1 Corporate Governance as a Shield for Fraud. 2 Contents Understanding corporate governance Indian...
-
Upload
miles-harrington -
Category
Documents
-
view
217 -
download
0
Transcript of 1 Corporate Governance as a Shield for Fraud. 2 Contents Understanding corporate governance Indian...
1
Corporate Governance as
a Shield for Fraud
2
Contents
•Understanding corporate governance
•Indian and global governance trends
•Lessons learnt from high-profile corporate frauds
•Practices to combat fraud – Companies and Regulators
3
Understanding Corporate Governance
4
Strategic investors
Promoters
Minority stakeholde
rs
Independent
directors
Employees
Customers and
vendors
Regulators
Company stakeholders
World Bank Definition: Corporate governance is about promoting corporate fairness, transparency and accountability
Analysts
Input to strategy Right management team -succession
planning and performance evaluation Risk Management Monitor performance Stakeholder relations / accountability Monitor compliance
The Board
Management
Establish the right culture Right people in the right roles The right framework to monitor
performance Financial Reporting integrity Independent and objective assurance Stakeholder relations / accountability
What does good governance entail?
Financial Institution
s
Society at large
5
Why is good corporate governance important?
And why is this important …
Enhances reputation and brand
Adds value to strategy
Reduces cost of capital
Transition to professional management / succession
Improves positioning in the market
Attracts Investors
What is expected…
Wealth creation for Shareholders
Integrity and Ethics in Business
Focus on Sustainability
Issues
Development of Human Capital
Responsibility to communities
A new S&P study on corporategovernance at Indian companiessuggest:
• There is a link between corporate governance and market value
• Specifically, for every 1 point increase in the S&P governance score, a company's market value increased by 3%.
• Firms having high corporate governance scores were less leveraged with higher ROI and stableprofit margin.
6
Indian and Global Governance Trends
7
Governance trends in India
KPMG’s Corporate governance poll (2009) –
key highlights
Weak oversight and monitoring Empowerment to independent directors Protect minority shareholder interests Skill-sets of board
Stakeholder concerns
Linking CEO remuneration to company
performance Enhancing integrity and ethical values Accountability for oversight
Transparency and Accountability
Sufficiency of time and quality of information Risk management practices and board
oversight CSR and sustainability need greater attention
Board practices and priorities
Stronger regulatory review and exemplary enforcement
Principles based framework is more effective than Rules – Comply or Explain
Governance regulations
Increasingly Indian companies are focusing on quality of information, risk oversight and board evaluation processes to enhance the effectiveness of their oversight.
Respondents also indicate that there is a significant need to enhance integrity and ethical values in the larger eco-system.
8
Global developments that emphasize a paradigm shift in corporate governance . . .
There is greater directness and intensity in oversight
Principles based governance is taking firm roots
Risk oversight and management is assuming centre stage
Institutional activism– segregating the CEO and Board chair roles
Greater scrutiny of executive compensation and aligning it to long term performance
While enhancements to existing regulations are being proposed, corporates too are improving their practices
More focus on strengthening assurance functions
9
The nature of oversight is changing….
A review of disclosures
and earnings releases
A change in board’s
interaction with
management
An increased discussion at
executive sessions
An intense focus on Risk Management
2 3 54
There is a paradigm shift in Board and Audit Committee Oversight which means:
“Oversight” has a different meaning from what it was a year or two ago
Greater attention to
strategy
Focus on Fraud risk
1 6
Higher priority on succession planning Greater priority on scrutiny of performance and comparison to industry peers – is this too
good to be true? Have expertise in financial knowledge, performance and talent management Engage management in substantive debates about strategy Have access to significant executives beyond the most senior levels Good or optimal access to leading industry indicators and data
What highly influential Boards do differently?
10
Lessons Learnt from High-Profile Corporate Frauds
11
• Board and board committees’ lacked independence
• Executive directors were not accountable
• Promoter CEO wielded absolute control
What were the issues that led to the fraud?
• Inability of a high profile board to challenge promoters on dubious related-party transactions
•Lack of independent and objective assurance
•Lack of antifraud program and controls
What were the issues that led to the fraud?
