Despite what some commentators might have us believe, most professional directors are aware of and conscientious about their legal duties. In both the commercial and not-for-profit (NFP) areas, these can include duties to avoid undisclosed conflicts and unauthorised profits; to act with care, skill and diligence; to exercise their powers in good faith in the interests of the entity and for a proper purpose; to take reasonable steps to achieve compliance with the financial reporting requirements; and to avoid insolvent trading. Directors of fiduciary entities such as superannuation trustees have overriding duties to their beneficiaries, including prioritising their interests. That is clear.
More uncertain is how much and what the board must do for directors to be comfortable they have adequately discharged those duties. In the current climate, it is inevitable that any board with a majority of non-executive directors will at some stage ask whether the right issues and information are coming to it. Chief Justice Rodgers said in AWA Ltd v Daniels (1992) 7 ACSR 759 that “it is something of an anachronism to expect non-executive directors, meeting once a month, to contribute anything much more than decisions on questions of policy and, in the case of really large corporations, only major policy”. This does not seem to embrace matters such as compliance and culture. If not, does Justice Rodger’s observation still hold true?
In its consultation draft of the revised Corporate Governance Principles and Recommendations, released in May, the ASX Corporate Governance Council (CGC) proposed adding to its description of the “usual responsibilities” of the board of a listed entity. Things to be added included “defining the entity’s purpose” and overseeing management in its “instilling of the entity’s values”. The CGC indicated that information provided to the board by the senior executive team “should not be limited to information about the financial performance of the entity, but also its compliance with material legal and regulatory requirements and any material misconduct that is inconsistent with the values or code of conduct of the entity”. It also included a draft recommendation that an entity “require the board to be informed of any material breaches of a listed entity’s code of conduct by a director or senior manager, and of any other material breaches of the code that call into question the culture of the organisation”.
The challenge for individual directors is to understand how far they need to go to meet these changing expectations, particularly in their relationship with management.”
Regardless of whether these changes are adopted, their inclusion by the CGC in the consultation draft points to shifting community expectations of boards. When significant compliance failures linked to poor corporate culture come to light, the first question will often be, “Where was the board?” The challenge for individual directors is to understand how far they need to go to meet these changing expectations, particularly in their relationship with management.
Corporate law has a lot to say about the division of decision-making powers between the shareholders in general meeting on one hand, and the board of directors on the other. However, it is less prescriptive about what can be delegated to management and what ought to remain with the board. The historic role of the board was to manage the business of the company. More recent formulations of its role point to the reality that, in companies with predominantly non-executive boards, its role is to direct the management of the company; thus section 198A(1) of the Corporations Act 2001 (Cth) — which is a replaceable rule — provides that “the business of the company is to be managed by or under the direction of the directors”.
Most boards see their role as setting the entity’s strategic objectives, appointing the CEO and determining the appropriate remuneration structures, approving the risk management frameworks, overseeing management’s implementation of the strategy and taking responsibility for the entity’s financial reporting.
These functions may be carried out by the full board or by committees of the board on its behalf. While this is fairly typical, academic studies of board charters suggest that there is no one-size-fits-all answer. Every entity is different. What matters in practice is that the respective roles of board and management are effectively delineated.
Ultimately, the question of what must be addressed by the board is answered by reference to two things: the individual directors’ (non-delegable) duties of care and diligence, including specific “reasonable steps” duties such as the statutory duty in relation to financial reporting, and the legal rules relating to delegation and reliance.
A string of directors’ duties cases, from AWA v Daniels at first instance and on appeal onwards, has confirmed that the responsibilities of directors require them to “take reasonable steps to place themselves in a position to guide and monitor the management of the company”. In Trilogy Funds Management Ltd v Sullivan (2015) 111 ACSR 1, Justice Wigney in the Federal Court confirmed the nature of the duty, including that “directors must become familiar with the fundamentals of the business in which the corporation is engaged and are under a continuing obligation to keep informed about the activities of the corporation. Directorial management requires a general monitoring of corporate affairs and policies. The directors should maintain familiarity with the financial position of the corporation”.
Directors have a duty to take reasonable care to prevent foreseeable risk of harm to the entity’s interests; these interests are not limited to its financial interests and extend to its reputation and interests that relate to compliance with the law. Growing recognition of the risk that poor culture poses to these interests requires boards to engage with and reflect on the culture of the entity. While most directors recognise and accept the importance of “tone at the top”, the extent to which a majority non-executive board can police culture throughout an entity is unclear. There is a concern that ramping up boards’ involvement in “instilling” culture blurs the distinction between the responsibilities of board and management and sends boards too far into the operational weeds. There is a sense that regulators and self-regulatory bodies are increasingly pushing boards in this direction. The challenge for boards is how best to satisfy their duties of care in relation to things that resist being reported up in numbers or other hard metrics.
Boards can delegate the exercise of their powers to management, but not the discharge of their legal duties. The law allows directors to rely on their delegates to act appropriately, and on information and advice provided to them by others, but only to the extent that it remains reasonable to do so.
Boards need to realise there may come a point where reliance is no longer appropriate. This can include where there are red or amber flags about the entity’s culture. It is therefore important that the board has available to it the right information to make that assessment.
Corporate law evolves, albeit slowly, in line with community standards. This is evident in the rising standard of care from a low base historically to the more exacting requirements of AWA v Daniels and beyond. That evolution continues. Generally accepted statements of board or individual responsibilities, including in self-regulatory pronouncements such as the Corporate Governance Principles and Recommendations, can be evidence of changes in community standards and were used as such by Justice Austin in deciding the responsibilities of the chair of the One.Tel board in ASIC v Rich (2003) 44 ACSR 341.
In a different context, Justice Santow AO in Vines v ASI (2007) 62 ACSR 1 said, “What is expected here is a level of scrutiny as befits supervision, not the detailed direct involvement that is associated with operational responsibility”. That seems a useful yardstick.