often while the share
price has been falling, has been seen as the most obvious abuse by directors of their position in the
principal agent problem.
Learning example 3.5
Identify potential dysfunctional consequences of the following elements of remuneration for a 59
year old Sales Director (treat each separately)
(a) Bonuses are capped at 10% of his salary.
(b) Bonuses are paid for annual increase in sales volume.
(c) Annual pension will be equal to 70% of final year earnings, including bonuses.
(d) Share options at $1.50 are due to crystallise in 1 year’s time. Company’s share price is
presently $0.90.
Solution 3.5
8/19/2019 P1 student notes.pdf
48/178
44
ReportingRole of board Stakeholderrelationships
Directors’remuneration
Non-executivedirectors
Boardmembership
Relationships with stakeholdersOECD stresses role of:
Employees
Creditors
Suppliers
Investors Government
Position of stakeholders should be:
Protected by law
Enhanced by participation (eg employees shareownership, profit-sharing arrangements, seat onboard)
Relationships with shareholdersDirectors should be held accountable by requiringthem to submit to regular re-election (every threeyears). Boards should consider relationships with allshareholders, particularly institutional shareholders.
Proxy votingMyners report addresses problems with administeringproxy votes and misuse of proxy votes. Recommends:
Clear agreements between beneficial owners andinvestment managers
Stock lending shouldn’t happen
Electronic voting
Poll (including proxies) for all general meetingresolutions
General meetings
Notice > 20 daysbefore
Businesspresentation
Question andanswer sessions
Shareholders vote onsubstantiallyseparate issues
Shareholders vote onreport and accounts
S T A K E H O L D E R R
E L A T I O N S
H I P S
8/19/2019 P1 student notes.pdf
49/178
3: Corporate governance practice and reporting 45
Context
The rights of shareholders are mainly exercised at General Meetings where they vote on
resolutions, appoint directors, and question the Board. They can only do this if the GMs are run in a
way that encourages and permits voting and scrutiny. Without these a crucial safeguard for
shareholders is lost.
8/19/2019 P1 student notes.pdf
50/178
46
ReportingRole of board Stakeholderrelationships
Directors’remuneration
Non-executivedirectors
Boardmembership
Board composition, directors, NEDs, evaluationof board performance
Committee reports Relations with auditors and shareholders Review of internal controls
Going concern Sustainability reporting OFR
Major disclosures
ReportingLondon Stock Exchange requires:
Narrative statement of how principles inCombined Code have been applied
Statement of compliance/details of reasonsfor non-compliance
Voluntary disclosuresDisclosures above statutory/best practice minimum.Disclosures should follow certain principles:
Planned process
Transparency in disclosures made
Consultation with users
All relevant information considered
Disclosures subject to review
R E P O R
T I N G
8/19/2019 P1 student notes.pdf
51/178
3: Corporate governance practice and reporting 47
Context
The safeguard of ‘transparency’ requires that the Board discloses information on the Board’s
conduct and on the condition of the company to shareholders. Frameworks of corporate
governance, such as financial reporting standards and codes of corporate governance, lay down
provisions for reporting and disclosure.
Learning example 3.6
The following is an extract from the statement of a UK company about its non-compliance with the
2007 Combined Code during part of its financial year.
For a period during the year the Company did not fully comply with the recommendations of the
Combined Code. In the period from 25 August to the date of this report:
(a) The Audit Committee did not have a Chairman and comprised only two Directors, neither of
whom have recent and relevant financial experience. However, Mr XXX acted as Chairman at
meetings and at least one of the Company's other independent Non-Executive Directors who have
recent and relevant financial experience was also in attendance at all meetings of the Committee.
This ensured that at least two independent Non-Executive Directors attended each meeting.
(b) The Remuneration Committee comprised only two Directors. However, at least one of theCompany's other independent Non-Executive Directors attended meetings of the Committee
thus ensuring at least three independent Non-Executive Directors attended each meeting.
(c) If the criteria for determining independence suggested by the Combined Code were applied,
less than half of each of the Board and Nomination Committee (in each case excluding the
Chairman) were independent. However, the Board's own view was that at least half of the
Board and Nomination Committee (excluding the Chairman) was independent, because it
regards Mr YYY as independent.
