The Financial Reporting Council (FRC) has published a consultation paper on changes to the UK Corporate Governance Code. The proposed changes form part of the implementation of the reforms outlined by the government in May 2022, following its 2020 consultation on audit and governance reform.

In this briefing, we summarise the FRC's proposed changes and their potential impact.

1. Background

n March 2021 the UK government published its much anticipated consultation paper on audit and governance reform. The government's response to the feedback received was published in May 2022 and confirmed that significant reform would be made (see our briefing for further details). Some of the reforms, including the creation of the Audit, Reporting and Governance Authority (ARGA) as the successor regulator to the FRC, require primary legislation; the government has indicated that it will introduce a bill into Parliament when parliamentary time permits. Other aspects of the reforms can be taken forward through secondary legislation and amendments to existing guidance and regulations, including the UK Corporate Governance Code (Governance Code).

In July 2022, the FRC published a position paper setting out the steps it would take to implement the reforms, including consulting on changes to the Governance Code. The FRC has now published this consultation paper and has also indicated some of the changes it intends to make to the guidance which accompanies the Governance Code, namely the Guidance on Board Effectiveness, the Guidance on Risk Management, Internal Controls and Related Financial and Business Reporting and the Guidance on Audit Committees (Guidance).

KEY DATES

13 September 2023

 Consultation on changes to the Governance Code closes. Responses to be sent by email to codereview@frc.org.uk

1 January 2025

 FRC anticipates that the revised Governance Code will apply to financial years starting on or after 1 January 2025, to allow sufficient time for companies to implement the revised Governance Code

1 January 2025

 Revised Guidance to be available in time for revised Governance Code becoming applicable

2026

 First reporting pursuant to the revised Governance Code


2. Overview of the consultation

The FRC stated when launching the consultation that this is a limited review, largely focussing on issues relating to internal control, assurance and resilience, in line with the reforms announced by the government in 2022. However, the FRC is also taking the opportunity to address certain issues that have arisen since the Governance Code was last reviewed five years ago, a number of which pick up on themes and comments arising from its annual reviews of corporate governance and reporting. The FRC has therefore drafted the consultation with five main areas of focus:

  1. Effective controls – strengthening the provisions of the Governance Code in relation to the need for a framework of "prudent and effective controls" to improve how companies report on, and evidence the effectiveness of, these controls;
  2. Sustainability and ESG reporting – ensuring that the Governance Code reflects the responsibilities of the board and the audit committee in relation to sustainability and ESG reporting, and assurance of this reporting in line with the company's Audit and Assurance Policy;
  3. Role of audit committee in external audit process – ensuring that the Governance Code reflects the new minimum standard for audit committees in the external audit process (Minimum Standard);
  4. Comply or explain – improving the operation of the "comply or explain" approach of the Governance Code in areas where the FRC has previously identified that reporting could be improved; and
  5. Regulatory reform – aligning the Governance Code with the reforms being implemented by the government, where possible.

The FRC is not proposing to change the structure of the Governance Code, which will still be set out in five sections, with principles and provisions. The proposed changes to each of these sections are summarised below, following the order of the Governance Code. The most significant changes are in Section 4 on audit, risk and internal control. As part of the consultation paper, the FRC has prepared an annotated version of the Governance Code, showing all the proposed changes.

3. Board leadership and company purpose (Section 1)

Introducing a new principle to improve outcomes-based reporting

For the most part the changes in Section 1 are consequential, driven by amendments being made elsewhere in the Governance Code. One significant change however is the insertion of a new principle which requires the board to focus on outcomes when reporting on its governance activities, in order to demonstrate the impact of the board's governance practices and how the Governance Code has been applied in practice.

The FRC notes in the consultation paper that its previous reviews have highlighted that outcomes-based reporting has not been sufficient in the past. The new principle aims to improve this and provide better quality disclosures for investors.

Changes being introduced to the provisions in Section 1 include to:

  • bolster reporting on how environmental and social matters are incorporated into the delivery of the company's strategy, including its climate ambitions and climate transition plans;
  • require boards to report on the effectiveness of measures taken to embed the company's culture (not just what those measures are); and
  • ensure that the outcomes (not just the process) of shareholder engagement during the reporting period are included in the annual report.

