Review corporate governance requirements

Submitted by coleen.yan@edd… on Wed, 07/27/2022 - 15:34

An organization's internal control framework is a holistic set of processes and procedures that work together to protect the organization against unauthorized access, use, or alteration of its assets. Organizations use the internal control framework to protect their assets and ensure compliance with relevant laws and regulations. The framework is designed to promote good corporate governance,

The five interconnected parts of an internal control framework are control environment, risk assessment, control activities, information and communication, and monitoring.

The control environment is the foundation of an effective internal control framework. It includes the organizational culture, management philosophy, and tone from management. The control environment helps create a culture of compliance, where employees are aware of their responsibilities and are held accountable for their actions.

The risk assessment process helps identify which areas of the organization are most at risk and need more attention.

Control activities are the specific actions taken to mitigate risks and help ensure that processes are in place to protect the organization's assets.

Information and communication help ensure that everyone in the organization has accurate and timely information about the company's operations.

Monitoring helps ensure that the internal control framework functions effectively and that necessary adjustment are made promptly.

What is Corporate Governance?

There are several definitions for the term “corporate governance”. However, the term “corporate governance” can be described as how corporate bodies are held accountable to all their stakeholders and are concerned with exercising power in corporate entities. The Organisation for Economic Co-operation and Development (OECD) defines corporate governance as:

A set of relationships between a company’s management, its board, its shareholders and other stakeholders. Corporate governance also provides the structure through which the objectives of the company are set, and the means of attaining those objectives and monitoring performance are determined.1

Sub Topics

Corporate governance may be summarised as principles to ensure corporate direction, responsibility and accountability. The common feature of most definitions of corporate governance is the role and function of the board of directors as the body responsible for ensuring the company is accountable for its decisions and performance. For a corporate governance structure to be effective, it should be reviewed regularly to incorporate changes in circumstances both locally and internationally. Federal and State Governments play an important role in regulating companies and ensuring good corporate governance.

The Need for Good Corporate Governance

happy group meeting

The global financial crisis of 2008 highlighted the need for improved corporate governance practices. A lack of proper governance and internal control and unacceptable high risk-taking on the part of financial institutions in the United States led to the financial crisis that affected the world. In Australia, corporate governance reform has occurred largely due to the collapse of companies such as HIH Insurance, Ansett and OneTel. A common theme of these companies' collapse was an inadequate corporate governance system and disregard by the directors and auditors of legislation and regulations.2

A good corporate governance structure ensures that:

  • The company has an adequate system of internal control.
  • There is an equitable treatment for all stakeholders.
  • Accountability resides with managers and controllers of the company.
  • Investors can make informed decisions.1

Organisations Involved in Corporate Governance

In Australia, several legislative and non-legislative reforms have led to significant amendments to the Corporations Act concerning remuneration for directors, financial reporting, shareholder participation, audit reform, continuous disclosure and the establishment of the ASX Corporate Governance Council. In addition, the following bodies and committees have been responsible for setting up corporate governance standards and best practice methods:

The Bosch Committee –A working group chaired by Mr Henry Bosch (the Bosch Committee) established a guide titled “Corporate Practices and Conduct” in 1991, which recommended that non-executive directors should be included on the board of directors. Each board should appoint an audit committee consisting of a majority of non-executive members, and each public company should develop and enforce a code of ethics.

Corporate Law Economic Reform Program - CLERP’s principles are based on market freedom, investor protection and quality disclosure of relevant information. The Corporate Law Economic Reform Program (Audit Reform and Corporate Disclosure) Act 2004 (Cth) (CLERP 9) came into effect on 30 June 2004, and the Corporations Act was amended to give effect to policy reforms aimed at regaining investor confidence in corporate Australia. The changes to the Corporations Act involved shareholder participation, financial reporting, remuneration of directors, continuous disclosure and independence of company auditors.1

The ASX Corporate Governance Council defines corporate governance as “the framework of rules, relationships, systems and processes within which and by which authority is exercised and controlled in corporations”.

The ASX has a leadership role in enhancing Australian corporate governance practices and was responsible for convening the ASX Corporate Governance Council in August 2002. The Council incorporates the views of various business, shareholder and industry groups that offer valuable insights and expertise on governance issues from the perspective of particular stakeholders. The primary work of the ASX Corporate Governance Council has been the development of the Corporate Governance Principles and Recommendations. The ASX Corporate Governance Council has developed a principle-based framework for corporate governance that can be used as a practical guide by listed companies, investors, the wider market and the community.