Discuss why each of these disclosures of non-compliance might cause investors concern.
What practical steps could be taken by shareholders or the stock market to force compliance with
the Combined Code?
Solution 3.6
8/19/2019 P1 student notes.pdf
52/178
48
Reinforcement
Using Chapter 3 of your Study Text
Scan and note responsibilities of
– Directors (Sections 1.8 to 1.9.9)
–
The Chairman and the CEO (Section 2.2)– Non-executive directors (Sections 2.5 to 2.8)
Scan and note the elements of remuneration packages and the role of the
Remuneration Committee (Section 3)
Scan and note the issues surrounding proxy votes (Section 4.4)
Scan and note reporting requirements (Section 5.3)
Attempt question ‘Codes and corporate governance’ in Chapter 3
Attempt Quick Quiz
Attempt Q3 ‘Peter Postgate’ from Exam Question Bank at the back of your
Study Text
8/19/2019 P1 student notes.pdf
53/178
49
chapter 4
INTERNAL
CONTROL
SYSTEMS
In this chapter we look at the key elements of sound
control systems. The overall environment and ethos oforganisation is as important as the specific procedures.The risks organisations face should have a significantimpact upon the control frameworks they adopt.
CONTROL SYSTEMS
NATURE OF RISKS
CONTROL FRAMEWORK
CONTROL LIMITATIONS
ENTERPRISE RISK MANAGEMENT
8/19/2019 P1 student notes.pdf
54/178
50
Controlsystems
Enterprise riskmanagement
Controllimitations
Controlframework
Nature of risks
Elements of control systems
Cybernetic control system
Plan/Target/Objective – what system designed toachieve
Sensor – detects control system behaviour
Inputs/Processes/Outputs – main stages ofoperations
Comparator – compares actual behaviour with plan
Effector – enacts control action to change systembehaviour
Process of control within system.
Identification of system objectives Setting targets for system objectives Measuring system achievements/outputs Comparing achievements with targets Identifying corrective action Implementing corrective action
Objectives Nature/extent of
risks Acceptable risks Likelihood risks
materialise
Ability to reducerisks
Costs/benefits ofcontrols
Changes in riskconditions
Control systems and risks
Ease of targetachievement
Qualitative/ quantitativemeasures
Short/long-termmeasures
Consistency ofmeasures
Managementintervention
Automatic controlmechanisms
Reliance on socialrelationships
Characteristics of control systems
C O N
T R O L S Y S T E M S
8/19/2019 P1 student notes.pdf
55/178
4: Internal control systems 51
Context
'Control' can be understood as ‘mechanisms to help ensure things go according to plan’. This
chapter introduces the main theories of control.
Learning example 4.1
Consider a hospital.
(a) Identify how a cybernetic control system might be used to ensure that patients are given the
right medication.
(b) What control mechanisms exist in a hospital to ensure that patients receive adequate and
appropriate treatment?
Solution 4.1
8/19/2019 P1 student notes.pdf
56/178
52
Controlsystems
Enterprise riskmanagement
Controllimitations
Controlframework
Nature of risks
Risk classificationRisks can be classified in various ways:Fundamental – affects society in generalParticular – individual in controlSpeculative – good or bad consequencesPure – only outcomes harmful
Risk and uncertaintyUncertainty means possible outcomes and/or chancesof each occurring are unknown.
Risk and corporate governanceCorporate governance reports aim to address
shareholder concerns that directors are notachieving adequate returns for risks incurred andprovide mechanisms for controlling directors whoare taking excessive risks. Directors’ responsibilityfor monitoring and disclosing risk management isstressed.
Predictability of cash flows Limitation of effects of bad events Increased shareholder confidence Weigh costs
Benefits of risk management
Risk and returnBusinesses may tolerate higher risk levels providedthey can receive a higher return. Value driver analysis
identifies risk-return links.
N A
T U R E
O F R
I S K S
8/19/2019 P1 student notes.pdf
57/178
4: Internal control systems 53
Context
During the last decade of the 20th Century the subject of risk became important to management
due to the recognition that complex technologies and global operations meant that business was
getting more prone to disasters. However the belief grew that that risk could be managed by
appropriate responses. Pressure grew on Boards to consider risks and to disclose them and the
strategies for dealing with them.
