establishing the boundaries of regulation in corporate governance: is the uk moving toward a process...

Business and Society Review

108:4

463–485

© 2003 Center for Business Ethics at Bentley College. Published by Blackwell Publishing, 350 Main Street, Malden, MA 02148, USA, and 9600 Garsington Road, Oxford OX4 2DQ, UK.

Blackwell Publishing LtdOxford, UKBASRBusiness and Society Review© 2003 Center for Business Ethics at Bentley College200310841000Original ArticleESTABLISHING THE BOUNDARIES OF REGULATION IN CORPORATE GOVERNANCE: IS THE UK MOVING TOWARD A PROCESS OF COLLIBRATION?BUSINESS AND SOCIETY REVIEW

Establishing the Boundaries of Regulation in Corporate

Governance: Is the UK Moving Toward a Process

of Collibration?

JAMES KIRKBRIDE

AND

STEVE LETZA

M

uch of the recent debate on corporate governance has cen-tered on practical issues, such as the wide concern aboutcorporate fraud, the abuse of managerial power and,

social irresponsibility. In essence, the debate is about how to solvethese problems in corporate practice. In the UK over the pastdecade a trilogy of committees has reviewed the issue from a widerange of perspectives. Cadbury reviewed financial aspects of corpo-rate governance, Greenbury reviewed remuneration, while Hampelreviewed broader aspects.

1

In addition to the above, three recentreports, the London Stock Exchange Combined Code, the TurnbullReport, and the Higgs Report

2

have been published adding a furtherdimension to the current corporate governance debate in theUK. An examination of these reports confirms the complexity andsophisticated nature of the contemporary debate on corporategovernance. All these reports reflect the UK’s commitment to self-regulation and provide companies with codes of best practice andprinciples of good governance which they are expected to follow.However, the critical question is to what extent can society rely on

James Kirkbride is Professor and Dean, Faculty of Business & Law, Liverpool John MooresUniversity, United Kingdom. Steve Letza is Professor of Corporate Governance, School of Lawand Centre for Director Education, Leeds Metropolitan University, United Kingdom.

464 BUSINESS AND SOCIETY REVIEW

self-regulation as the sole means to ensure good corporate govern-ance such as in the UK? Or would corporate entities be bettergoverned through other means, for example, through statute suchas the Sarbanes-Oxley legislation in the US? If neither of thesemodels is mutually exclusive then what would be the ideal mix oflaw, self-regulation, or even individual company policy (the last ele-ment brought about, at least in part, through the imposition ofmarket forces on individual companies)?

This paper is divided into three major sections. Section I providesan examination of the boundary between the use of legal rules andcodes of best practice in seeking to promote effective corporate govern-ance. Section II reviews the historical developments in self-regulationin the UK over the past decade and introduces the concept of collib-ration, a concept first used in cybernetics to explain how advancedsystems self-adjust to changes in pressure and tensions exerted onthem. It is suggested that corporate governance regulation is nowmoving toward a form of collibration. The final section, section III,synthesizes the findings in sections I and II and suggests a tentativemodel for the development of corporate governance in the future. Butfirst we must consider the role of the market in order to appreciate theevolution of the collibration model and the influence of the tensionsbetween the market and government interference.

The Role of the Market

The principal-agent or finance model, underpinned by agencytheory and financial economics, has played a crucial role in corpo-rate governance theorizing over the second half of the 20th century.This model assumes that the sole purpose of corporations is themaximization of shareholders’ wealth. Underpinning this approachis the notion that shareholders do not have sufficient control andinfluence over managerial action due to their distance from day-to-day operations. Therefore, it proposes regulatory reforms toenhance the power and control of shareholders. Three propositionshave been highlighted in this model, that is, the universal principal-agent relationship, the firm as a nexus of contracts, and the marketfor corporate control.

As the cornerstone of agency theory, the principal-agent relation-ship could exist in any cooperative situation and thus at all levels ofa corporation in which the principal delegates work to the agent

KIRKBRIDE AND LETZA 465

who performs that work on behalf of the principal. Based on theassumption of self-interested human behavior, agency theoryasserts that managers as agents may pursue their own interests atthe expense of the shareholders, giving rise to the so-called agencyproblem. Agency theory assumes that all social relations in eco-nomic interaction can be reduced to a set of contracts between prin-cipals and agents, where the role of contracts serves as a vehiclefor voluntary exchange by individuals/actors. The firm is best des-cribed as a “nexus of contracts” of the principal-agent variety, and,then, the behavior of the firm is just like the behavior of a market—“the outcome of a complex equilibrium process.”

3

To align the interestsof the agent with those of the principal, a contract that containsspecifications of their duties, rewards, and the rights of the princi-pal to monitor corporate performance is required for safeguardingboth the principal and the agent.