4. Division of responsibilities (Section 2)

Strengthening the provision on directors' commitments

There has been increased focus on the issue of overboarding and the number of additional commitments which some directors have. Both institutional investors and proxy advisers (including Glass Lewis and ISS) have set out a maximum number of appointments which they believe directors should take on. The Governance Code already sets out that full-time executive directors should not take on more than one non-executive directorship of a FTSE 100 company or "other significant appointment" (provision 15).

As part of this consultation process, the FRC is proposing to enhance the provisions of the Governance Code to acknowledge the increasing expectations placed on directors' time and to support initiatives to improve board diversity. It does not think it would be appropriate to include in the Governance Code a maximum number of commitments that directors may take on (over and above existing provision 15). Instead, the FRC is proposing two amendments:

  • more disclosure in the annual report – all "significant director appointments" should be listed, along with details of how the director has sufficient time to be an effective board member given these appointments; and
  • external commitments to be part of the board performance review – a proposed change to Section 3 would require the board performance review to include reflection on each director's external commitments and how they are able to devote time to be an effective board member.

The FRC hopes that increased discussion and disclosure in relation to directors' external commitments will help effect positive change.

5. Composition, succession and evaluation (Section 3)

Supporting existing initiatives to improve board diversity & inclusion

Reflecting recommendations from the Chartered Governance Institute on the board evaluation

The changes being introduced to Section 3 are mainly to support work being undertaken by other bodies. Firstly, whilst the Governance Code already contains a number of provisions which reflect the importance of diversity in both board composition and succession planning, the FRC is mindful that there are a number of other initiatives which aim to improve board diversity. The latest of these initiatives are the new provisions in the Listing Rules introduced by the Financial Conduct Authority (FCA) (see our blog post here for more detail on these new requirements). The FRC hopes the changes it is proposing to the Governance Code (including for example a requirement for the annual report to describe the effectiveness of diversity and inclusion policies and progress made towards the company's objectives) will help companies co-ordinate their approach to these initiatives and make better disclosures in relation to board diversity and inclusion.

There is also more focus on succession planning and the role of the nomination committee in developing succession plans, with reporting on this aspect having been identified as weak by the FRC in its recent corporate governance reporting reviews.

Secondly, the Chartered Governance Institute (CGI, formerly ICSA) published a review of independent evaluation of listed company boards in 2021, which contained a number of recommendations to enhance board evaluation and reporting on the process and outcomes. Many of these recommendations impact on the Governance Code and so the FRC is now consulting on changes to incorporate these recommendations, including:

  • adopting the term "board performance review" in place of "board evaluation" to reflect the aim of these reviews as part of a process of on-going improvement, not as a historical lookback; and
  • improving the guidance for companies on how to report on their board performance reviews and bringing in aspects of the draft guidance published by the CGI in 2021.

The FRC is also proposing to clarify in the Governance Code that the chair should actually commission, not just consider commissioning, an externally facilitated review. This change is to reflect that there is now an established market for facilitating external board reviews and there should be no barrier to companies appointing an external facilitator.

6. Audit, risk and internal control (Section 4)

Introducing new disclosure requirements in relation to risk management and internal control systems, including a declaration from the board as to the effectiveness of the risk management and internal control systems

Reflecting new reporting requirements being introduced by the government on resilience statements and audit and assurance policies

The most significant proposals set out in the consultation paper are in relation to Section 4 on audit, risk management and internal control. These focus on:

  1. risk management and internal control systems;
  2. the approach to external assurance;
  3. the role of the audit committee; and
  4. viability and resilience.

Risk management and internal control systems

How to ensure that companies have sufficiently robust risk management and internal control frameworks in place was one of the most high-profile aspects of the government's audit and corporate governance consultation process, attracting media attention and commentary. Having proposed adopting a statutory reporting and external assurance regime (similar to the US Sarbanes-Oxley regime) as one of the options for reform in its 2021 consultation paper, in light of the feedback received, the government decided against this approach. Instead, it asked the FRC to explore ways of strengthening the system through changes to the Governance Code.