Learning example 4.2
The Board of a listed company is considering investing funds into developing a capacity to offer
holidays on space stations orbiting the Earth.
Evaluate how shareholders might respond to this decision under the following circumstances (treat
each separately):
(a) Management is proposing selling-off most of the firm’s assets in stable industries like food
processing to raise funds to invest in this venture.
(b) Most of the shares are held in investment funds that specialise in investing in high technology
businesses.
(c) The project is a joint venture with over 100 other firms so the amount being invested is small
in comparison to the total assets of the firm and there is good evidence that the project will
yield very good returns.
(d) Most of the firm’s shares are held by pension funds.
Solution 4.2
8/19/2019 P1 student notes.pdf
58/178
54
Controlsystems
Enterprise riskmanagement
Controllimitations
Controlframework
Nature of risks
CONTROL FRAMEWORK
Control proceduresControl environment
Facilitate effective and efficient operation
Appropriate response to risks (safeguarding of assets, liability management)
Ensure quality of reporting (maintenance of records, generation of relevantinformation)
Ensure compliance with laws and regulations
Embedded in operations
Form part of culture
Capable of quick response
Features of controls
C O N T R O L F R A M E W
O R K
8/19/2019 P1 student notes.pdf
59/178
4: Internal control systems 55
Context
This illustrates the principle that the control environment and procedures should be sufficient to
deal with the issues and risks in the business environment in which they operate.
Learning example 4.3
Suggest control procedures for dealing with each of the following risks in a firm’s business
environment.
Most of the customers pay in cash
There is high staff turnover in the industry
Individual inventory items are of high value
A lot of firms in the industry have been sued by dissatisfied customers
There is a lot of dangerous machinery and chemicals involved in the process
Solution 4.3
8/19/2019 P1 student notes.pdf
60/178
56
Control
systems
Enterprise riskmanagement
Controllimitations
Controlframework
Nature of risks
Costs > benefits Human error/Fraud Employee collusion
Managementbypass
Designed for routinetransactions
Depend on methodof data processing
LIMITATIONS OF CONTROLS
C O N T R O L L I M I T A T
I O N S
C O N T R O L L I M I T A T
I O N S
8/19/2019 P1 student notes.pdf
61/178
4: Internal control systems 57
Context
Controls are very often designed to reduce rather than eliminate the chances of risks
materialising. How effective controls are will often depend on the abilities, attitudes and honesty of
those operating controls. These are all factors connected with the internal environment and culture,
which will be covered in Chapter 5.
Learning example 4.4
The board of Arlo has decided to outsource some of its manufacturing operations to a supplier
based on a different continent, in order to save costs. Arlo has always tightly controlled its
manufacturing processes that are located in its own country, with an emphasis on producing what
customers want, rigorous quality control and close monitoring of employees to ensure they produce
what is required.
Why might Arlo have difficulty maintaining the same level of control over the activities of its
overseas supplier?
Solution 4.4
8/19/2019 P1 student notes.pdf
62/178
58
Controlsystems
Enterprise risk management
Controllimitations
Controlframework
Nature of risks
Enterprise risk management (ERM)ERM is framework suggested by COSO for dealingwith risk. It is a fundamental process, operated atorganisation level, that helps staff understand risks,responsibilities and authority levels. ERM should:
Apply in strategy setting
Apply in all areas and over whole organisation Identify events affecting entity Manage risk according to risk appetite Provide reasonable assurance Support organisational objectives
Align risk appetite and strategy Link growth, risk and return Choose best risk response Minimise surprises and losses Manage risks over whole organisation
Allows organisation to seize opportunities
ERM benefits
COSO’s Enterprise Risk Management framework
E N T E R
P R I S E
R I S K
M A N A G E M E N T
8/19/2019 P1 student notes.pdf
63/178
4: Internal control systems 59
Context
The ERM was developed in the US by the Committee Of Sponsoring Organisations (COSO) – the co-
ordinating body for professional accountants in the US. The model is popular and is being
implemented by businesses throughout the world that wish to attract funds from US investors.