For agency theorists, the solution to the agency problem is todetermine the most efficient contract that governs the principal-agent relationship. The question is especially related to whether abehavior-oriented contractual governance (e.g., salaries, hierar-chical governance) is more efficient than an outcome-orientedcontractual governance (e.g., commissions, stock options, transferof property rights, markets for corporate control).

4

For agencyanalysts, such market-oriented governance structures, as bothinternal and external managerial labor markets, can best dis-cipline agents’ behavior. Financial theorists, however, claim thatsince managerial behavior could be highly constrained by thepressures of capital markets, factor markets and the marketfor corporate control can best address the issue of manage-ment underperformance.

5

The advocates of this model insist thatcurrent corporate governance mechanisms should be allowed tooperate freely and that any interference with the market govern-ance mechanisms is irrational and is likely to have a distortingeffect.

6

Despite the very powerful theoretical arguments in support ofthe market mechanism as a controlling device, current empiricalevidence,

7

together with persuasive anecdotal evidence, includingthe collapse of large corporations (for example, Enron and World-Com), suggests that society cannot solely rely on the market mech-anism and that additional corporate governance measures arerequired.


I SELF-REGULATION AND THE LAW—ESTABLISHING THE BOUNDARIES

Announcing the company law reform project in March 1998, thethen President of the Board of Trade Margaret Beckett declared adetermination to “ensure that a framework of company law which isup-to-date, competitive and designed for the next century”

8

shouldbe forthcoming. An essential feature of the drive for competitive-ness in the corporate sphere was the need to consider the role andusefulness of Codes of Conduct and Governance. There exists opin-ion, supported by a number of studies,

9

that governance throughself-regulatory codes that include a focus on social, ethical, andenvironmental issues is likely to reduce the need for governmentinterference and will also contribute to the creation of greatershareholder value.

The relationship between Codes of Practice and Company Lawwas identified as an issue for further consideration in the 1998paper of the

Modern Company Law Review (MCLR)

.

10

It was acknow-ledged that Codes of Practice, in particular the Combined Code thathad been introduced, were working well, but that some legal under-pinning through legislation might be required in the future,

11

a viewconfirmed by Stephen Byers.

12

Despite the general support for codes of practice, the 1998 paperdeclared that a fresh look at the situation was still required and thatthis would include the need to consider the proper relationship be-tween company law and nonstatutory standards of corporate behavior.

The paper also rehearsed the perceived advantages and dis-advantages of nonstatutory regulation, namely, the advantages offlexibility in the development of rules but also its drawback of a lackof precision. Other disadvantages identified included a lack of tran-sparency and uncertainties over enforcement. Concerns were alsoexpressed over the tension between the role of nongovernmentalregulators and their responsibilities for administering a wideningrange of rules and a need to look at the independence and moni-toring of those regulators.

This led to the articulation of three questions for furtherconsideration:

Is the inclination to move more in the direction of “nonstatutoryregulation” correct? (Question 37)


How could the present arrangements for allocating jurisdictionbetween regulatory bodies . . . be simplified while improving, or atleast preserving, their efficacy? (Question 38)

Are there specific areas where there is a case for changing thepresent allocation of roles and functions and/or the extent towhich statutory recognition or support is conferred on non-governmental institutions? (Question 39)

Debate was taken further in the March 2000 DTI Consultationdocument

13

where the view was expressed that

there are four important related questions on the CombinedCode:

• Is the effect of the code beneficial, that is to say, in our termsdoes it or is it likely to contribute to a climate where companiesdeliver optimal creation of wealth?

• Is there an adequate level of compliance?

• Are there ways in which its substantive provisions can beimproved?

• Would other mechanisms for implementation and enforce-ment be more effective?”

This resulted in the formulation of a broad question issued forconsultation, “Does your experience or evidence of which you areaware, indicate that the effect of the Corporate Governance Codeshas been beneficial in assisting wealth generation by companies orin other ways? If not, do you think that the response should be tostrengthen the combined code provisions (and if so, how) or whatother responses should there be?”

At the same time the establishment of a Working Group wasannounced, the “Boundaries Working Group.” This was required toconsider the best allocation between primary and secondary legis-lation, delegated rules and best practice, and the role and iden-tification of organizations that can best lay down, interpret, and enforcethe requirements in each field.

The existence of a Boundaries Working Group and the recog-nition of the flexibility of best practice and need to consider account-ability and governance in promoting competition were interestingingredients in the consultative documents of the

Modern CompanyLaw Review.