Currently, under the Governance Code, the board is required to monitor the company's risk management and internal control systems, and at least once a year conduct a review of the effectiveness of these systems and report on this review in the annual report. This monitoring and review process is required to cover all material controls, stated in the Governance Code as including financial, operational and compliance controls.

The FRC, as requested by the government, is now proposing to require a more explicit confirmation from the board. Under the proposals, the annual report would include:

  • a board declaration as to whether it can "reasonably conclude" that the systems the company has in place for risk management and internal control have been "effective" through the reporting period and up to the date of the annual report;
  • an explanation of the basis for the board declaration, which needs to include details of how the board monitored and reviewed the effectiveness of the systems; and
  • a description of any material weaknesses or failures identified, details of the remedial work being undertaken and the timeframe for this work.

The proposed changes would also make clear that the board is responsible for both establishing and maintaining an effective framework – an on-going process – and that the systems being reviewed should cover "operational, reporting and compliance controls" (emphasis added). The changes expand the scope of the review from financial reporting controls to include narrative reporting as well, a move reflective of the increasingly important information which is contained in non-financial reporting. This is another example of the proposed changes acknowledging the importance of ESG matters as part of corporate strategy and performance, and good governance.

A key part of the proposed new disclosures will be the description of any "material weaknesses" identified. The FRC has indicated that it will revise its existing guidance on internal controls to include discussion of how materiality might be assessed for these purposes, but has made it clear that this is something for individual boards to consider in the context of their own companies. The FRC is also proposing to amend the guidance to set out situations when it may be appropriate for there to be external assurance of the effectiveness of the systems but boards will not be required to state in the declaration whether they intend to obtain such assurance. This will be a matter to be determined when drafting the new, statutory Audit and Assurance Policy (AAP) (see below). The FRC has indicated in the consultation paper the areas that it proposes the updated guidance will cover, including advice for companies on how to report against the proposed new provisions, and it is asking for views on these proposals as part of this consultation process.

The approach to external assurance – the new AAP

The government set out plans to introduce an AAP in its May 2022 response paper, which will apply to companies which meet a certain size threshold1 (750/750 PIEs), and will require the publication of an AAP every three years and an annual report on its implementation. The government did not mandate the scope of external assurance to be sought as part of the reforms (for example, the proposal to require external assurance of the internal controls review process was not taken forward – see above). Instead, in the AAP, companies will need to set out where external assurance will be sought.

The required contents of the AAP will be set out in secondary legislation which is not yet publicly available but the FRC has included a summary of it in Appendix C to the Consultation Paper. In the meantime, the FRC is consulting on where responsibility for the development of the AAP should lie, proposing that the audit committee should have primary responsibility given its overall function (though with input as necessary from the board and other committees).

In an expansion from the government's previously announced reforms, the FRC is proposing that under the Governance Code the obligation to develop and maintain an AAP should apply to all companies (not just 750/750 PIEs), though for non-750/750 PIEs this would be on comply or explain basis. The FRC believes that this approach will better serve stakeholder needs and has the advantage of a single requirement applying to all Governance Code companies.

The role of the audit committee

In addition to their new responsibility for the AAP, the FRC is proposing a number of amendments to the provisions of the Governance Code relating to audit committees including:

  • reflecting the adoption of the Minimum Standard – following a consultation process, the FRC has published a final Minimum Standard for the audit committees in relation to external audit, including the appointment and oversight of external auditors. The Minimum Standard applies to FTSE 350 companies and is stated to apply with immediate effect on a comply or explain basis, pending the primary legislation to create the ARGA being passed (see our blog post here for more details). The FRC is consulting on changes to Governance Code to reflect the publication of the standard and to remove duplication. Although the Minimum Standard will only be mandatory for FTSE 350 companies, the FRC is proposing that non-FTSE 350 companies should follow it on a comply or explain basis;
  • sustainability and ESG reporting – there are proposals throughout the FRC's consultation paper which reflect the growing importance of sustainability and ESG matters, including as a basis for investor decision making. The FRC has noted the need for high quality, reliable, comparable data and for the adoption of good governance practices in relation to these matters. The FRC had considered recommending that companies create a new board sustainability committee but ultimately determined that a better model would be to charge audit committees with oversight for ESG issues. The proposed changes to the Governance Code therefore expressly set out the responsibility of the audit committee in monitoring narrative reporting (including sustainability matters) and the need to report on the audit committee's work in this regard.

