The report is the most detailed articulation by the corporate regulator of its expectations of boards and directors. Unlike APRA, which outlines board responsibilities through its prudential standards, ASIC has traditionally been reluctant to detail its own expectations – until now.
ASIC’s report examines governance practices at seven financial services institutions, and outlines a set of questions which it believes all large listed companies should consider. The entities which were the subject of the review were: ANZ, AMP, CBA, IAG, IOOF, NAB and Westpac.
AICD’s detailed summary and analysis can be found here along with Mr Shipton’s launch address to AICD members.
Consistent with the APRA prudential review into CBA, and Commissioner Hayne’s final report of the Financial Services Royal Commission, ASIC found that financial services entities are struggling to grapple with non-financial risk and need to significantly improve practices.
Acknowledging that frameworks to support board oversight of non-financial risks were largely in place, ASIC sees the issue as being ineffective implementation rather than deficient governance structures.
In particular, ASIC highlighted perceived deficiencies in: articulation of, and adherence to, risk appetite statements, particularly as they relate to compliance risks; information flows to the board; and functioning of board risk committees.
The report makes clear ASIC’s expectations that:
- boards are to engage in greater challenge of management and do all they can to ensure that they receive the right information to oversee and monitor non-financial risk;
- directors exercise active stewardship which requires probing and analysis of information presented by management, and judgment on the merits of proposals and the adequacy of management actions;
- boards take a more active role in overseeing non-financial risk, including taking a robust approach to the organisation’s risk appetite statement and associated metrics;
- boards monitor the implementation of governance frameworks, focusing on substance rather than form; and
- directors actively consider whether they have capacity to dedicate adequate time to their roles in light of other board commitments.
Questions for boards
The questions posed by ASIC for boards to consider are sensible overall. In large part, they would be matters which listed boards, especially in the financial services sector, would be actively considering in response to the Hayne Royal Commission and APRA prudential inquiry into CBA.
This includes questions aimed at improving the quality of management reporting on non-financial risks; more rigorous oversight of risk appetite statements and their alignment with practice; reviewing the processes of board risk committees and their agendas and scheduling meeting frequency to better support board oversight.
For directors serving on multiple boards, especially those in financial services, the report highlights ASIC’s expectation that workloads are increasing and directors need to be able to dedicate adequate time to their roles.
On the question of board minutes, ASIC has made clear that it expects to see greater detail including reasons for decisions. Referencing the AICD-Governance Institute joint statement on minutes, ASIC has called on boards to benchmark their practices against it. While the purpose of minutes is not to facilitate regulatory oversight, ASIC’s report does highlight how minutes can be used after the fact as evidence that directors have (or have not) discharged their duties.
ASIC has also released the report of the behavioural expert firm engaged to assess how board behaviours enhance or impede their oversight role. Based on data drawn from 19 listed entities, the report outlines what the firm considered to be helpful or unhelpful mindsets and behaviours, with a view to supporting effective board oversight.
The expert report does not offer a great deal of new insights, however. It draws broad conclusions from a very limited data set and reiterates well-known risks around dominant chairs, lack of self-reflection by directors, and the value of board dynamics that support robust challenge of management.
Speaking at the AICD Essential Director Update, ASIC Chair, James Shipton, made clear that while it had been a useful exercise from their perspective, the regulator does not “propose to put behavioural experts in every boardroom on an ongoing basis”. It remains to be seen whether such an approach will be repeated by ASIC.
Report on variable remuneration to follow
Looking ahead, ASIC is expected to release the second report of its Corporate Governance Taskforce before year end, which will focus on board oversight of variable remuneration – a vexed issue, especially in financial services where APRA is currently consulting on a highly prescriptive draft prudential standard.
It will be interesting to see what the regulator has to say under this second workstream. While challenges in financial services have been well-documented, especially through the Hayne Royal Commission, the same scrutiny has not been applied to board oversight of variable remuneration. Different dynamics are also at play, including the role of investors and operation of the ‘two strikes’ rule.
With ASIC’s report set to comment on practices at listed entities both within and outside the financials services, the corporate regulator will be in uncharted territory.
More fundamentally, ASIC will need to determine its approach to supervision of corporate governance going forward. The work of the Taskforce has overturned years of light-touch regulatory practice but only has funding until the end of this financial year. It is unclear what their plans are beyond these two reports.
What is clear though is that regulators are no longer reticent to opine on what they consider better governance practices. Whether we will look back on this as a temporary or more long-lasting shift in approach remains to be seen.