8/19/2019 P1 student notes.pdf
64/178
60
CIMA’s risk management cycle
E N T E R
P R I S E
R I S K
M A N A G E M E N T
8/19/2019 P1 student notes.pdf
65/178
4: Internal control systems 61
Context
CIMA is the UK-based Chartered Institute of Management Accountants. The risk management cycle
it has developed is an alternative set of steps from those outlined in COSO’s ERM.
8/19/2019 P1 student notes.pdf
66/178
62
Reinforcement
Using Chapter 4 of your Study Text
Scan and note on control systems (Sections 1 to 4)
Attempt Questions ‘Risks’ and ‘Models’ in Chapter 4
Attempt Quick Quiz
Attempt Question 4 ‘New trainees’ from Exam Question Bank at the back of
your Study Text
8/19/2019 P1 student notes.pdf
67/178
63
chapter 5
INTERNAL
ENVIRONMENT
AND
OBJECTIVE
SETTING
This chapter covers the underlying factors that help
determine how organisations respond to the risks theytake. These factors include attitudes to risk, theenvironment and culture, and the organisational
structure including responsibilities for dealing withrisks.
RISK ATTRIBUTES
STAKEHOLDERS AND RISKS
INTERNAL ENVIRONMENT
RISK MANAGEMENT RESPONSIBILITIES
OBJECTIVE SETTING
8/19/2019 P1 student notes.pdf
68/178
64
Objectivesetting
Risk managementresponsibilites
Internalenvironment
Stakeholdersand risk
Risk attributes
Emotional satisfaction Risk/return Size
Structure Development Past experience
Organisational influencesShareholder requirementsPersonal views
Risk attributes
National influences
Government protection Fatalist (no control) Hierarchist (formal procedure) Individualist (wish to control) Egalitarian (sharing/transfer)
Cultural influences
R I
S K
A T T R I B U T E S
8/19/2019 P1 student notes.pdf
69/178
5: Internal environment and objective setting 65
Context
This diagram seeks to answer the question ‘what influences the amount of risk that management is
willing to take?’. This is quite an academic topic but it is examinable.
Learning example 5.1
AAA Group was a private UK company established 30 years ago by a high-profile and popular
entrepreneur, Mr X. During 30 years of growth AAA developed into a business that included
telephones and home media, airlines, rail transport, and financial services. Most shares were held
by Mr X although some were held by rich personal friends of his. At his retirement Mr X sold the
company to SSS, a US listed corporation, that owns railroads. The management of SSS has been
astonished to find a absence of risk management methods in AAA such as very few formal
budgetary systems, a willingness to invest considerable sums of money in business ideas with only
sparse business plans, and a history of failed business ideas amongst the small number of very
successful ventures.
Identify reasons for the different management attitudes to risk between AAA and SSS.
Solution 5.1
8/19/2019 P1 student notes.pdf
70/178
66
Objectivesetting
Risk managementresponsibilites
Internalenvironment
Stakeholdersand risk
Risk attributes
RISK
CO
NCERNS
Dividend impact Capital gain impact Dependent on their risk appetite Threat to repayment Security imposed Threat of other debts Job threats Health and safety worries Ability to take action Losses on sales Unwilling credit suppliers Disruption of relationships Delivery failures Lack of value Poor quality Poor employment policies Adverse impact on the environment
Debt providers
Wider community
Suppliers
Shareholders
Employees
Customers
S T A K E H O L D E R S A
N D R
I S K
8/19/2019 P1 student notes.pdf
71/178
5: Internal environment and objective setting 67
Context
Risk appetite was discussed in Chapter 4. Risk concerns of stakeholders is a connected topic.
8/19/2019 P1 student notes.pdf
72/178
68
ObjectivesettingRisk managementresponsibilitesInternalenvironmentStakeholdersand riskRisk attributes
Internal/control environmentThe control environment is the attitude, awareness andactions of management in relation to internal controls,providing the background for the operation of othercontrols.