Recent corporate frauds – key issues that led to it
Enron a case of ethical breakdown……
What were the issues that led to the fraud?
• Board members were not truly independent
• Board and board committees’ oversight practices were ineffective
• Breakdown of ethical procedures
• Lack of auditor independence
Parmalat and Satyam, cases where promoters were involved in committing fraud
12
Accounting frauds – Common red flags
Cost reduction initiatives increase the potential for internal control breakdowns and frauds
Oversight of senior management activities is lacking thereby giving rise to the potential for management override
Management incentives tied to short term performance measures
Disagreements between the auditors and management are either not known or known too late by the audit committee
Complex accounting issues, frequent changes to accounting policies with inadequate time to review them
Access controls and segregation of duties ineffectively configured at the time of implementing new IT systems
Urge to beat market expectations on earnings
Internal audit does not have adequate stature, independence and skill sets
13
Practices to combat fraud
-What should companies be doing?-What should regulators be doing?
14
What should companies be doing?
15
The 3 Ps of combating fraud
People
Philosophies
Processes
The Ethical Ecosystem of an Organization is based on three corner stones
1
2 3
3. Processes1. Philosophies 2. People
• Governance• Leadership value system• Code of Conduct, Ethics
• Recruitment• Training• Performance management• Delegation
• Policies• Control environment• IT systems• Assurance
16
2Operationalize the value system and code of conduct / ethics
Establish an effective anti-fraud program
Use technology driven assurance processes
Strengthening governance structure to combat fraud – key focus areas
3
4
Enhance audit committee effectiveness1
17
Enhance audit committee effectiveness 1
Explicitly review and approve the appointment of auditors and the audit plans for adequacy of scope, coverage and performance
Proactively monitor major financial transactions and compensation policies including coordinating with other board committees
Conduct executive sessions with internal and external auditors
Review and approve anti fraud programs and controls
Scrutinize related-party transactions closely
18
Lessons Learnt by Audit Committees from Global Accounting Frauds
Need for independent audit committees with deeper financial expertise
Need to get external perspectives on the company
Need for a strong and objective internal audit function
Need for audit committees to be attentive to all aspects of the external and internal audit process
Broadening the scope of the
audit committee
19
Improving oversight of financial reporting – aspects to consider by the audit committee (1)
Accounting and Reporting:Be informed of:
•Actual or likely changes in accounting rules and regulations, which will affect the company’s financial statements
•Changes in the business environment and the auditors’ reaction to these changes
•Critical accounting policies of the company and material alternative accounting treatments selected by the management, including reasons for selection
Interactions with external auditor:
•Challenge the external audit risk assessments and audit plan for key differences with management’s assessment of risks
•Review external auditor’s assessment of internal control systems and anti –fraud controls (including whether and how the external auditor has reviewed areas susceptible to management override)
•Adopt procedures with respect to independence of the external auditor and private sessions
•Determine to what extent the external auditors place reliance on Internal Audit work
•Evaluate how external auditors have assessed complex areas (significant estimates, alternative accounting treatments, disclosures)
•Resolution of audit differences with management
20
Improving oversight of financial reporting – aspects to consider by the audit committee (2)
Quarterly Discussions on Financial Reporting
Review:
•Consistency of reported and planned results
•Review the inter-linkages between operational / strategic developments and its impact on financials (is it in line with expectations)
•Company financial results relative to peer group and competitors
•Consistency of facts presented in financial statements with those in the Management’s Discussion and Analysis and other non-financial statement disclosures
•Accounting principles and practices relative to industry norms
•Significant accounting estimates and judgments
•Significant complex and/or unusual transactions
•Significant related party transactions
•Complaints received regarding accounting and auditing matters, including ‘whistleblower’ information
21
Operationalise the code of conduct
An objective and independent whistle blower
program
Strong internal audit to monitor code of conduct
compliance
Operationalizing the Code of Conduct entails having:
2
22
An objective and independent whistle blower programAttributes of a best-in-class whistle blower process/mechanism:
Confidentiality: All matters reported are treated confidentially.
Anonymity: The organization’s protocols allow for anonymous submission of issues.
