Play by the rules

WILL SPINNEY explains what the treasurer needs to know about internal controls and governance.
Will Spinney

There have been many approaches to corporate governance over the last 20 years, with new approaches constantly suggested. In the UK there has been the Cadbury Report (1992), the Greenbury Report (1995), the Turnbull Report (1999) and the Higgs Report (2003), among others. New mechanisms are usually introduced in response to corporate scandals, such as Guinness in the 1980s, Maxwell, Polly Peck and BCCI, as well as the collapse of Enron in the early 2000s.

In each case the public and politicians were surprised by what was actually going on inside some of the largest corporates in the country.  Modern firms have to balance many competing considerations, reflecting their obligations to shareholders, employees, customers, suppliers and creditors, as well as wider social responsibilities to the communities in which they operate.

However, the need to reflect the wishes of the owners (the shareholders) has typically been the focus for debate on reform of corporate governance.

Corporate governance usually refers to the relationship between the management of a publicly owned company and its shareholders, where risks arise (called agency risks) deriving from the separation of ownership by shareholders and operational control by management.

At its most extreme, agency risk covers the ability of directors to extract rewards for themselves while leaving shareholders unrewarded – for example, by giving themselves bonuses or pay rises when the company has lost money.

Classically, in risk management, a business runs certain risks in order to make a return on the shareholders’ investment, although shareholders expect the company to reduce the business impact of some types of risk. But how can investors be sure that management is taking, managing and reducing the risks according to investors’ expectations?

The protection of investors from agency risks has been the main aim of corporate governance recommendations throughout the world. Good corporate governance is deemed essential to safeguard company assets and maintain and enhance investor confidence, thus providing greater access to funding and reducing the risks associated with fraud.

Developments in corporate governance have been very much directed at publicly listed companies (where the agency issue is usually at its most stark) and the implementation of these developments is a mixture of:

  • 
company law applying generally – for example, in the UK
  • 
other legislation such as Sarbanes Oxley in the US, directed at listed companie and
  • listing requirements, such as the Combined Code in the UK. Yet treasury operations are required in businesses of all sizes – publicly quoted, owned by private equity or other groups, such as families. Whatever the size or ownership model, governance is still necessary and treasury is a key part of that. The lessons from the quoted sector thus apply to all businesses.

Around the world.

Virtually all developed countries have unique elements within their corporate governance systems, but most of the key differences are reflected in three distinct models:

The Anglo-Saxon model. Used in the UK and the US, this model is based on widely dispersed share-ownership with significant shareholder activism and a lively market for corporate control. A single board runs the company but there is significant independent membership to control executive management. China appears to be developing in this direction.

The European model. This model operates in Germany and many other European countries, where banks’ crossholdings of equity and concerns about social responsibility are dominant influences on business operations and internal control mechanisms. A managerial board reports to a supervisory board, part of which is elected by employees.

The Japanese model. This model reflects national culture directly in the governance and ownership structures. In Japan the inter-relationships between companies extend beyond equity ownership to encompass industrial relationships and the supply of raw materials. Shareholder activism in the Western sense is virtually non-existent. Notwithstanding the recent changes in corporate governance outlined below, the Japanese board’s focus on the long-term viability of the company and the interests of its employees, rather than on shareholder wealth, is often seen as a major strength of the system, providing the basis for the exceptional economic growth achieved in the post-war era.

Changes in this area are becoming complex. Several worldwide standards, such as Basel II, which affects banks, are among the more recent supervisory approaches. Europe continues to assert itself with approaches such as the Markets in Financial Instruments Directive (MiFID), which affects financial services firms. And it is likely that the response to the credit crunch will bring more controls. One major influence, however, is the introduction in the US of the Sarbanes-Oxley Act, which has become a global ‘gold standard’ of corporate governance, even though it affects only corporations listed in the US.

Sarbanes-oxley.

Passing into law in 2002, Sarbanes-Oxley has had a profound impact on businesses worldwide. It increases the governance role of corporate management, accountability in reporting financial results and the maintenance of sound internal controls. Penalties for noncompliance are high for a company’s chief executive officer (CEO) and chief financial officer (CFO), who therefore have an incentive to insist on these strong internal controls.  Some of the main effects of Sarbanes-Oxley have been:

  • 
providing shareholders with more opportunity to monitor and participate in the governance of companies, giving them a say in stock option plans and more access to governance information, and
  • 
establishing a new control and enforcement mechanism whereby CEOs must certify annually that they are not aware of any violation by the company of the corporate governance standards and that the company has established procedures to verify the accuracy and completeness of the information.

 The main provisions of the Act are:

  • establishment of a public company accounting oversight board (PCAOB) to police the auditing profession
  • guidelines to ensure outside director and auditor independence
  • a definition of corporate responsibility and accountability
  • 
a requirement for accurate financial disclosures
  • heavier penalties for corporate fraud and white-collar crime

Independent directors have strictly defined roles and duties:

  • they may have no material relationship with the company and must meet with management at regular intervals; and
  • 
they must make up the majority of the board, and be the only members of a mandatory nominating committee, compensation committee and audit committee.

The role of independent auditors did not go unnoticed in the corporate failures of the early 2000s. The most recent Sarbanes-Oxley amendment defines the activities that independent auditors may no longer offer corporate clients:

  • bookkeeping or other services related to the accounting records of financial statements
  • appraisal or valuation services
  • actuarial services
  • internal audit outsourcing services
  • 
management functions or human resources
  • broker or dealer, investment adviser or investment banking services; and
  • legal services and expert services unrelated to the audit. In addition, to ensure auditor independence and objectivity, any long-serving audit partners must disengage themselves from accounts. 

Sarbanes-oxley impact on treasury.