The ASX is the convenor and a member of the Council and provides executive and financial support for its operation. 1

The Australian Shareholders’ Association (ASA) is a not-for-profit organisation that protects and advances the interests of shareholders and represents its members’ views on a number of accounting and financial industry boards.

ASIC has the regulatory power to administer the Corporations Act.

The OECD developed a set of corporate international governance standards and guidelines in 1998. These principles aim to assist governments in evaluating and improving the legal, institutional and regulatory framework for corporate governance in individual countries.

A symposium was held in Australia in 1998 to improve corporate governance in the region and assist in restoring financial stability and growth. As a result, four (4) basic principles of corporate governance were established:

  • The need for timely and accurate disclosure of financial information.
  • Equitable treatment for all shareholders.
  • Establishment of rights and responsibilities of directors, managers and shareholders.
  • Establishment of accountability standards to reflect sound management and decision-making processes.1

A symposium was held in Australia in 1998 to improve corporate governance in the region and assist in restoring financial stability and growth. As a result, four (4) basic principles of corporate governance were established:

  • The need for timely and accurate disclosure of financial information.
  • Equitable treatment for all shareholders.
  • Establishment of rights and responsibilities of directors, managers and shareholders.
  • Establishment of accountability standards to reflect sound management and decision-making processes.1

ASX Corporate Governance Council recommendations and principles

The main focus for most definitions of corporate governance is on the role and function of the ASX Corporate Governance Council. The ASX Corporate Governance Council has developed a framework of principles and recommendations as a practical guide for corporate governance procedures.

The current recommendations and principles came into effect on 1 January 2011 and included:

Lay solid foundations for management and oversight – companies should establish and disclose the respective roles and responsibilities of the board and management.

For principle 1, it is recommended that the board adopt a formal statement of matters that details the functions and responsibilities of areas of authority delegated to senior executives. The nature of the matters reserved to the board and delegated to senior executives will depend on the company's size, complexity and ownership structure. It will be influenced by the corporate structure and the skills of directors and senior executives. Formal letters of appointment setting out the key terms and conditions relative to the appointment are recommended for all board members.

It is also recommended that companies disclose a process for evaluating the performance of senior executives. The performance of senior executives should be reviewed regularly, and to be effective senior executives must know the company and the industry. Induction training and continuing education arrangements should allow executives to gain an understanding of:

  • The company’s financial position, strategies, operations and risk management policies.
  • The respective rights, duties, responsibilities and roles of the board and senior executives.

Structure the board to add value – companies should have a board of an effective composition, size and commitment to discharge its responsibilities and duties adequately.

It is recommended that the majority of the board should be independent directors. An independent director is a non-executive director who is not a member of management and who is not connected with any other business or other relationship that could materially interfere with the independent exercise of their judgment.

When determining the independent status of a director, the board should consider whether the director:

  • Is a substantial holder of the company or associated with a major shareholder of the company.
  • Is employed or previously employed in an executive capacity by the company, and there has not been a period of at least three (3) years between ceasing such employment and serving on the board.
  • Has within the last three (3) years been a principal or a material professional adviser or consultant to the company.
  • Is a material supplier or customer of the company or materially associated with the service provided.
  • Has a material contractual relationship with the company or another group member other than as a director.

Family relationships may be relevant in considering the interests which may affect independence and should be disclosed to the board. If a director’s independence changes, the board should provide this information.

  • The chairperson should be an independent director. The chairperson is responsible for the board's leadership, and where the chairperson is not an independent director, the efficient organisation and conduct of the board may be compromised.
  • The same person should not hold the chair and chief executive officer roles.
  • The board should have a nomination committee. The nomination committee’s role is to examine the selection and appointment practices in the company. The nomination committee should be structured to consist of at least three (3) members: a majority of independent directors and an independent chairperson.
  • Important issues to be considered by a nomination committee include:
    • Disclosure of board selection processes. Companies must provide greater transparency of information and processes when reporting to shareholders.
    • Director competencies – directors, should have the appropriate skills and expertise.
    • Board renewal – directors, should be aware of the duration of each director’s tenure in succession planning.
    • Composition and commitment of the board – the board should be large enough to incorporate a variety of perspectives and skills and represent the company's best interests as a whole.
    • Election of directors – the names of candidates submitted for election as directors should be accompanied by sufficient information to enable shareholders to make informed decisions.
  • The performance of the board should be reviewed regularly.
  • The board should be provided with the information it needs to discharge its responsibilities effectively.
  • The company secretary should evaluate the board's effectiveness by monitoring board policies and procedures.