Organization-wide applicability: Employees at international locations are able to use the process/mechanism 24*7
Real-time assistance: The mechanism provides immediate “live” response (Eg: Hotline)
Data management process: The mechanism uses consistent protocols to gather relevant facts
Audit committee notification: The mechanism has protocols to determine which allegations are to be escalated to the audit committee
Prominent communications: The whistle blower process is well publicized and its awareness among employees increased through formal/informal training sessions
Multiple channels: The mechanism offers multiple communication channels such as hotline, email and website for employees to raise issues
23
Strong internal audit to monitor code of conduct compliance: a Unilever example
How do you monitor breaches to the code of conduct?
Is your staff familiar with the code??
?
?
?
How have you communicated the code of conduct to staff members?
How do you investigate and deal with suspected breaches?
Some questions that auditors ask staff at Unilever
How do they monitor
compliance?
Reflect on whether senior executives and business managers value the work of internal auditing
Audit areas where staff is not getting enough training on the meaning of the code
>
>
>
>
Audit areas where there is evidence that management action in response to confirmed code breaches is not appropriate
Survey if evidence on staff attitudes about the importance of control and compliance flags a disconnect between what the leadership says and what is actually happening
> Monitor whether there are any trends in the issues employees are raising
24
Strengthening Internal Audit to combat accounting fraud
•Flexible audit planning / scheduling methodologies with rolling risk assessments
•Greater reliance on technological tools that facilitate monitoring key risk indicators and continuous auditing/ monitoring
Greater coverage
Continuoustesting of key
controls
Lower audit
costs
89% 85% 61%
Ability to test 100% of the population
67%On-going
identification of changing risk levels
67%
What is required from Internal Audit?
Results from a recent IIA Gain survey of senior executives at Fortune 500 companies points to the following major benefits with continuous auditing/continuous monitoring (CA/CM):
25
Establish an effective anti-fraud program
Do organizations assess fraud risk exposure periodically?
Is there a fraud risk management program in place?
2
1
Are preventive and detective anti-fraud techniques in place?3
Is there a consistent approach to investigate fraud or suspected occurrences including a reporting process?
4
3
26
Undertaking a comprehensive fraud risk assessment – key aspects to consider
>
>
Organizational assets, operations that are susceptible to fraud
Reports of auditors – internal and external audits
Segregation of duties>
Employee morale and turnover>
>
>
Adequacy of existing anti-fraud programs and their monitoring
Past events and responses
Likelihood of a significant fraud happening>
Compliance issues / response to audit findings and surveys
>
>
>
Monitoring of ethical breaches
How are subsidiary performances monitored?
27
Use technology driven assurance processes
IA has the primary responsibility for fraud risk assessment and monitoring
Data mining tools are effective in preventing or detecting frauds in organizations
IA either does not focus on fraud risk or conduct investigations concerning frauds – only if required by management
56%
41%
60%
• Shortage of specialist skill
• Low level of skills, confidence in use of technological aids
• IA’s position / stature
KEY CHALLENGES:
4
A recent KPMG survey reveals that more is expected of internal audit in the sphere of fraud
28
What should regulators be doing?
29
More clarity needed on roles, responsibilities and liabilities
Increased clarity around duties, responsibilities and liabilities of directors
Transparent and unambiguous penalties and prosecution for breach of duties
Strengthening the enforcement framework/ simplifying the judicial process (e.g. rules and criteria to fund investor associations in class action suits)
Feedback mechanism between directors and regulators (e.g. recent spate of resignations in directors and how the regulator responded)
Regulators could consider strengthening regulations by providing more clarity on fiduciary responsibilities of the board and auditors, and introducing penalty clauses for
breach of duties. More importantly, regulators should strengthen their enforcement framework.
1
2
3
4
5
30
Key global regulatory best practices
Audit Inspection Unit, which undertakes inspection of individual audit firms and makes its reports publicly available
The review of “Operating and Financial Review” by the Financial Reporting Review Panel in the UK
SEC in the US prosecutes over 50 cases every quarter of insider trading with sizeable penalties
Clear mandate, resources and tools are fundamental to ensure effective regulatory oversight
6
1
2
3
Financial Fraud Enforcement Task Force – a recently set-up interagency task force in the US– to combat financial fraud at a national level.
4
31
Questions
Thank you!