Risk management philosophy Risk appetite Integrity Ethics Organisational environment
Risk environment
Management’s philosophy and operating style Organisational structure Methods of imposing control Integrity, ethical values and competence
Elements of internal environment
Clear risk management strategies Culture/code of conduct/HRM/reward systems support
objectives and risk limitation Senior management commitment to competence,
integrity and trust Clear authority and responsibility Communication procedures Staff have knowledge, skills and tools
Strong internal environment
I N T E R N A L
E N V I R O N M E N T
8/19/2019 P1 student notes.pdf
73/178
5: Internal environment and objective setting 69
Context
The diagram makes clear that control environment means two things:
1 It is the overall framework that is a necessary support for the controls designed to counter
risks.
2 It may be the source of some controls, for example a professional culture provides control in
a professional practise such as accounting, law or medicine..
8/19/2019 P1 student notes.pdf
74/178
70
ObjectivesettingRisk managementresponsibilitesInternalenvironmentStakeholdersand riskRisk attributes
Embedding risk awarenessRisk assessment should evolve into a consistent activityembedded across all processes, focus on:
Threats to shareholders/stakeholders (future growthopportunities/core business)
Consistent action-orientated risk assessment
Internal communications programme Training Involvement in risk identification Incentives Key personnel persuasion Infrastructure support
Changing risk culture Definitions and objectives
Regulatory requirements Links to strategic decision-making Key areas Risk classification Risk responsibilities Important controls Assurance reporting Training
Risk policy statement
Risk registerFormal collection of risk and response information.Register lists and prioritises risks, and specifiesresponsible individuals and action taken.
I N T E R N A L
E N V I R O N M E N T
8/19/2019 P1 student notes.pdf
75/178
5: Internal environment and objective setting 71
Context
Management cannot afford to hope that ‘risks never come true’. Neither can they hope to know
about every potential risk and ‘deal with it as it arises’. By then it would be too late. Therefore
cultivating risk awareness at all levels throughout the business, and plans and people to deal with
it, is essential. This section explains how to do it.
Learning example 5.2
Suggest ways in which the Risk Committee of a large listed corporation with 100 shops might
embed risk awareness of matters such as customer safety, thefts of inventory, injuries at work and
loss of business due to competitive action.
Note: this question is not asking you for ways to eliminate the risks. It is asking you how
management can ensure these risks are noticed and reported by divisional managers and staff and
guarded against by them in their day-to-day activities.
Solution 5.2
8/19/2019 P1 student notes.pdf
76/178
72
Objectivesetting
Risk managementresponsibilites
Internalenvironment
Stakeholdersand risk
Risk attributes
Board
Senior managers
Internal audit
External audit
Line managers
Staff
Determines risk management strategy and monitors overall risks, setsand reviews internal control
Build on board’s overall framework, specifying risk managementmethods and co-ordinate responses
Audit risk management process/key risk area controls
Audit risk areas that impact materially on financial statements
Identify and evaluate risks in their areas, use performanceindicators for monitoring, implement responses
Follow risk management procedures, have good understanding,report dangers
Risk management committeeSpecialist committee of directors, separate fromaudit committee, responsible for monitoring andsupervising risk identification and management.
Can be staffed by executive directors Allows audit committee to concentrate on
financial risks
Risk management personnelRisk specialist – consultant called in to advise on particularaspects of risk management
Risk manager – employee with specific responsibility fordealing appropriately with risks
Risk management function – employees in largerorganisations
Determine risk managementstrategy/policy
Review reports on risk
Monitor overall exposure Monitor changes in circumstances Assess effectiveness of RM systems Review statement on internal control
Role of RM committee
Helping determine risk management strategies Champions of risk management Building risk awareness culture
Establishing risk policy and structures Developing and reviewing risk management processes Co-ordinating functional responses Preparing report for board/shareholders
Role of RM function
R I S K
M A N A G
E M E N T R E S P O N S I B I L
I T I E S
8/19/2019 P1 student notes.pdf
77/178
5: Internal environment and objective setting 73
Context
Risk management needs people to carry it out. This section introduces their roles and the roles of
the Risk Committee which, in some jurisdictions, is required by codes of corporate governance.
8/19/2019 P1 student notes.pdf
78/178
74
Objectivesetting
Risk managementresponsibilites
Internalenvironment
Stakeholdersand risk
Risk attributes
MissionA general objective, visionary, often unwritten andvery open-ended, without any time limit forachievement.