Promote ethical and responsible decision-making – companies should actively promote ethical and responsible decision-making.

Companies should establish a code of conduct and disclose the practices necessary to maintain confidence in the integrity of the company, the legal obligations of the company and the responsibility and accountability of individuals for reporting and investigating practices of unethical conduct.

Companies should also disclose a policy of diversity and the policy regarding requirements for the board to establish measurable objectives for achieving diversity. Diversity includes gender, age, ethnicity, and cultural background.

Safeguard integrity in financial reporting – companies should have a structure to independently verify and safeguard the integrity of their financial reporting.

The board should establish an audit committee. The final responsibility for the integrity of the company’s financial reporting rests with the board of directors whether or not an audit committee is established. Companies without an audit committee (smaller companies) should have board processes to raise the issues that the audit committee would otherwise consider. ASX Listing Rule 12.7 requires that an entity in the S&P All Ordinaries Index at the beginning of the financial year must have an audit committee during that year. The audit committee should consist of non-executive directors, a major of independent directors, an independent chairperson and at least three (3) members. At least one audit committee member should have relevant qualifications and experience, e.g. a qualified accountant or finance professional. The audit committee should have a charter that sets out the audit committee’s role and responsibilities. The audit committee should review the integrity of the company’s financial reports and oversee the external reporting requirements.

Make timely and balanced disclosure – companies should promote timely and balanced disclosure of all material matters concerning the company.

Companies should establish written policies to ensure compliance with ASX Listing Rules and continuous disclosure requirements and accountability at the senior executive level. Companies should include comments with their financial results to enhance clarity. The commentary should include information to enable the investor to make an informed assessment of the company’s activities and financial performance. ASX Listing Rule 4.10.17 requires a company’s annual report to include a review of operations and activities. Information regarding the entitlements to executives should be disclosed.

Respect the rights of shareholders – companies should respect the rights of shareholders and facilitate the effective exercise of those rights.

Companies should design a communications policy to promote effective communication with shareholders and encourage participation at general meetings. Companies should be encouraged to communicate effectively with shareholders, e.g. website, email, facsimile or post. Advanced notifications should be given for group briefings or announcements, and results should be published and accessible.

Recognise and manage risk – companies should establish a sound system of risk oversight and management with internal control.

Companies should establish policies to oversee and manage material business risks and disclose a summary of those policies. The risks may include:

  • Operational
  • Environmental
  • Sustainability
  • Compliance
  • Strategic
  • Ethical conduct
  • Reputation or brand
  • Technological
  • Product or service quality
  • Human capital
  • Financial reporting
  • Market-related risks

Risk management policies should reflect the company’s risk profile and should clearly describe all elements of the risk management and internal control process. The company should also consider its legal obligations when developing risk management policies.

The board should also require management to design and implement the risk management and internal control system to manage the company’s material business risks and report whether the risks are being managed effectively. The results should be disclosed. Internal controls are an important element of risk management and should be designed and implemented in the internal control structure. The effectiveness of the internal controls structure should be reviewed annually. This review may be performed through an internal audit function and should be conducted independently of the external auditor. A risk management committee can be formed in larger entities to oversee the risk management and internal control process. The board should disclose whether it has received assurance from the Chief Executive Officer (CEO) or Chief Financial Officer (CFO) that the declaration provided following s295A of the Corporations Act is founded on a sound system of risk management and internal control.

Remunerate fairly and responsibly – companies should ensure that the level and composition of remuneration are sufficient and reasonable and that its relationship to performance is clear. 

The board should establish a remuneration committee. For smaller companies, board processes should be put in place to raise the issues considered by the remuneration committee. The remuneration committee should have a charter that sets out the roles and responsibilities, composition, structure, membership requirements and procedures for inviting non-committee members to attend meetings. The remuneration committee should consist of a majority of independent directors, an independent chairperson and at least three (3) members. The remuneration committee should review:

The company’s remuneration, recruitment, retention and termination policies and procedures for senior executives.

  • Incentives for senior executives.
  • Superannuation arrangements.
  • Remuneration framework for directors.
  • Remuneration by gender.