The whole issue of regulation by best practice and nonstatutorycodes invites a reflection upon the contributions and achievementsof corporate governance thus far in the UK. As part of this paper weconsider the boundaries issue and the nature and use of codes ofbest practice. More specifically within the latter context we examinethe contributions of Turnbull (1999) as a mechanism to ensure thatbest practice risk management is used to enhance the competitive-ness and accountability of UK companies.

14

It will be interesting toconsider how this fits with the public policy influences on the regu-lation and duration of corporate governance in the UK.

Why Do the Boundaries Exist?

Lord Hoffmann speaking extra-judicially has attempted to identifythe existence of a role and function for three layers of control.

15

Atthe first level there exists the bedrock of duties owed by directorsat common law and equity. The second layer imposes a number ofspecific statutory duties intended to reinforce the duties at commonlaw. The final layer specifies duties under the self-regulatory codeswhich are perceived by Hoffmann as intending to reinforce commonlaw duties in areas not thought suitable for legislation. Hoffmannsuggests that this third layer of control emanates from the deficien-cies of the preceding layers and that self-regulatory duties havebecome more prominent in recent years. In support of his analysisHoffmann refers to the Cadbury, Greenbury, and Hampel Codeswhich then resulted in the combined code of Corporate Governance(which has been given force through the medium of the listingrules). This nonstatutory self-regulation is cited by Hoffmann asbeing a major and important source of the duties of directors.

An interesting aspect of the analysis presented by Hoffmann isthe perceived relationship between common law directors’ dutiesand the self-regulatory code. He states that

like the statutory layer, the self-regulatory layer even tries toreinforce the common law duties of care and skill. For exampleby the provisions in the combined code which requires a boardto meet regularly, receive adequate information on which tomake decisions, and providing that directors appointed for thefirst time to the board of a listed company should receive sometraining for the job.

16


The opinion presented is that the operation of the codes and thesanctions

has been remarkably effective

. In an attempt to rationa-lize the three-tier structure, Hoffmann poses and seeks to answerthe fundamental question of “why do we have these rules at all?”Two answers are presented:

The first answer is to give effect to moral principles of fairdealing, acknowledging that it is morally wrong that a directorshould secretly enrich himself at the shareholder’s expenseand so the law is there to preserve the moral stance for oursociety. The second answer is an economic one, recognisingthat a capitalist society depends on people who have wealthbeing able to allow other people to put it to profitable use ontheir behalf. This is reflected in the Economists view of agencycosts and the costs of separating ownership from control.

17

The conclusion from Hoffmann’s analysis is that the law has tostrike a careful balance between encouraging virtue and therebynot inhibiting good management and enterprise. The latter isachieved through the three layers of regulation and control. Legalprinciples have developed, or should be developed, which encour-age agents (i.e., directors) to be loyal in their management of a com-pany, to show proper skill and care, and to reduce the need towatch over them at all times. It is the three-tiered approach thatseeks to achieve this.

Hoffmann’s views provide some rationale for the development ofa legal framework in which directors and companies must operate.However, they fail to identify, or explain, the precise boundariesbetween the various tiers and layers of control. Nevertheless thepositioning and precision of those boundaries has been discussedby others who have contributed to the

MCLR

papers.For example, Deakin and Cook have presented an analytical

review of regulatory theory which enables them to conclude that therelevant issues of the company law framework cannot meaningfullybe phrased in terms of a choice between government regulationsand free market.

18

They suggest that the important questions are:

Is it a form of self regulation in the context in question? Whatis the nature of the links between self regulation and legalregulation? and How can legal rules be formulated so as toencourage self regulation as a means of meeting the goals ofpublic policy?

19


These questions were formulated following an analysis thatsuggested that a neat fit into the earlier developed concepts of co-regulation, deregulation, self-regulation, and enforced regulation wasnot apparent. It was clear from the analysis presented by Deakinand Cook, and from earlier works,

20

that there needs to be a recog-nition of the varieties of regulation and self-regulation and someunderstanding of how they operate in relation to commercial activ-ity and public policy in order to understand the framework and theboundaries within the framework of regulations. It is this mix, thisinterplay that works to assist or impede solution of the policy prob-lem, a policy that appears to rely on the persuasive powers of“threats, fears, and phobias.”

Public Policy and Market Interference

It is the link between public policy and the regulation of governancethat provides an insight into the power of fear in this area. Fears ofwhat government might do in the UK have centered on the evolvingpolicies during the 20th century of active government interventionin the market through the regulation of the City (the financial“heart” of London) and through the public ownership of industry.