While not explicitly focused on treasury operations, the implications for treasury lie in terms of control procedures, identification and management of risk, and transparency of reporting. To ensure compliance, those responsible for providing information are held accountable (through sub-certification) for its accuracy and completeness.  In response to the requirements of Sarbanes-Oxley, corporate treasury departments should specifically look to improve operations as follows:

  • identifying the areas where there are risk or control issues inherent in treasury functions, such as market activities, cash transactions, technology, risk management and use of specialised cash management vehicles and techniques
  • 
ensuring policies, procedures and preventative measures (such as segregation of duties, transaction limits, security of transaction origination systems, technology security, mandatory job rotation, and so on) are in place to adequately control treasury processes
  • assisting global governance by providing effective information reporting and transparency for the financial reporting process and ensuring compliance with regulatory requirements, even in a decentralised environment.

Sarbanes-oxley impact on businesses.

SarbanesOxley has had far-reaching effects and generated much debate. Critics maintain the Act is a knee-jerk response to issues already covered by regulations, that it is drafted so broadly that the effect goes far beyond the intended results, and that it destroys value by increasing costs for no gain.  Defenders of the legislation point out that for the first time ever it makes senior corporate management (the CEO and CFO) personally accountable for the governance of the business, and that in many ways the demands of SarbanesOxley are no more than should be expected from best practice corporate governance.

Certainly, the practical burden of Sarbanes-Oxley compliance has made the US capital markets less competitive. Some companies have given up their US listing as a result, and there are moves to review the rules to ease the burden of compliance on businesses. Nevertheless, Sarbanes-Oxley maintains its status as the pre-eminent legislation on corporate governance.

Professional conduct for treasury.

Many organisations publish a code of ethics for treasury professionals. The International Group of Treasury Associations (IGTA) has a code of best practice, the ACT has an ethical code and the Association for Financial Professionals (ASP, a US body) has standards of ethical conduct. The most recent version of the ACT’s ethical code can be found on the website at www.treasurers.org Treasury functions should be carried out in an environment that minimises operational risk, defined by the Basel Committee on Banking Supervision as “the risk of monetary losses resulting from inadequate or failed internal processes, people and systems”.

The treasurer is most concerned about risk of loss through fraud or error and the checklist below is designed to highlight areas and control mechanisms to reduce such risks. A treasury with these controls will be well placed to deal with any challenges it might face in the coming decade.

Will Spinney is ACT technical officer for education wspinney@treasurers.org 

Controlling the treasury environment

[twocol_one]Area[/twocol_one] [twocol_one_last]Controls[/twocol_one_last] [twocol_one]Board policies[/twocol_one] [twocol_one_last]

  • The parameters within which treasury may operate
  • Policy needs to be explicit in terms of the company’s appetite for risk, dealing and authorisation limits on counterparties, positions/exposures, currency, maturities, etc
[/twocol_one_last] [twocol_one]Organisation[/twocol_one] [twocol_one_last]
  • Current orgchart for treasury
  • Complete job descriptions for all functions
  • Duties segregated as much as possible, especially between authorising, verifying, executing, recording, confirming and reconciling transactions
[/twocol_one_last] [twocol_one]Treasury policies[/twocol_one] [twocol_one_last]
  • Current policies/procedures manual for treasury operations
  • Specific policies for high-risk activities such as short-term investing, borrowing, risk management, foreign exchange and electronic payments
[/twocol_one_last] [twocol_one]Treasury policies[/twocol_one] [twocol_one_last]
  • Procedures to protect the confidentiality of information and documentation
  • Procedures to identify and escalate exceptions and extraordinary situations as soon as possible
  • Contingency procedures with providers for continuation of services
[/twocol_one_last] [twocol_one]Management documentation[/twocol_one] [twocol_one_last]
  • Details of what management information reporting is required
  • Timing of reports n Exception reporting requirements
[/twocol_one_last] [twocol_one]Treasury documentation[/twocol_one] [twocol_one_last]
  • Transaction recording providing for accurate accounting, confirmation and audit trails, usually managed within a treasury management system
[/twocol_one_last] [twocol_one]Bank documentation[/twocol_one] [twocol_one_last]
  • Bank account opening documents, letters of instruction and contract documents available
  • Bank account and dealing mandates defining who can undertake/authorise transactions with each bank
  • Up-to-date list of authorised signers, communicated to all banks, with positive acknowledgement where possible. Equivalent for password security or device and PIN security with strict controls over who can do what, records and sharing of passwords
  • Service level agreements
  • When documentation is in a foreign language (such as overseas bank account opening forms), the existence of a certified translation
[/twocol_one_last] [twocol_one]Banking relationships[/twocol_one] [twocol_one_last]
  • Database for all banking contacts, services used, fees/compensation paid, credit facilities, borrowing levels, and prompt review of the account analysis/bank statement
[/twocol_one_last] [twocol_one]Technology[/twocol_one] [twocol_one_last]
  • Review of systems security internally and externally
  • Physical control over access to facilities and systems
  • Contingency plan in place and tested n Regular backups, tested for restore capability
[/twocol_one_last] [twocol_one]Environmental review[/twocol_one] [twocol_one_last]
  • Review of the regulatory environment and any changes that necessitate changes in the treasury functions (such as the impact of Check 21 in the US, or the use of IBANS and BICS in Europe, and the implementation of the Payment Services Directive)
  • Compliance monitoring to ensure procedures are in place, being monitored and still effective
[/twocol_one_last]

Check Also

Al Ansari Exchange to unveil web-based money transfer solution during GITEX Technology Week

 ‘eExchange’ offers 24/7 remittance service at attractive exchange rates; complements Dubai’s drive to become ‘smart’ …

Leave a Reply