Given the spectacularly high profile failures of Corporate Governance in financial institutions in recent years in both the UK and US where does the eager Compliance Officer look today to find best practice?
Traditionally the UK would point to the Corporate Governance Code as the standard bearer, developed back in the early nineties and reviewed and updated every four or five years or so in light of intervening events. Many countries have based their own Corporate Governance on the UK Code and indeed, on paper, its requirements seem suitably appropriate. The problem of course is that ‘on paper’ counts for nothing; it’s in practice that counts. The Walker Review of 2009 demonstrated that there was nothing fundamentally wrong with the Code; it was its application that was lacking and significantly contributed to the impact of the credit crisis. Any ICT student will know that without effective supervision and enforcement regulation is not worth the paper (or today should that be the megabytes?) that it is written on.
The US of course is almost unique in putting their Corporate Governance requirements in law. Sarbanes Oxley was written to prevent a repeat of the Enron scandal, as well of as creating a new and lucrative sector for corporate lawyers. SOX is not a user friendly piece of legislation and again did not prevent significant Corporate Governance failings in US banks.
So if the UK and US cannot provide the answer where else should we look? The OECD and Basel Committee have produced their own Corporate Governance Principles and these have the advantage of not having to be written as regulation. They are ‘best practice’ guidelines, and it is up to individual jurisdictions to apply them as they see fit. Romania has recently implemented a very broad reaching regulation (National Bank of Romania Regulation 18, 2010) that incorporates the majority of the OECD and Basel requirements. This covers Corporate Governance Authorisation and Standard Setting regulatory requirements very well, but only time will tell if the Supervision and Enforcement, that is vital for long term success, is also carried out effectively.
In the Middle East Hawkamah exists as an advisory body focusing solely upon Corporate Governance best practice. As they are not a regulator they have little power, but they are building considerable influence in the region. Could this advisory, rather than regulatory, approach be the way forward? It certainly has some distinct advantages over a regulatory approach. As there are no requirements to follow Hawkamah guidance they have to demonstrate the benefits of doing so to members and potential members if they are to have any success. The guidance that they publish, and the conferences that they host, are based upon this ‘benefits’ approach. If a firm is carrying out an activity because it believes it to be in its best interest to do so there will be a far greater emphasis from senior management the successful implementation and effective application of that activity.
In reality Corporate Governance requirements are both regulatory and in the best interests of the firm. I will save the benefits of good Corporate Governance for a future blog, but fundamentally good Corporate Governance equals good business practice. Therefore there is an opportunity here that should not be passed up for the Compliance Function to use a regulatory requirement to help demonstrate how they can contribute to the overall success of the firm.