Strategic – high level goals, support mission Operational – effectiveness and efficiency Reporting – reliability Compliance – with applicable laws
COSO model
Profitability Market share Growth Cash flow Customer satisfaction Quality Added value
Corporate objectives
Objective setting and riskStrategic objectives and mission will influence riskmanagement.
However businesses should also determine risk appetite (willingness to take risks) and risk
strategy.These in turn should influence business objectives.Businesses should take a portfolio view of risks,looking at relevant risks over the whole organisation.
O B J E C T I V E
S E T
T I N G
8/19/2019 P1 student notes.pdf
79/178
5: Internal environment and objective setting 75
Context
Objective setting links in with the recommendation of corporate governance about the board
keeping control of the company and making sure that it takes decisions on key matters
Learning example 5.3
What obstacles might prevent the board of a company from ensuring that there are effective links
between the objectives it sets and the management of its risks?
Solution 5.3
8/19/2019 P1 student notes.pdf
80/178
76
Reinforcement
Using Chapter 5 of your Study Text
Scan and note risk and the organisation (Section 1)
Scan and note attitudes to risk of different stakeholders (Section 2)
Scan and note features of internal environment (Section 3)
Expand notes on embedding risk awareness and assessment (Session 4)
Scan and note risk management responsibilities (Section 5)
Scan and note different kinds of objectives (Section 6)
Attempt Questions ‘Organisational problems’ and ‘Risk culture’ in Chapter 5
Attempt Quick Quiz
Attempt Question 5, ‘Widmerpool’, from Exam Question Bank at the back of
your Study Text
8/19/2019 P1 student notes.pdf
81/178
77
chapter 6
EVENT
IDENTIFICATION
AND RISK
ASSESSMENT
In this chapter we look at the risks that organisations
face. We draw various important distinctions betweendifferent kinds of risk, and emphasise the link betweenrisk and return. We also look at examples of the keyrisks that organisations have to counter.
STRATEGIC AND OPERATIONAL RISKS
TYPES OF RISKS
RISK ASSESSMENT
8/19/2019 P1 student notes.pdf
82/178
78
Types of risksStrategic andoperational risks
Risk assessment
Strategic risksFundamental risks to organisation’s profits/existencearising from the sector it’s in and the nature of what itdoes. Strategic risks arise out of decisions aboutresources, products, acquisitions and investments.
Operational risksRisks of loss from failures in internal business andcontrol processes.
Stakeholders State of economy Nature of industries/markets Level of competition Availability/price of resources Flexibility of production Ability to innovate/R&D Stage of product life cycle
Factors affecting strategic risks IT failures Human error Loss of key staff Fraud Business interruptions Internal audit weaknesses
Examples
S
T R A T E G I C
A N D O
P E R
A T I O N A L R
I S K S
8/19/2019 P1 student notes.pdf
83/178
6: Event identification and risk assessment 79
Context
Distinguishing a strategic from an operational risk is important for two reasons:
The origins of the risk will be different eg strategic risk usually results from decisions made
by the Board.
The ways to manage the risk will be different eg operational risk can be managed by
workplace procedures and backup systems.
Learning example 6.1
A food and household goods store has been very successful in its home country and is now
considering expanding operations abroad, developing a home delivery service for food and larger
household goods and replacing cashiers with a technology that allows customers to check-out and
pay for their shopping electronically.
Identify additional risks arising from these management decisions and classify them into Strategic
and Operational (some risks may be both).
Solution 6.1
8/19/2019 P1 student notes.pdf
84/178
80
Types of risksStrategic andoperational risks
Risk assessment
Financial risksThreats to organisation’s continued existence throughlack of available funds. Inappropriate gearing structure
Lack of long-term capital Fraud and misuse of funds
Currency, interest and market risk Credit and liquidity risks
Examples of financial risks
Environmental risksRisk of loss to business arising out of environmentaleffects of operations. Organisations could sufferfines, bad publicity, non-co-operation. Risks includepollution and disruption to local community throughtraffic organisation generates.
Legal and political risks
Legal risks include fines or threats of closedown, orincurring costs to fight legal actions.
Political risk is the risk that political action will affectposition and value of organisation. Examplesinclude quotas, tariffs, exchange controls andnationalisation.
