In December 2017 The Ethics Centre, the Governance Institute, Chartered Accountants Australia New Zealand and The Institute of Internal Auditors released a new guide: Managing culture – a Good Practice Guide.
The report argues that a strong ethical framework – which is different to a code of ethics or code of conduct – should sit at the heart of the governance framework of an organisation.
This should include a clearly espoused purpose, supported by values and principles, and the systems and oversight to maintain these.
The report steps through the roles of different functions within organisations, from boards through to internal functional areas. At a high-level, these are set out below:
- The board is responsible for setting the tone from the top. The board should set the ethical foundations of the organisation through the ethical framework. Consistently, the board needs to be assured that the ethical framework is embedded within the organisation’s systems, processes and culture.
- Management is responsible for implementing and monitoring the desired culture as defined and set by the board. They are also responsible for demonstrating leadership of the culture.
- Human resources (HR) is fundamental in shaping, reinforcing and changing corporate culture within an organisation. HR drives organisational change programs that ensure cultural alignment with the ethical framework of the organisation. HR provides alignment to the ethical framework through recruitment, orientation, training, performance management, remuneration and other incentives.
- Internal audit assesses how culture is being managed and monitored, and can provide an independent view of the current corporate culture.
- External audit provides an independent review of an entity’s financial affairs according to legislative requirements, and provides the audit committee with valuable, objective insight into aspects of the entity’s governance and internal controls including its risk management.
Launching the guide on 12 December, ASIC Commissioner John Price emphasised that culture remains a top priority for the corporate regulator.
“ASIC's regulatory interest in culture is linked to our mandate and primarily relates to conduct. This should not surprise anyone – ASIC is a conduct and disclosure regulator.
Importantly, ASIC sees culture (the way we do things around here) as a key driver of behaviour within the business community. Other strong influences on behaviour include remuneration structures and the likelihood and consequences of being caught doing the wrong thing. All of these matters are of keen interest to us as a regulator.”
Mr Price emphasised that it is companies themselves – from the board down – that must own and drive corporate culture.
“Although we think culture is vitally important for the organisations we regulate, we are not going to dictate the kind of culture a company has. Culture is at the heart of how an organisation and its staff think and behave. It is an issue that companies themselves must address.”
The Managing Culture report covers:
- The regulatory context, examining Australian and offshore regulatory focus on culture, including ASIC’s views.
- Definition of culture, as the sum of an organisation’s shared values, principles and behaviours, and the ‘collective relationships, shared assumptions and power struggles that exist in an organisation’.
- Identifying and setting culture.
- Embedding culture, including the role of the board, links with risk appetite, role of management, and options for cascading culture through an organisation.
- Gaining assurance over risk culture, covering the role of audit.
Board oversight of culture
The report argues that one of the key factors for success in setting effective cultures is the oversight function of the board.
‘To successfully develop a culture of openness and transparency, the behaviours of directors need to be commensurate with the stated values and principles of the organisation, and that can only be facilitated by robust and open discussion and debate.
“Behavioural expectation involves a readiness to test and challenge and, in respect of risk matters, a readiness to seek external advice in doing so if it is felt to be appropriate.
The independence of mind of non-executive directors provides a foundation for enquiry and for building openness with, and trust from, senior executives. In turn, management needs to recognise the contribution that non-executive directors make to such cultural values.’ Managing Culture – page 16
The report also includes a useful appendix summarising specific regulatory mechanisms related to culture as well as ASIC’s views on the drivers of good culture.
Download a copy of the report here.