The issue of public ownership has influenced corporate govern-ance in several ways. First, the threat of taking industry into publicownership has encouraged a shareholder property rather than anownership-responsibility perspective. An ownership-responsibilityperspective would encourage a “voice” approach to governance withactive questioning of management. A property perspective encour-aged silent speculative buying and selling. Secondly, it appears thatthe possibility of public ownership encouraged owners not to tradein the shares of underperforming companies which acted to distortthe operation of the market mechanism. The prospect of a publicbuy-out would encourage shareholders to hold onto shares in theanticipation and hope of obtaining better-price from governmentrather than from the market. The infamous case of British Leylandin 1975 is an example of this.

The relationship between government and financial institutionsduring the 20th century had been one of threats and inaction, andit is in this relationship where we see “fears and threats” resultingin the development of self-regulation. The “fears and threats” hadranged from threats of public ownership (in the postwar years and


in the 1970s) through to suggestions (in the l930s, l960s, and morerecently) that if the City did not put its own house in order, govern-ment would intervene. In some areas this “fear” has been an effec-tive mechanism for prompting change. For example, it was the City(through the banks and major financial institutions) rather thangovernment that introduced a take-over code of practice in thel960s in response to fears that if it did not implement its own code,then government would do so. There are other instances of changesat the margin, industry in the corporate governance arena, thathave kept at bay government regulation.

Thus the MCLR approach of “fear and threat” of governmentinterference and regulation was consistent with the “fear andthreat” agenda for change experienced by businesses and the marketthrough public policy initiatives throughout the 20th century. How-ever, what is often overlooked is the consequence of these publicpolicy initiatives for the developing system of corporate governance.We have already mentioned the distorting effects of public owner-ship on the operation of the market mechanism. It has been sug-gested that public policy in the United Kingdom has tested, tried,but never fully worked through whether corporate governanceshould be left to the market or be the rightful domain for govern-ment intervention or regulation. The conclusions of the MCLRadvance this uncertainty. The introduction of a new regulatorybody, the Standards Board, charged with overseeing the operationof the code and to bring forth recommendations for change, repre-sents a further step toward government intervention but is temperedby the industry-based discussions and processes to be adoptedby the Board—another step of uncertainty and compromise.

A further consequence for corporate governance of these publicpolicy initiatives has been to confirm and increase the emphasison share ownership as conferring rights rather than imposing res-ponsibilities. The various “threats” of the policy have acted to dis-suade, in particular, institutions from pursuing the responsibilitiesof ownership. There has been a clear emphasis on shareholder rights.

It is against this background of the failure and lack of incentive inthe external market mechanism for the control of corporate govern-ance that the codes of best practice have focused on internal con-trols and internal enforcement. In the next section we examine thedevelopment of these codes and suggest that there has been a shiftin the role and focus of regulation in this area. This is a “shift” that


represents a collibration approach to regulation, supported by anemerging policy of encouraging and supporting risk managementand entrepreneurial growth.

II THE DECADE OF SELF-REGULATION IN CORPORATE GOVERNANCE

The Cadbury Committee was established in 1991 following a seriesof high-profile public scandals including, for example, MaxwellCommunications Corporation, Polly Peck, and Bank of Credit andCommerce International (BCCI). The remit of the committee was toconsider the financial aspects of corporate governance only, andthe focus of the Committee’s work was centered on the following:

• Examining the roles and responsibilities of executive and non-executive directors with regard to reporting on performance toshareholders and other financially interested parties.

• The principal responsibilities of auditors and the extent andvalue of the audit.

• The linkage between shareholders, boards of directors, and auditors.

The Cadbury Report advocated compliance with a voluntarycode, coupled with disclosure, in the belief that such an approachwould be more effective than statutory regulation and would also bemore likely to facilitate good corporate governance without undulyrestricting corporations from conducting business competitively inthe marketplace.

The Cadbury Report was acknowledged as a landmark develop-ment in corporate governance both in the UK and internationally,and significantly raised the profile of corporate governance through-out the UK. The vast majority of commentators have suggestedthat the Cadbury Report was effective in raising awareness of corpo-rate governance. However, there is also the view that the committeewas formed as a reaction to events that had taken place in the busi-ness world and that the resulting guidelines could only be limited inapplication. A critical question needs to be asked. Did the CadburyReport eliminate the possibility of a public scandal on the scale ofMaxwell Communications Corporation ever happening again? Theoverwhelming view of commentators is that such a scandal is still


possible. Within this context, arguably, the Cadbury Report achievedonly limited success. Perhaps the reactionary approach needed tobe augmented by a more proactive approach.