Technological risksRisks of loss to the organisation through theinadequacies of, or disruption to, its IT systemsand resources.
Physical damages through fire/flood/adverse weather Human sabotage Accidental disruption Human error Malfunctioning hardware/software Dishonest use of systems Viruses and hacking
Examples of technological risks
Knowledge management risksRisks of losses due to failure to secure knowledgeresources adequately. Risks include abuse of intellectual
property, power failures leading to loss of information, lossof key staff.
Health and safety risksRisks include loss of employees’ time because ofinjury and having to pay compensation or legalcosts due to breaches. Risks arise because oflack of policy, poor culture, lack of emergencyprocedures, failure to deal with hazards.
T
Y P E S O
F R
I S K S
8/19/2019 P1 student notes.pdf
85/178
6: Event identification and risk assessment 81
Context
The remainder of this chapter introduces several sources of risk. Firms face these in different
combinations according to the business they do. There is no universally accepted categorisation of
risks. Some of the risks overlap the categories stated here.
Learning example 6.2
A commercial bank offers banking services through branches, on-line and via call centres situated in
another country. It invests customers’ funds into investments to gain a return and lends funds to
borrowers at interest. Banks have been criticised for high account charges allegedly maintained by
an illegal cartel arrangement between them. Many customers like to withdraw cash from ‘hole on
the wall’ Automated Teller Machines (ATMs) which must be stocked daily with cash brought to the
branch by armoured security vehicle.
Identify the risks to which the bank is subject and classify them using the headings in the notes.
Solution 6.2
8/19/2019 P1 student notes.pdf
86/178
82
Types of risksStrategic andoperational risks
Risk assessment
Fraud risksRisks of loss through fraudulent activities of employeesor managers. Fraud risks are often increased by poorcorporate governance procedures, allowing senior staffto commit fraud because mechanisms to challengetheir behaviour are ineffective.
Disruption risksRisk of disruption to operations caused by IT failures,employee problems, supplier loss, legal action.
Questionable managementintegrity/competence
Excessive financial reporting pressures
Poorly designed systems Unusual transactions or trends
Problems in obtaining sufficient appropriateaudit evidence
Problems with IT systems
Signs of fraud risks
Resource wastage risksRisks include incurring excessive costs (poorprocurement) or waste of employees’ time andresources.
Property risksRisks from damage, destruction or theft of property.Dangers include fire, wind, water leakage andvandalism.
Trading risks
Crystallisation of risks Poor customer service
Failure to innovate
Poor ethics
Poor reputation
Organisational risksRisks that members/employees of an organisationwill behave in ways detrimental to the organisation,eg failure to adapt to change.
Product risksRisks of financial loss due to producing a poor qualityproduct.
Need to compensate dissatisfied customers
Possible loss of sales
Need for expenditure on quality control procedures
Risks of disruption in the course of trade.
Physical – goods/documentation lost/stolen
Trade – customer refuses goods/cancels order
Liquidity – inability to finance activities Reputation risksRisk of loss of reputation arising from adverseconsequences of another risk.
T
Y P E S O
F R
I S K S
8/19/2019 P1 student notes.pdf
87/178
6: Event identification and risk assessment 83
Context
This identifies and explains further types of risk.
Learning example 6.3
The bank described in Learning Example 6.2 above owns and operates branches in main cities andtowns. Its staff are members of a single trade union, the Union of Bank Workers. Some staff are trained
to offer financial advice on investments such as pensions and life assurance and the bank is regulated for
the conduct of investment business by the relevant government appointed bodies. Despite offering
incentives for using the on-line banking customers still seem to prefer conducting business (and
conversations) at branches and receiving bank statements thorough the post each month. Extensive
training has been given to staff under a group-wide ‘Work Smarter’ initiative to encourage them to
handle customers more quickly and to migrate them to paperless banking. The bank has been in the
news recently because it holds a lot of so-called ‘Third World Debt’ and the debtor nations are pressing
to have these debts set aside to enable them to retain capital for development.
Identify the risks to which the bank is subject and classify them using the headings in the notes.
