The practical challenges of corporate governance
In all but the simplest organizations, achieving good governance presents challenges.
- The work is inherently complex, involving a large number
interrelated items of knowledge across the entire organization:
compliance requirements, policies, procedures, controls, training
and communication requirements.
- There is continual change within the organization: new systems,
improved procedures, new suppliers and customers and contracts,
turnover of personnel.
- The organization operates in a complex landscape of shifting regulations
(often across multiple jurisdictions), investor demands, contractual
requirements, and community expectations.
The organization must not only achieve good governance, it
must also be able to prove it.
- The organization’s governance system, as a presentable body of
knowledge, is its first line of defence in the event of a compliance
failure. The penalties for compliance failure are increasingly dire,
including, in some areas, seven-figure fines and prison time for
directors and officers.
- As a supplier,
the organization may be required to demonstrate good governance to
meet contractual obligations and to satisfy its customers’ supply
chain due diligence requirements.
- Directors have a
duty to oversee the organization’s activities including, amongst
other things, its compliance with statutory obligations. The
governance system should be presented in a way that makes exercising
this oversight straightforward.
‘Traditional
documentation’ — meaning a collection of documents, PDFs,
spreadsheets, etc, on a shared drive or intranet — is not fit for
purpose when it comes to corporate governance: the body of knowledge
is too complex and the organization and its requirements are changing
too quickly. The organization can never be confident that its
governance system, as documented, is demonstrably complete,
consistent, and up-to-date.
A Phrontex corporate governance management system is a methodology for
organizing, maintaining, and controlling the items of knowledge on
which your corporate governance relies. It is a fast, efficient, and
effective way to meet the practical challenges of corporate
governance, more reliably, with less effort, and at lower cost.
The documentation problem
Corporate governance has to be documented as a single body of knowledge.
You have to be able to see the mapping from your compliance
requirements to the policies and procedures in place to meet them.
And you have to be confident that everything remains mutually
consistent and up-to-date in the face of continuing internal and
external changes.
This just can’t be done with separate
documents.
Corporate knowledge maintained in a set of
documents will always have overlaps, gaps, and contradictions, and be
somewhat out-of-date. On average in established organizations, 65
percent of the documentation pages are obsolete, duplicated, or
irrelevant. Good management gets lost in a swamp of bad documents.
Traditional documentation is expensive
The costs of
documentation are usually not measured; but they are obviously there.
- Every document in your collection took management or consultant time to
create. It had value at the time it was issued; but if it’s now
more than two years old, its value has probably depreciated to zero.
- The more documents you have, the more time your people spend looking for
the information they need, and the greater the likelihood of misunderstanding and operator error.
- The time and effort expended on induction, training, and internal
audit is in part a function of the quantity and quality of your documentation.
Documentation is a point of risk
Your organization is responsible for what your
documentation actually says. You’re at risk if
- any of your documentation is incorrect, incomplete, contradictory, or obsolete; or
- you’ve failed to communicate it to the employees who need it.
Governance requires a single source of truth
An organization has a lot of moving parts:
multiple activities, multiple objectives, multiple compliance
obligations, in many cases spread across multiple jurisdictions. The
challenge is to give your people an integrated body
of knowledge defining your governance objectives, responsibilities,
and activities: a single, definitive point of reference, to ensure
that everybody is literally on the same page
Your governance system has different types of
user, each with their own needs and starting points.
-
Directors overseeing your activities want to see your
compliance requirements, and for each requirement see what you have
in place — policies, procedures, training, etc — to meet that
requirement.
- Managers responsible for an activity need the reverse: for
any activity, they need to see what compliance requirements are relevant.
- Employees want to go directly to the information
relevant to the work they have to do. They should be able to assume (and
in practice, will assume) that if they follow the information,
their activities will be safe, legal, and compliant.
- Your trainers and HR people need to know, for any role in your
organisation, what knowledge a person in that role must have, and
what information they must have access to.
Line-of-sight governance
For
directors and officers,
governance is about being able to see that the
organization is aware of its obligations and is doing everything it
should to meet them.
A corporate governance management system makes
this straightforward:
Register of compliance requirements: statutes,
regulations, industry and professional codes, ISO standards
Directors must be satisfied that the register contains
everything it should.
For each item in the register, a
schedule of obligations:
things the organization must do (or make
sure it does not do) to meet the requirement
Directors must be satisfied that each schedule is a reasonable
interpretation of the statutory requirement.
For
each schedule entry, a mapping to the policies,
procedures, controls, and training requirements that the
organization has in place to ensure compliance.
Directors
must be satisfied that the items in place are sufficient in
principle and effective in practice.
Case learnings
From NHVR prosecutions, 2024
Organizations were prosecuted because they did not:
- Have systems and procedures in place to ensure employees are
adequately trained in their roles to enable ongoing compliance.
- Provide adequate information, training, instruction, and/or
supervision to employees and other parties in the chain of
responsibility.
- Develop and implement systems and processes, including
disciplinary practices, to ensure adherence by all employees to
policies and procedures.
- Monitor and review all policies and procedures to ensure they
still meet the needs of the company.
The Phrontex implementation project
The Phrontex service is a project to create and implement a corporate governance management system in your
organization.
Most organizations already have many of the required elements for a governance system; but often, these elements
are spread across multiple information stores, poorly documented,
poorly communicated, and inconsistently managed.
The Phrontex project pulls these elements together into a single, integrated,
easily-maintained, well-communicated system.
Objectives
- Ensure that the organization can prove that it is aware of its regulatory and
compliance obligations and is doing everything it should to meet them.
- Standardize, simplify, and minimize the governance systems and procedures so that
good governance is automatic, built in to the organization’s routine activities and behaviours.
Outcomes
The Phrontex project delivers:
- A knowledge structure containing the policies, procedures, registers, and other
documentation that defines your governance system
- Procedures for managing, validating, and verifying the governance system itself
- Skills transfer to reinforce the in-house capability to operate, maintain, and
improve the system
- A communications and awareness program to support roll-out and implementation
Return on investment
Phrontex delivers better governance at lower cost.
- Reduced risk of compliance failure
- Better knowledge management, reducing training and induction
- Faster decision implementation
- Simplified oversight and audit
- Less work to maintain compliance and implement changes
Corporate governance isn’t optional. Phrontex is a better way to achieve it.