Companies should clearly distinguish the structure of non-executive directors and remuneration from that of executive directors.

Accounting Standards

woman making report using calculator

AASB101 sets out the requirements for the presentation of financial reports. Accounting standards set out the recognition, measurement and disclosure requirements for specific transactions. The Australian Accounting Standards are legally binding under the Corporations Act and are now equivalent to the International Financial Reporting Standards (IFRS). All companies that are required to report under the Corporations Act must prepare financial reports per AASB and IASB standards from 1 January 2005.

The following standards set out the disclosure requirements for financial reporting:

  • AASB101 – Presentation of financial reports
  • AASB102 – Disclosure of inventory
  • AASB107 - Statement of cash flows
  • AASB108 – Policy changes in accounting
  • AASB116 – Disclosure of property plant and equipment
  • AASB1031 - Materiality
  • AASB1048 – Interpretation of standards

Per the by-laws of the ICAA and CPA Australia, compliance with the Code of Ethical Conduct is mandatory for all members unless stated to the contrary. Non-compliance can lead to disciplinary proceedings.

The Accounting Professional and Ethical Standards Board (“APESB”) has developed a code of ethics for professional accountants, which is set out in APES 110, the primary principle being to act for the “collective wellbeing of the community of people and institutions that the members serve”.5

Auditing Standards

The auditor who audits the financial report for a financial year must provide an audit report to members. The report must state whether, in the auditor’s opinion, the financial report is a true and fair representation and is prepared following accounting standards.

An audit must be conducted following the Australian Auditing Standards developed by the AUASB. Auditing standards ensure that auditors comply with certain ethical and legal requirements throughout the audit. International standard ASA 200 sets out the objectives and general principles governing an audit of a financial report. The auditors’ report must describe any irregularities in the financial report and failure to comply with the Corporations Act.

Listed public companies must also include information that members of the company would reasonably require to make an informed assessment of the company’s operations, financial position, and business strategies and prospects for future years (s299A Corporations Act).

Auditing standards prescribe the basic principles of audit conduct and performance that govern the responsibilities of external auditors. Some of the main standards are set out below:

  • ASA 230- Audit documentation
  • ASA 240 – The auditor’s responsibility relating to fraud in an audit of a financial report
  • ASA 300 -  Planning an audit of a financial report
  • ASA 315 -Understanding the entity and its environment and assessing the risks of material misstatement
  • ASA 330 -The auditor provides responses to assessed risks
  • ASA 540 - Auditing accounting estimates, including fair value accounting estimates and related disclosures
  • ASA 560 - Subsequent events
  • ASA 600 -Special considerations – audits of a group financial report (including the work of component auditors).1

Australian Taxation Office (ATO)

The Australian Taxation Office is the Government’s principal revenue collection agency, and its role is to manage taxation, excise and superannuation systems that fund services for Australians. The ASIC and the Tax Commissioner have signed a memorandum of understanding (MOU) to consolidate and strengthen the working relationship between the two agencies.

For taxation purposes, the accounting year in Australia and the reporting period is a twelve-month (12) period from 1 July to 30 June. The balance date in this instance is 30 June. Businesses divide their accounting year into twelve (12) monthly periods or thirteen (13) four-week (4) periods so that items like cash flows, profits and losses can be ascertained and reviewed regularly.

All businesses except partnerships must file an annual income tax return. Businesses must also report the Goods and Services Tax (GST) to the ATO. Most businesses are required to do this quarterly on Business Activity Statements (BAS). The due dates for reporting are 28 October, 28 February, 28 April and 28 July. The legislation that governs the payment of income tax is the Income Tax Assessment Act 1936 (Cth) and the Income Tax Assessment Act 1997 (Cth). The legislation stipulates that all income derived by an Australian resident and a non-resident in Australia or any capital gain by a resident or non-resident must be included and be disclosed as assessable income. Employers are responsible for providing employees with payment summaries at the end of each financial year.

two business people discussing with computer

Internal Controls and Accounting Systems

In a small entity, the owner may be responsible for controlling the business's trading and accounting activities. In contrast, the owners are forced to delegate responsibilities to other employees in larger entities. The procedure adopted by an entity to control its trading and accounting operations is referred to as the “internal control structure”. The individual components of the internal control structure are referred to as “internal controls”. Internal control is defined as the management’s philosophy and operating style. 