The second report in the trilogy, the Greenbury Report,

21

illus-trated yet again the reactive nature of the contemporary corporategovernance debate. The narrow focus solely on directors’ remuner-ation gave the impression of reacting to tabloid newspaper frenzyabout “fat cat” salaries of company directors, particularly directorsof the privatized utilities. During the 1990s high salaries and shareoptions for company directors appeared to be out of step with com-pany performance and with the accompanying call for workforcecutbacks and employee pay restraints. The Greenbury Report didnot answer the public’s request for top company directors’ payrestraint but instead stressed accountability and full disclosureof directors’ remuneration. Bizarre though it may seem, comment-ators have suggested that the Greenbury Report, insisting as it doeson the full disclosure of directors’ remuneration, has actually led toa ratcheting up of directors’ remuneration, a result completely con-tradictory to the public’s demands.

The third committee in the trilogy, the Hampel Committee, tooka completely different view to that of their predecessors.

22

Hampelacknowledged corporate failure and unjustified compensationpackages in the privatized utilities as drivers for Cadbury’s andGreenbury’s primary focus on the prevention of abuse. However,the Hampel Report suggested that it was now time to take a moreproactive perspective and to look for a more positive contributionfrom corporate governance. Hampel saw a shift toward the broaderview, emphasizing internal control and risk management, but wasnot clear on how the board was best able to deliver good internal controland risk management. The effective communication of informationthrough the company, in order to ensure the best informed decision-making possible, underpinned this stance. Hampel spoke in termsof principles of good corporate governance rather than rules.

According to MacLean,

23

interest in corporate governance in theearly 1990s emerged from

[t]he convergence of a number of contentious issues includingthe incidents of business scandal, remuneration controversies,a growing number of acquisitions and mergers and the spreadof privatisation.


It is doubtful whether each aspect on its own could have actedas a catalyst for the adoption of such a formal approach to theissue. However, taken together the processes and events outlined byMacLean resulted in both a clear need for action on corporate govern-ance and the will to take such action. Perhaps the director callingfor externally imposed regulation as a substitute for apparently in-effective self-regulation explains this development. The CadburyReport explicitly argued that compliance based on the voluntarycode would be more effective than a statutory code, as potentiallythe latter might lead to organizations complying with the “letter,and rather than that the spirit of the code.” Cadbury asserted thatthe basic system of corporate governance in Britain was sound,with well-known and widely followed principles.

Following on from Hampel, the London Stock Exchange pro-duced its own code, the London Stock Exchange Combined Code.This code effectively acted as a consolidation of the trilogy with theadded dimensions of the final report to date on Corporate Govern-ance, the Turnbull Report.

III A PIVOTAL POINT IN CORPORATE GOVERNANCE: THE TURNBULL REPORT

The Turnbull Report

24

marks a watershed in corporate governance,a coming of age so to speak, in that for the first time in all of theinvestigations into the practice of corporate governance in Britain,risk is explicitly included and articulated. The key features of thecode with respect to internal control focus upon the following:

• The protection of shareholders’ investment and company assetsthrough sound systems of control.

• Regular reviews of the effectiveness of controls and specificallyon finance, operations, compliance, and risk management.

• The need for companies to regularly review the need for an inter-nal audit function, where one is not present.

In addition, the London Stock Exchange demands that compa-nies incorporated in Britain explain (in the annual reports andaccounts) how they have applied these and other principles andprovisions, and over what time scale. Possibly in an attempt to


soften the strictures this places on firms, the structure and contentis left up to the companies.

A main objective of the guidance is to encourage and reflectsound business practice by more fully embedding control in busi-ness processes. In addition, the guidance aims to maintain rele-vance through reflecting change in the business context and toallow companies flexibility in interpreting and implementing therequirements. At the heart of this approach is a firm emphasis onrisk management and the need to incorporate it into governanceand management processes. That such considerations must not bea separate exercise undertaken to comply with regulations is madeabundantly clear.

In short, Turnbull is focused upon the maximization of share-holder wealth through the management of risk in pursuit of corpo-rate objectives. The basic aim is to ensure, as far as possible,operational effectiveness and efficiency, and reliability of internaland external reporting and compliance. The importance of effectivefinancial control is heavily emphasized, with a particular focusupon financial risk exposure. However, the “risk net” is spreadwider to suggest that a broader span of risks be considered on a regu-lar basis. The aim is not “zero risk” but rather a healthy level of“controlled” risk, through maintaining awareness of threats andopportunities as they both arise and fall in the environment inwhich the company operates. Business is increasingly risky; theessence of good governance is informed risk, according to Turnbull.Of course, good management involves much more than this andcombines informed risk-taking with good judgment, good decision-making, and good leadership skills and a healthy dose of integrity.The Turnbull Report is concerned with governance and focuses onthe risk aspects and consequently does not embrace the wider andequally important issues above. For example, compare Enron withthe recent Johnson and Johnson Tylenol incident. The executivedirectors in Enron knew the risks they were running but continuedright through to the bitter end, even in the face of corporate failure.The directors in Johnson and Johnson, on the other hand, decidedto withdraw all Tylenol from retail sale because it simply was theright thing to do. Perhaps this action was in the long-term interestof preserving the Johnson and Johnson brand name, but undoubt-edly, the action had a major negative impact on the financial resultsshort-term. The aim of these elements of the combined code is to


better provide information to decision-makers; in other words, thismarks a shift from the “only downside risk mentality” that plaguesmuch of business. Hence, in implementing Turnbull, organizationsshould also be able to undertake opportunities they might previ-ously have passed over, since they should have a fuller picture oftheir risk exposures, and how they fit with their overall business.

