Roundtable Roundup
Continuing our series of industry events, we were pleased to host a breakfast roundtable alongside our friends from Atticus and Herbert Smith Freehills LLP (HSF). Joined by a selection of our clients, we gathered at the Eight Club to tackle two issues that are front of mind for those responsible for overseeing and managing corporate governance and compliance:- The practical considerations for governance professionals and the Board in relation to the updated UK Corporate Governance code, specifically on Internal Controls
- Amplifying process and mitigating risk through the deployment and effective use of technology
The revised Code
The underlying thought was that what was set out at the start of this year was unequivocally a ‘watered down’ version of what was expected from the consultation that preceded it with the FRC keeping changes to the Code to a necessary minimum. The published revisions to the Code placed focus very much on Internal Controls and Provision 29 at the expense of emphasis on ESG and the role audit committees play, as well as modifications to provisions on board diversity and over-boarding. Whilst the prior expectations of the Code remained, Provision 29 looks to address blanket statements that would previously be used in the old reporting regime to cover the effectiveness of a company’s Internal Controls. Replacing ‘blanket’ and ‘homogenous’ statements is a requirement for companies to describe not just what they’re doing but also a declaration on the effectiveness of their Internal Controls. Those not deemed ‘sufficient’ would be subject to a further explanation on how they would be improved. The belief, within the discussion, is that those companies that have securities listed in the U.S. will be better placed to react due to the Code being less rigorous than the Sarbanes-Oxley (SOX) Act. Another commonly held sentiment was that companies had been preparing for this for a while, perhaps as far back (or at least the number of successive PM’s elected would imply longer than reality!) as Theresa May made corporate governance a key tenet of her leadership. For those who don’t have to adhere to SOX, there was a feeling that the Brydon Review, which investigated the effectiveness and quality of audits, would shape their approach and that more rigour would be required with resilience statements becoming more important. However, this was tempered by the knowledge that audit fees have risen and their external auditors’ capacity is stretched, not to mention that the tendering process for auditors are onerous. There was a general agreement that annual audits are increasingly time-intensive and the level of scrutiny of detail is increasing. Disclosures and declarations in the Annual Report will need to appropriately consider the materiality of the company’s Internal Controls and this can vary considerably from one company to another. There was the view that there might be a ‘first adopter disadvantage’ in respect to the declarations included within the next round of Annual Reports, and in advance of the changes coming into effect from January 2026.Implementing Technology: Governance and Compliance
Led by Patrick from Atticus, the discussion turned its attention to the process and strategy of successfully using technology to improve the existing work performed within governance teams.Framing the Value
A point was made that framing the proposition was vital to it receiving buy-in. The media can be guilty of creating a negative view with ‘click-bait’ headlines that provide an unhelpful narrative.
The governance team can use framing to ensure that there is adequate context in what the landscape without the technology looks like, as well as how the tool will improve and enhance the function/process once implemented.
Managing expectations comes within the method of framing. LinkedIn would lead you to believe that AI is a silver bullet but ultimately it’s (in its current form) still a tool best deployed on the mundane and repeatable tasks (and crucially, is not a replacement for bad structures and processes). AI, like all tech solutions, should be seen through the paradigm of amplifying, rather than replacing, existing processes.
Managing expectations comes within the method of framing. To use AI, for example, LinkedIn would lead you to believe it’s already the silver bullet but ultimately, it’s still a tool best deployed on the mundane and repeatable tasks.
Existing Expertise
A lack of internal knowledge already residing within your organisation will slow down the adoption and implementation speed of any technology you want to utilise within your business. Having that expertise already in-house helps to support the technology in discovery, implementation and in-use, thus avoiding a wane in enthusiasm between purchase and the appointment of someone who can utilise the tool.Secure senior buy-in early
Getting your senior stakeholders involved in the project early on ensures that they will be more likely to champion its uptake across the lifespan of the implementation. These are the people who can translate what the technology can do to help teams across functions as well as the value of the product to other stakeholders.Good technology won’t improve bad processes
All successful tech implementations are based on enhancing existing processes that work without the technology and use the add-on to enhance or develop what works. If you’re trying to use the technology in the hope it will fix a process that doesn’t work in its current iteration, you’re swimming against the current.How does it fit into your existing ecosystem?
Governance software isn’t always a low-value investment and presenting a business case that caters for ways it can integrate into other software, such as HR or finance and audit systems mean that you’re selling the platform based on how it will enhance what the company is already doing and not on the promise of what it might bring to the party.