An effective internal control structure will assist management in ensuring:

  • The business is conducted in an orderly and efficient manner to prevent the inefficient use of resources and unnecessary duplication of work procedures.
  • Compliance with all financial and operational requirements.
  • The identification, detection and prevention of irregularities.
  • Current and non-current assets are kept safe from unauthorised use.
  • Operational activities are accurately and completely recorded to allow for the timely preparation of financial information upon which business decisions can be made.1

Effective internal controls are designed according to the following key principles:

Organisations must employ security measures to protect their physical and non-physical assets.

These include internal controls such as segregating duties or assigning specific people to accounting responsibilities. This will help prevent having issues in the future, such as fraudulent acts.

Detective controls identify inconsistencies, inaccuracies or suspicious transactions in the accounting system. These can include unannounced inspections or financial records, checking of physical inventory, and review of computer logs.

Organisations must ensure that their internal controls are regularly reviewed; this can be done by employees who did not conduct any task relevant to the business activity or transaction to ensure the reliability and accuracy of the procedures implemented.

The Pros and Cons of Internal Controls

Pros and cons of internal control

Possible pros:

  • Prevents fraud: Proper implementation of internal control procedures will assist in detecting possible acts of fraud that can affect the business.
  • Prevents errors: Internal controls could help ensure that financial data and reports are accurate and reliable.
  • Maintains compliance with governmental regulations for compliance: Internal controls help ensure that the organisation complies with financial reporting obligations set by the government.
  • Minimise the risk of misuse: Having a smaller group of invested stakeholders lowers the risk of misconduct and misuse of resources. 

Possible cons:

  • Collusion: Two or more people intended by a control system to keep watch over each other could instead conspire to circumvent the system.
  • Human error: A person involved in a control system could make a mistake, perhaps forgetting to use a control step. Or, the person does not understand how a computer system is to be used or does not understand the instructions associated with the system.
  • Management override: Someone on the management team who has the authority to do so could override any aspect of a control system for his personal advantage.
  • Missing segregations of duties: A control system might have been designed with insufficient segregation of duties so that one person can interfere with its proper operation.

Potential Consequences of Having Poor Internal Controls

  • Poorly planned or executed internal controls can lead to employee frustration or apathy as there is no segregation of duties. On the other hand, it may be difficult to sustain an organisation that cannot adapt to well designed and administered internal control system. 
  • It may also cause the company’s auditors to become over-dependent on the internal control system, leading to the organisation’s susceptibility to fraud and errors.

Legal Obligations to Implement a Sound Internal Control Structure

Section 286(1) of the Corporations Act requires that a company keep written financial records that correctly record and explain its transactions, financial position and performance and enable true and fair financial statements to be prepared and audited.

The external auditor is responsible for ensuring the organisation has a sound system of internal controls in place. The responsibilities of an external auditor are set out in ASA 315 – Ethical requirements and understanding the entity and its environment and assessment of the risks of material misstatement.

The internal control system's design, implementation and maintenance are the responsibility of the organisation’s directors and management committee. Sound internal controls enable directors and management to monitor the organisation’s day-to-day operating activities due to the need to delegate responsibilities.

Developing and maintaining an adequate internal control system is often based on cost versus benefit considerations. The design and implementation of an internal control structure can be assessed in terms of the law of diminishing returns, e.g. the initial cost of designing and implementing an effective internal control system compared to the associated benefits derived once the system becomes fully operational.

Internal Control Objectives and Components

The main objectives of a system of internal controls are maintaining accuracy, completeness and identifying irregularities in accounting records. In addition, the following objectives must be complied with to produce timely information and to prevent errors and fraud:

  • Completeness – all transactions must be recorded and controls implemented to avoid omissions.
  • Validity – transactions must be verified and properly authorised.
  • Accuracy – transactions must be properly valued, classified, recorded and produced on a timely basis.

The internal control structure comprises financial and administrative controls. Financial controls are implemented to produce accurate financial records, safeguard assets and ensure individual employees are held accountable for their services. Accountability is an important concept where ownership and management are separate. The organisation's owner has to rely on management to control, safeguard and ensure a return is made to the business. Therefore, the concept of accountability is essential to the establishment of financial controls and maintaining objectives.1

Module Linking
Main Topic Image
office set up
Is Study Guide?
Off
Is Assessment Consultation?
Off