From Reaction to “Pro-Action”: Implementing Turnbull

The aim of implementing Turnbull is to link risk and internalcontrol with business objectives (see Figure 1). At first glance thisapparently adds up to little more than reemphasizing the impor-tance of risk in developing business policy, and this indeed is atleast partly true. However, where in the past senior management

FIGURE 1 Linking Corporate Governance, Risk and Control with Business Objectives


might have been expected to “take risk into consideration,” thearchetypal risk management process (identify, analyze, and miti-gate) is now much more explicitly a part of the strategic planningand implementation cycle.

If this process is a critical addition, then the acknowledgment ofthe need to effect cultural change is doubly so and our attentionwill turn to this shortly, although we should now note the impor-tance of consultation in initiating such change. The notion of devel-oping an “early warning system” is also a notable amendment,and one that relies heavily upon cultural issues. Any number ofbanking failures have demonstrated just how easy it is to miss sig-nals of “impending doom”; Barings and the Bank of Credit and Com-merce International are noteworthy examples.

25

Finally, the needfor good reporting is very specific and lies at the core of the com-bined code, complementing the need for consultation. Risk man-agement and communication are inextricably tied, both in termsof the “language of risk” as much as the management of risk-relatedinformation.

26

In short, if Turnbull is implemented astutely, firms will find iteasier to tackle common barriers to effective risk management:

• Culture and trust

• Expert versus non-expert perceptions of risk

• The language of risk

• The management of risk-related information

• The problems of accessing tacit knowledge of risk

As with other strategic initiatives (for example, quality or the envir-onment) the danger is that companies might regard the require-ments of the combined code as “yet another bureaucratic hurdle,”which is regarded largely as a “paper chase.” As the Institute ofChartered Accountants in England and Wales notes:

There are few benefits to be gained from treating effective riskmanagement and internal control as merely a regulatoryrequirement.

27

Better surely is to take the chance to exploit what is a powerfulnew tool of business; the benefits of this initiative are exploredshortly. However, perhaps largest amongst the changes implicitlyrequired by Turnbull is the requirement for cultural change in order


to focus upon the fundamentals of good risk management andinternal controls. Cultural changes are likely to involve short-termcosts to the organization; however, the advantages to flow from pos-itive cultural changes will have a substantial impact on organiza-tional performance, including financial results in the long termwhich far outweighs the short-term costs.

“Ownership”: Embedding Risk in Corporate Culture

The impact of organizational culture on risk exposures is relativelywell established.

28

The current orthodoxy as represented in reac-tionary or “homeostatic” risk management tends to be built uponand reinforces organizational cultures that

29

• Accept systems failures as unpredictable and the anticipation ofsuch failures as a waste of resources (so-called

resilienism

)

• Believe in targeted

blame

as a strong incentive for taking care onthe part of decision-makers

• Blindly accept

quantification

as the sole means of promotingunderstanding and rationality

• See no secure knowledge base or real market for institutionaldesign that might counter risk exposures (“

design-agnosticism

”)

• Demand that risk be explicitly

traded off

against other goals

• Believe that discussion of risk is most effective when confined toexpert participants (“

narrow participationism

”)

• Believe that the regulatory process should concentrate on speci-fying structures or products (“

outcome specificationism

”)

These each reflect the closed, reactive nature of managementsystems that are pushed by events that are regarded as out of thecontrol of the organization.

