MEASURING THE ORGANISATION’S GOVERNANCE EFFORTS (2022-04-21)

---

By Terrance M. Booysen and peer reviewed by Jené Palmer CA(SA)

With South African business confidence indexes at an all-time low over the last three decades, the county’s poor levels of governance have contributed toward multiple country downgrades, loss of foreign investment and the highest recorded levels of unemployment since World War II.

The enforceability of governance codes

Essentially the various reports on Corporate Governance for South Africa (King Codes) have only been recognized by the larger South African corporates and government organisations.  Whilst the reports have changed dramatically over the last two decades, moving from a shareholder-centric to a stakeholder inclusive model, the recommendations for better governance found within the King Codes are exactly that; they are only recommendations and therefore not every company may feel it necessary to adopt or subscribe to them.

Whilst the King Codes have also been cited in South African case law, including a few other international jurisdictions, where boards have been found wanting in respect of not properly fulfilling their fiduciary obligations, at best, judges can only make reference to the recommended practices found with these codes.  Exactly the same challenge applies to any other governance code produced anywhere else in the world, for example the UK Code for Governance (2018) and the German Corporate Governance Code (2019).  None of these codes provide clear guidance on how to measure whether the application of these codes is leading to good governance within the organisation concerned.  This makes it very difficult for a court of law to impose effective sanctions on an organisation or a director for practicing poor governance.  Any sanctions which are imposed are largely subjective and the consequences attached to poor governance vary quite considerably from one judgment to the next.  It is therefore not surprising that many regulatory bodies are also not more proactive in driving (and enforcing) good governance practices across all sectors and industries.

International standards and benchmarking

The introduction of ISO 37000 in the last quarter of 2021 presents an opportunity to change the landscape.  Whilst ISO 37000 is very similar to the governance codes in that it also provides for “principles and key aspects of practices to guide governing bodies (boards) and governing groups on how to meet their responsibilities”, its differentiator is that it is written to serve as a universal standard which will allow key stakeholders to more accurately measure and compare governance performance across all geographies and forms of business.

With ISO 37000 there are also some significant departures from a governance code such as:

	1.		Many governance codes are country-specific and have regional application whereas an international standard is applied as a ‘universal language’ irrespective of where the organisation is established or does business.  It is broadly recognized and measured using the same requirements for compliance and certification across all businesses.
	2.		A governance code is mostly aspirational, and whilst many organisations may work towards the improvement of their governance practices, the ‘act of improving the organisation’s governance’ remains largely subjective in nature.  An international standard, however, identifies specific areas that must be assessed and measured by an independently approved and qualified assurance provider in order to obtain formal certification.  In addition, for the organisation to retain its certification, the continued proper application of the standard must be regularly re-assessed and confirmed.

Following a governance code or being ISO compliant?

It is essential not to confuse a governance code -- such as King IV™ -- with ISO 37000.  Each ‘instrument’ fulfils a very specific purpose within not only the organisation itself, but its key stakeholders too.

Given that governance by its very nature is a complex topic, with myriad nuances, it is important to understand the practical benefits of using a widely accepted international standard which can be used as a common platform for all organisations (regardless of their type, size, location, structure or purpose) to guide and measure the application of good governance making use of comparable reporting indicators.  That being said, organisations must also be cognizant of their respective jurisdictional regulatory and compliance obligations such as the JSE Listing Requirements which specify compliance with King IV™.

Many leading organisations subscribe to the renowned ISO standards such as ISO 27000 and ISO 14000 and there is no doubt that the independent assessment process involved in obtaining and retaining an ISO certification provides an additional level of comfort and assurance to key stakeholders, including investors and regulators.  It is therefore likely that certified early adopters of ISO 37000 will be significantly differentiated from their peers.  In this regard, the increasing pressure being placed by stakeholders on organisations to proactively and positively impact global sustainable development is also likely to fast track the implementation of ISO 37000.  In addition, the adoption of ISO 37000 may also help multi-jurisdictional organisations to simplify the interpretation of different governance codes and apply a common standard of governance across geographies.

Boards will therefore need to carefully consider what makes sense in their business and organisational environment as they strive to ensure that their organisations implement robust governance frameworks which are strategically aligned to their purpose, vision and mission and which offer them a competitive advantage.

New meaning to governance

Although still in its infancy, ISO 37000 has established new benchmarks for assessing governance frameworks across the world.  It has sparked vigorous debates and uncomfortable questions about measuring, auditing and comparing one organisation’s GRC (governance, risk and compliance) inputs and outcomes to another, including assessing their aligned values, profitability and long-term goals.

In South Africa it is mandatory for JSE-listed companies to apply King IV™, however, one wonders how these current requirements may change as the benefits of adopting an international standard become more firmly entrenched?  On the other hand, one also has to consider whether the introduction of ISO 37000 will really help in setting the stage for smaller and non-listed companies to willingly subscribe to the principles of ISO 37000 as the governance playing fields are leveled?

For many reasons, external stakeholders, in particular, are looking for an easy way to assess an organisation’s governance status.  In the face of mounting of pressure, organisations are going to have to consider how they actively demonstrate (as opposed to simply communicate) their GRC status.  The old adage of “what’s not measured is not managed” rings true for board members as calls for accountability strengthen.  Future boardroom discussions will have to include an objective and quantifiable review of the organisation’s actual GRC status (in every area of the business) compared to internationally benchmarked best practice or at the very least, to that of its peers.