Solution 6.3
8/19/2019 P1 student notes.pdf
88/178
84
Types of risksStrategic andoperational risks
Risk assessment
Physical inspection
Enquiries
Brainstorming
Checklists
Benchmarking
Risk condition identification
Risk identificationNeed to know whether likely perils are present andbe aware of possibility of unlikely risks.
External events of economic conditions
Internal events eg human errors
Conditions resulting in risks
Trends and root causes
Event interdependencies
Event identification
Difficult to forecast financial effects of disaster,particularly to include all likely costs arising.Risk analysis
Risk profiling Risk quantificationUse likelihood/consequences matrix as basis forsetting priorities for risk management.
Need an idea of possible results or losses, togetherwith distributions and confidence limits.
Average or expected result or loss Frequency of losses Chances of losses
Largest predictable loss
Key calculations
Risk consolidationNeed to aggregate at organisation level risksidentified and quantified at corporate level.
R I
S K
A S S E S M E N T
8/19/2019 P1 student notes.pdf
89/178
6: Event identification and risk assessment 85
Context
This page includes the five steps of risk analysis. Codes of corporate governance now specify that
Boards must have a risk management process in place. This will be the subject of Chapter 7. But
the process draws on the risk analysis process here as one of its main steps.
Learning example 6.4
You will need to use your own paper for this Learning example.
Consider the place that you are studying in and its risks.
(a) Identify at least 8 risks
(b) Assess the potential impacts of those risks if they were to crystallise and assign each one a
value between 0 and 10 with 10 reflecting a catastrophic impact
(c) Assess the likelihood of each risk and assign it a number between 0 and 10 with 10 meaning
‘it’s bound to happen one day’
(d) Map the risks on a likelihood/consequences matrix
Now compare your matrix with other students'.
Solution 6.4
8/19/2019 P1 student notes.pdf
90/178
86
Reinforcement
Using Chapter 6 of your Study Text
Scan and note Sections 1 to 3
Attempt Questions ‘Health and safety’, ‘Procurement fraud’, ‘Managing risk’,
‘Significant risks’ and, ‘Risk management techniques’ in Chapter 6.
Attempt Quick Quiz
Attempt Question 6 ‘Pacific Group’ from Exam Question Bank at the back of
your Study Text
8/19/2019 P1 student notes.pdf
91/178
87
chapter 7
RISK RESPONSE
AND CONTROL
ACTIVITIES
In this very important chapter, we deal with how risks
are managed, in particular how risks are reduced bycontrol activities.
RISK RESPONSES
CONTROL ACTIVITIES
8/19/2019 P1 student notes.pdf
92/178
88
Risk responses
Controlactivities
Consequences
Low High
Low Accept
Cost of action/benefits
Transfer/Share
Insurance/contingency planning
High Reduce
Controls to limit riskoccurence/impact
Avoid
Immediate action required,possible abandonment of activities
Likelihood/Consequences matrix
Like
lihood
R I S K
R E S P O N
S E S
8/19/2019 P1 student notes.pdf
93/178
7: Risk response and control activities 89
Context
The likelihood/consequences matrix was introduced in Chapter 6 as a risk profiling device. Here it
identifies appropriate risk management responses to treat each level of risk .
The four risk management strategies are extremely important.
Learning example 7.1
ZAB is a listed company that sells cheap fashionable clothing to households in western Europe
through large stores in the main towns and cities.
Classify each of the following decisions into one of the four risk management strategies.
(a) Decision to rely on foreign manufacturers rather than make the clothes themselves in case of
bad sales in particular years.
(b) Signing up to the ethical trade initiative to avoid media criticism for selling the products of
exploited labour.
(c) Employment of security guards in stores to watch for customers stealing items.
(d) Decision to stock a wide range of designs but in small quantities if the firm’s buying teamdecide to stock product lines that are not popular with customers.
(e) Decision not to charge customers for plastic carrier bags despite these costing ZAB money to
buy and possibly incurring additional costs for recycling.
(f) Decision to take out short leases on shops when they first open in case they are not
successful.
(g) Offering staff contracts for only a minimum number of hours each week and supplementing
this with additional overtime hours in the busy seasons.
Solution 7.1
8/19/2019 P1 student notes.pdf
94/178
90
Riskresponses
Controlactivities
Classification