What Turnbull effectively advocates is the adoption of an open,proactive approach, known variously as holistic or collibrationalrisk management. Such an approach is embedded in culturesthat

30

• Apply causal knowledge of systems failure to ex ante actions orbetter risk management, so

anticipating

hazard eventuation

• Adopt a “no-fault” approach to blame that avoids distortion ofinformation and helps learning (“

absolution

”)


• Give proper weight to inherently unquantifiable,

qualitative fac-tors in risk management, whilst acknowledging the value of theintelligent use of quantification

• Apply the accumulated knowledge of hazards, risks, and hazardeventuation to design risk mitigation measures into the organiza-tion (“designism”)

• Believe that financial and nonfinancial risk-related goals comple-ment each other in good management

• Realize broad participation in risk-related discussions bettertests assumptions and avoids errors

• Believe that the regulatory process should concentrate on speci-fying industrial processes (“process specificationism”)

In comparing the two cultures, differences are readily apparent.In holistic risk management emphasis falls on the need for preven-tion rather than a cure, through anticipation, good organizationaldesign, and the specification of processes. So too the acknowledg-ment of the importance of qualitative factors in risk management ismade in the proactive approach (very much aligned with the familyof operational hazards). Yet perhaps the strongest message in thisapproach, and one that comes through from Turnbull,31 in a markedmove away from the 1988 Hampel Report, is the need to involve andconsult as broadly as possible. What such consultation effects is acultural change that effectively embeds risk within the organiza-tional gestalt. Risk management becomes endemic and people takeownership (either consciously or subconsciously) of the risks thatthey are most commonly exposed to. This is a marked change and onethat may prove difficult for less confident senior managers to accept.While the above principles are difficult to identify in any one company,in practice they are given as “ideals” for companies to aspire to.

The Value of Raising Awareness of Risk

The orthodox view of benefits from the 1999 Turnbull Report hasbenefits accruing almost purely to the business and its sharehold-ers.32 Whilst we agree that such benefit is bound to follow anincreased focus on risk, we contend that the benefits of taking arisk-based approach to governance are much broader. Outside ofthe direct benefits to the firm and its shareholders, we see mainly


indirect benefits to additional beneficiaries (see Figure 2). To stake-holders such as employees, suppliers, and buyers these equate toimprovement in the quality of employment, increased demand, andhigher-quality products. To society we see improvements in areassuch as lower impact on health care services because of improvedhealth and safety records, the stimulation of competition, increasedtax income, increased employment, and fewer catastrophes.Although not indicated in the figure, the natural environment ulti-mately should also benefit, because of a lower incidence of environ-mental problems and more effective use of resources.

In broad terms what this adds up to is a marked shift from short-term to long-term value added and moreover “total” value added,not just the narrowly defined interests of shareholders. This repre-sents a remarkable paradigm shift for management at the mostsenior level.

FIGURE 2 Benefits of Effective Risk Management and Internal Control


The combined code is a recent innovation and will take some timeto show positive benefit.

CONCLUSION

Essentially, developments in corporate governance are taking placein three areas—legal, self-regulatory, and in-company. In Britainthe Modern Company Law Review represents the legal develop-ments, the London Stock Exchange Combined Code represents theself-regulatory development, and in-company a whole range ofdevelopments are taking place, underpinned by the discipliningforces of the market. Examples include internal control, informa-tion management systems, performance measurement systems,statements of corporate values, and so-called open governanceapproaches which effectively democratize management processes.Figure 3, the onion model, illustrates the three layers of corporategovernance which lie within the market environment.

The Evolution of Corporate Governance during the 1990s

We would argue that developments in corporate governance overmost of the 1990s was dominated by an inappropriate homeostaticcontrol paradigm. Essentially our observation is that, under thisparadigm, governance, policy, and performance are all influencedin the manner of “simple” feedback by the context in which theyoperate (see Figure 4). By its very nature this mode of governanceinhibits effective management and so restricts clear communica-tion and management of the corporate entity.

A more appropriate system of corporate governance is one that isgrounded in the collibrational paradigm (see Figure 5). Openness,communication, involvement, and anticipation are the key watch-words in such a system.

It is not simple to operationalize such a complex system. Thiswould involve balancing out inter-relationships, relying as much onfeed-forward as feedback control. However, aside from adoptingstructures and policies that can encourage the development of a riskmanagement culture (as discussed), a start-point may lie in takinga different approach to corporate performance measurement.33

By accounting for the contribution of risk management in corporate


FIGURE 3 The Onion Model

FIGURE 4 Homeostatic Control


performance and relating that to issues of the performance ofcorporate governors, we should be able to develop a much-improvedpicture of corporate risk. Within that we can encourage a more effec-tive approach to the assessment of the governance of risk manage-ment and use the framework and detail of Turnbull as a catalystfor the development of more responsive and participatory regula-tion. It is now up to the firms and the parties to the inter-relationshipcreated or encouraged by Turnbull to invest the resources and com-mitment to provide a meaningful contribution to the governanceof risk and, we hope, to the jurisprudence of corporate governancegenerally.

NOTES

1. Cadbury 1992 Report of the Committee on the Financial Aspects ofCorporate Governance (London: Gee); Greenbury Committee Report 1995,“Directors’ Remuneration,” Report of a Study Group chaired by Sir RichardGreenbury (London: Gee); Hampel 1998 Final Report of the Committee onCorporate Governance (London: Gee).

