The Combined Code on Corporate Governance: Board
committees
This article is based on UK law.
The Combined Code requires a board to have three committees:
remuneration, audit and nomination.
All of these committees should have terms of reference, and
these should be publicly available (usually on the company’s
website).
In each case, the terms should set out clearly what the
committee is to do, stating whether it is to take decisions or
merely make recommendations. A remuneration committee will, in
accordance with the Code’s provisions, commonly have delegated
authority to set the executive directors’ pay. Its proposals will
be discussed with the chairman and/or chief executive, and there
may be a broad policy on directors’ pay agreed with the board, but
the responsibility will lie with the committee not the board. By
contrast, the nomination committee will usually merely make
recommendations to the full board and leave the final decision to
the board as a whole.
The 2003 Combined Code was clear that the audit and remuneration
committees should be made up only of independent non-executive
directors. Neither the chairman (whose independence is
automatically assumed to be compromised after appointment) nor any
executive director should be a member. The nomination committee, by
contrast, just needed a majority of independent non-executives; the
chairman and the chief executive could be members, so long as they
were outnumbered by the independents. The 2006 amendment to the
Code made an important change here: now chairmen may sit on their
own remuneration committees so long as they were deemed to be
independent immediately before their appointment to the chair.
Nonetheless, it still remains the case that another director should
act as chairman of the committee.
Nothing in the Code prevents executive directors, or indeed any
other employee or outside adviser, being invited to attend a
particular committee meeting. So the finance director may commonly
sit in on audit committee meetings – the Code recognises that their
presence will often be necessary and desirable. Likewise, the head
of HR will often be needed at remuneration and nomination committee
meetings. But neither has the right to attend or vote; they are
only there by invitation.
The board may appoint further committees as necessary, either on
a continuing basis to deal with on-going matters (for example,
treasury or risk) or ad hoc to deal with a particular acquisition
or matter of strategy. Many companies will have an executive
committee made up of the chief executive and those who report
directly to him or her but excluding the chairman and the
non-executives. It may meet monthly or weekly and will have daily
executive responsibility for the company’s affairs.
Internal control
“The board should maintain a sound system of
internal control to safeguard shareholders’ investment and the
company’s assets” – main principle C.2.
The Code recommends that the board (or the audit or risk
committee) annually reviews the system of internal controls and
reports to shareholders that it has done so. The review, it says,
should cover “all material controls, including financial,
operational and compliance controls and risk management
systems”.
The Turnbull Guidance suggests ways of applying this part of the
Code. It acknowledges that risk-taking entrepreneurship is an
essential part of any business and that the purpose of internal
controls is to manage risk rather than to try to eliminate it. (In
other words, it says that no system can guard against every adverse
event, but that a sound one can improve the chances of identifying
another Nick Leeson or of spotting the kinds of weaknesses that led
Shell to mis-state its oil reserves.)
The system of internal control needs to be an integral part of
normal business processes. It needs to operate throughout the year:
it should not just be a box-ticking exercise done every 12 months
to keep the compliance officer happy. Since risks change as the
company’s business and the commercial environment in which it
operates change, they must be reviewed and assessed regularly.
The Turnbull Guidance says that:
- the board must set the company’s policies for internal control;
it is then up to management to implement those policies;
- the policies must enable the company to respond to the risks it
faces and so safeguard its assets against loss and fraud, and
identify and manage the liabilities it faces;
- the board (or an audit or risk committee) needs regularly to
ask the right questions and to get the right answers to satisfy
itself that the risks facing the company are being managed
properly. This requires a good system of regular reporting
throughout the company – so that important information from
employees reaches the board.
The annual report needs to describe the system of internal
control and explain any failure to comply with the Turnbull
Guidance.
