By Dr Kellen Kiambati
Corporate governance is of utmost importance in the supervision and regulation of institutions. It involves a set of relationships between a company’s management, its board, shareholders and other stakeholders. It provides the structure through which the objectives of the company are set and the means of attaining them and monitoring performance are determined. More specifically, it requires balancing the needs of policyholders, employees and other business partners. Recently we have all read about the spectacular failures of corporate governance. New rules and regulations are being introduced that are intended to rebuild public trust, yet a question remains as to whether all this activity will result in boards that are more effective in delivering results.
A well-designed, integrated governance framework does not replace the need for robust enterprise risk management. Viewing governance practices holistically can help streamline your compliance and risk management processes. Done right, an integrated GRC program incorporates a technology infrastructure, which also focuses attention on governance issues such as improved transparency and accountability.
An effective Enterprise Risk Management (ERM) program, on the other hand, identifies and quantifies all risks not just compliance-related risks and establishes formal, end-to-end risk management processes. Because ERM covers a wider spectrum of risk, a robust ERM program allows you not only to mitigate or avoid losses but also to facilitate critical decision-making by evaluating uncertain events that could positively affect your business. ERM will also help you identify emerging risks more quickly and improve the capabilities of the risk management system to handle them.
A risk is an inescapable element of competing in a market economy. Organizations must be able to evaluate many types of risks: political, social, environmental, technological, economic, competitive and financial and incorporate the results into decisions regarding investments and operations, as well as into the systems used to monitor and evaluate the effectiveness of the actions taken.Corporate culture can be difficult to define, but it can frequently differentiate successful companies from ones that struggle with morale, efficiency and other business challenges. Organizational behavior and employee activities are critical factors in maintaining an effective governance environment and subsequently achieving success.
Businesses that have a sound corporate culture often exhibit similar characteristics, such as strong leadership, complete participation, accountability and investment in the company vision. Despite its importance, corporate culture can often be overlooked when companies invest in ERM and related governance initiatives. Controls that have been implemented can be overridden or ignored, but a strong culture creates a blueprint for acceptable conduct within an organization.
An effective risk management framework is critical to the sustainability of all companies, as taking on some level of risk is imperative for continued success. Recent events, especially in the banking sector, have confirmed the importance of an adequate risk management program, and scrutiny has increased significantly from regulatory and governmental bodies in the midst of the financial crisis. ERM is no longer an option but a necessity for developing an effective business plan. ERM allows companies to design and construct a best-in-class corporate governance program that drives risk awareness throughout the organization.
Corporate governance was more straightforward when roles were defined simply as management acts. But today, that approach may not hold up, not when boards are scrutinized from all sides by regulators, shareholders, the media and analysts, to name a few. So what’s the primary role of the board of directors today? Is it to simply oversee executive management’s activities? Or should the board take an active role as a strategic partner, working alongside management to deal with the enterprise’s toughest problems? And what’s the board’s role as it relates to risk and culture? There are no ‘one size fits all’ answers, but it’s important that the board and executive management agree on how they will work together to build a so-called risk intelligent organization.
In most circumstances, the board plays an oversight role. However, depending on the issue or the company’s situation, the role of the board can swing from overseer to active participant. Typically, we see boards more actively involved in strategy and CEO succession than, say, operations and planning. Still, finding the right balance can be difficult. While there’s no right answer, it’s important that board members and executive management agree on how involved the board will be in key areas. Board members can begin by asking themselves: “how do we execute our fiduciary responsibilities while continuing to support management’s strategies to move the organization forward.
In times of crisis or market fluctuation, the board may need to be more engaged in helping management create solutions. Executive teams who are working to execute strategies, especially in challenging economic times, need their board to be aligned behind a flexible model that is able to shift based on business needs. A board that’s not aligned can cause the company to become ‘stuck’—unable to be agile when it needs it most. Risk oversight should not be viewed as a process unto itself. Rather, it is the foundation for everything the board and management do to properly govern the organization and make sound decisions.
The writer is a member of Institute of Human Resource Management of Kenya and author of Business Research Methods
