Whatever the causes and their relative contributions to the near collapse of the banking system towards the end of 2008, one thing is clear: it all adds up to companies' catastrophic failure to apply sound principles of corporate governance, raising serious questions about the effectiveness of boards of directors, shareholders and regulators.

At the Institute of Chartered Secretaries and Administrators (ICSA) we continue to unequivocally support fully the principles based "comply or explain" model of corporate governance over rules-based regulation. The more flexible approach created by this system, when it is properly implemented, allows companies to tailor governance to their specific and changing needs and permits a greater speed of response to developing circumstances.

A rigid rules-based system would force companies into a "one size fits all" framework of governance, unlikely to achieve appropriate outcomes for all companies, but resulting in increased costs of compliance and of addressing unintended consequences.

From this starting point, ICSA has identified three key areas, which are or can be governed by governance codes, the enhancement and amendment of which will improve their effectiveness as a tool for best practice governance and help to avoid a recurrence of those failures (or failures in other sectors).

These are the provision of guidance to directors on appropriate boardroom behaviours; ensuring that the board is properly supported in its delivery of good decision making by formalising the role of the secretariat as a board support function; and ensuring risk is appropriately dealt with at board level.

Boardroom behaviours

Despite the importance of several considerations like independent thinking, rigorous debate, and a common vision, it is remarkable that there is practically no guidance in the code on the main drivers of, and factors affecting, boardroom behaviours.

While ICSA considers it may be undesirable, even unhelpful, to prescribe appropriate behaviours by legislative provision, supported by penal or regulatory sanctions, it is possible to formulate guidelines on the behaviours to be expected of directors when discharging their duties to the company. "Getting the best out of the board", and encouraging best practice boardroom behaviours, are critical aspects of corporate governance, but seem currently to be a neglected area.

The absence of guidance on appropriate boardroom behaviours represents a structural weakness in the current system. Further improvements in boardroom behaviours are necessary.

It is possible that, had some guidance already been in place and conscientiously observed, some of the subsequent failures in corporate governance would have been less pronounced, and their consequences less severe.

Board support

Sight has been lost of the key responsibility of the board, which is to look after the interests of the investors in the company. Legally, a director must exercise independent judgment, and reasonable care, skill and diligence in the performance of his or her duties, and must act to promote the success of the company for the benefit of its shareholders. As one commentator has it, the board is not "one step up from management"; rather it is one step down from the shareholders. The board's role is to appoint the chief executive; critically appraise the company's business plan and the strategy for its execution proposed by the chief executive and his or her colleagues; and monitor performance against the plan and objectives.

The UK model of governance relies heavily on the role played by non-executive directors. Directors, especially non-executive directors, must have the courage to ask questions in the boardroom about the fundamental safety and reliability of the company's business model. That cannot completely guard against failure, but a director who is too timid to ask a question to which he might be assumed by his fellow directors to know the answer is simply not discharging his duty. Many directors have not been asking the right questions, or, indeed, any questions, as the recent failure of some banks demonstrates.

So, how can non-executive directors be better equipped to discharge their roles in companies? Compulsory training is one suggestion. But should we now also recognise that, compared to the executive directors who possess all the information and are supported by the company's infrastructure, the non-executives are significantly under-resourced?

Malta has some advantage over the UK with the requirement in the Companies Act 1995 for all companies to have a company secretary (in the UK it is optional for private companies) and for the directors to be clear that it appears to them that the individual in question has the requisite knowledge and experience to discharge the function of company secretary (in the UK, although the role is increasingly carried out by chartered secretaries, a PLC company secretary could legally be someone from another profession with no background in governance.) To tackle this, ICSA has suggested that the board should, as part of its formal board evaluation process, also evaluate the secretariat for effectiveness and adequacy of the resource. This would provide a formal and regular opportunity for the non-executive directors to clearly state their resource needs.

The company secretary's role, apart from managing regulatory compliance, would be to procure, and advise on, all the information necessary for the chairman and non-executive directors (as well as the executives) to discharge their obligations, as well as advising the whole board on the plethora of subjects that fall into the arena of corporate governance - all this as a prelude to appropriate disclosure to shareholders.

Tackling risk at board level

The board appoints the chief executive and should critically appraise his or her business plan and the strategy for its execution.

The board, acting collectively, must monitor the company's performance against that plan and its objectives.

To do that effectively, the board should - as stated by the UK's Turnbull Committee in 1999 - determine the nature and extent of the risks facing the company, and the extent and categories of risk which it regards as acceptable for the company to bear. The risks to be considered include financial, operational, macro-economic, environmental, legal, regulatory, reputational and product-obsolescence risks, among others.

This process is necessary for protecting the company's assets and the shareholders' investment, without which it is difficult for directors to discharge their legal duty to act in a way that they honestly believe will promote the company's success. In the run-up to the recent crisis, the boards of banks and other mortgage lenders failed to enquire about a number of the risks their organisations were assuming.

Corporate governance codes should encourage the embedding of risk analysis within business objectives and strategy. On the basis of appropriate advice from the company's duly qualified or experienced risk manager and, where necessary, external professional assistance, the board should be responsible for agreeing the risk parameters within which the company should operate.

This does not mean that governance codes should in any way discourage risk taking per se; rather that the extent of the risks taken should be agreed by the board, as stewards of the owners' assets. The board should not only review the matter of risk regularly, perhaps at least quarterly, possibly at every board meeting, but should also set out its policy clearly so that this can be implemented by management on a day-to-day basis, possibly subject to continuing oversight by the risk manager.

The Malta Institute of Management is holding a seminar on Corporate Governance on October 2. For more information one may visit www.maltamangement.com.

David Wilson is chief executive of the Institute of Chartered Secretaries and Administrators.

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.