FIGURE 5 Collibrational Management


2. Turnbull Report (1999), “Internal Control: Evidence for directorsof listed companies incorporated in the United Kingdom,” (London: ICAEW);Higgs 2003 Review of the role and effectiveness of non-executive directors(DTI, London).

3. M. C. Jensen and W. H. Meckling, “Theory of the Firm: ManagerialBehaviour, Agency Costs, and Ownership Structure,” Journal of Financial

Economics 3 (1976):305–60.4. K. M. Eisenhardt, “Agency Theory: An Assessment and Review,”

Academy of Management Review 14(1) (1989):57–74.5. E.g., H. G. Manne, “Mergers and the Market for Corporate Control,”

Journal of Political Economy 75 (1965):110–26; E. Fama, “Agency Prob-lems and Residual Claims,” Journal of Law and Economics 26 (1980):327–52.

6. O. Hart, “Corporate Governance: Some Theory and Implications,”Economic Journal 105(May) (1995):678–89.

7. S. Letza, P. Hardwick, and J. Ashton, “Who disciplines managementin poorly performing companies? An updated study,” Company Law Review

Report, 2000, DTI, UK; J. Franks and L. Renneboog, “Who disciplinesmanagement in poorly performing companies?” Unpublished DTI report,1999, UK.

8. MCLR, 1998, “Modern Company Law for a Competitive Economy,”DTO, March 1998, London.

9. P. Desmond, “Twenty-First Century Investing Conclusions,” fromthe five dinner dialogues. Paper presented at the 3rd International Confer-ence on Corporate Governance and Direction, October 2000, Henley.

10. MCLR, 1998; MCLR, 1999, “Modern Company Law for a CompetitiveEconomy—the Strategic Framework,” DTI, February 1999, London; MCLR,

2000, “Modern Company Law for a Competitive Economy—Developing theFramework,” DTI, March 2000, London; MCLR, 2001, “Modern CompanyLaw for a Competitive Economy,” Final Report, June 2001, London.

11. See MCLR, 1998, para. 5.3.12. S. Byers, TUC/IPPR Seminar on Corporate Governance, 7 June

2000 (see www.dti.gov.uk).13. MCLR, 2000. 14. Turnbull Report, 1999.15. Lord L. Hoffmann, “Duties of Company Directors,” Annual Lecture,

Centre for Law and Business, University of Manchester, 13 November1998.

16. Ibid., 4.17. Ibid., 5.


18. S. Deakin and J. Cook, “Economic Effects of Criminal and CivilSanctions in the Context of Company Law,” 2000 (see www.dti.gov.uk/cld/review.htm).

19. Ibid., ch. 9.20. I. Ayres and J. Braithwaite, Responsive Regulation (Oxford: Oxford

University Press, 1992); R. Baldwin, “Why Rules Don’t Work,” MLR 53(1990):321; R. Kagan, “Understanding Regulatory Enforcement,” Law

and Policy 11 (1989):89.21. Greenbury Committee Report, 1995.22. Hampel Report, 1998. 23. M. MacLean, “Corporate Governance in France and the UK: Long-

Term Perspectives on Contemporary Institutional Arrangements,” Business

History 41(1) (1999):88–116.24. Turnbull Report, 1999.25. See E. Stead and C. Smallman, “Understanding Financial Fraud:

Learning and Unlearning Lessons from Industrial Crises,” Journal of Con-

tingencies and Crisis Management 7(1) (March 1999):1–18.26. C. Smallman, “Knowledge Management as Risk Management: A

Need for Open Governance?” Risk Management: An International Journal

1(4) (1999):12–14.27. ICAEW, “Internal Control: Guidance for Directors on the Combined

Code” (London: ICAEW, 1999), 5.28. C. Smallman, “Knowledge Management as Risk Management.”29. C. Smallman, “Challenging the Orthodoxy in Risk Management,”

Safety Science 22(1–3) (1996):255–57.30. Ibid.31. Turnbull Report, 1999.32. ICAEW, “Implementing Turnbull: A Boardroom Briefing,” The Cen-

tre for Business Performance (London: ICAEW, 1999).33. R. S. Kaplan and D. P. Norton, “The Balanced Scorecard Measures

That Drive Performance,” Harvard Business Review (January–February1992):71–79; “Putting the Balanced Scorecard to Work,” Harvard Business

Review (September–October 1993):135–47; “Using the Balanced Scorecardas a Strategic Management System,” Harvard Business Review (January–February 1996):75–85.

establishing the boundaries of regulation in corporate governance: is the uk moving toward a process...

Documents