Viability and resilience

Another area of concern for the government during its consultation was the effectiveness of the current provisions in the Governance Code on going concern and viability statement reporting. To address these concerns, the government has decided to introduce a requirement for 750/750 PIEs to include a statutory resilience statement in their annual strategic report. This requirement will be introduced by the forthcoming secondary legislation.

In the consultation, the FRC is seeking views on the impact of the proposed new resilience statement on the existing provisions on going concern and viability statements in the Governance Code. The FRC is mindful that a number of companies which currently report under the Governance Code will not be large enough to be 750/750 PIEs and believes therefore that it would create a reporting gap if these provisions were deleted. Instead, the FRC is proposing to retain the provisions but make it clear that companies which include a statutory resilience statement in their strategic report in the form proposed by the government would be considered to be compliant with the equivalent provisions of the Governance Code. The FRC is also taking the opportunity to improve the quality of viability reporting under the Governance Code and is proposing that the form and requirements of the new statutory resilience statement should be the basis for all companies to report on their future prospects, though for non-750/750 PIEs this reporting would be on a comply or explain basis.

7. Remuneration (Section 5)

Improving transparency in relation to malus and clawback arrangements and other remuneration aspects

The government tasked the FRC with introducing provisions into the Governance Code to increase the disclosures made by companies in relation to the malus and clawback arrangements they have in place, so that investors have a better understanding of the circumstances in which remuneration can be withheld or recovered. The FRC expects that the increased transparency arising from its proposed changes will help investors understand what tools companies have at their disposal to seek redress where there has been serious failing and how and when these tools have been used.

The proposed disclosures in the Governance Code go further than the existing requirements of the Investment Association's Principles of Remuneration which state that: "shareholders expect that the Remuneration Committee will set out in the Annual Report how they intend to enforce malus or clawback in the event that the mechanism is needed". The proposed additional disclosures will require a description of the malus and clawback provisions to be included in the annual report, covering aspects such as the minimum circumstances in which the provisions can be used, the minimum period for malus and clawback and why this period is best suited to the company. Full disclosure of whether the provisions have been used in the last reporting period will need to be included, together with details of their use over the last five years.

The FRC is also proposing changes to bolster the requirements that remuneration outcomes should align with company performance strategy and values and the successful delivery of the long-term strategy. In relation to the delivery of the long-term strategy, the FRC expressly highlights ESG objectives as one possible metric. This is a nod to the increasing use of ESG targets in bonus and LTIP arrangements.

Finally, the FRC is consulting on a number of changes to improve the quality of disclosures made in relation to remuneration. Currently, Provisions 40 and 41 together require companies to disclose how the remuneration policy and pay practices address six factors (clarity, simplicity, risk, predictability, proportionality and alignment to culture) but approaches to this disclosure have been varied and inconsistent. It is proposed that this disclosure requirement will be removed so that companies are able report on these factors in a way specific to their own circumstances.

Under the proposed changes, Provision 41 will require companies to explain how the remuneration policy, structures and performance measure selection support company strategy and ESG objectives. However, the expectation that companies frame director remuneration using internal and external measures such as pay gaps and pay ratios has been dropped. Instead, the FRC is proposing that companies should disclose:

  • what engagement with shareholders and the workforce has occurred; and
  • what impact that this has had on remuneration policy and outcomes (including the alignment with executive remuneration and the overall company pay policy).

This change, as well as the proposed requirement to disclose how the company invests in and rewards its workforce, is part of the push to ensure that senior executive pay decisions are made with the overall workforce position in mind.

8. Next steps

The consultation closes on 13 September 2023. The FRC intends that the revised Governance Code will apply from financial years starting on or after 1 January 2025.

The FRC is allowing for a long implementation period to give companies the time needed to reflect the revised Governance Code in their audit and governance procedures. It is also hoped that this will allow time for the necessary primary legislation to create ARGA to be passed by parliament. The government also needs to adopt the secondary legislation on the new reporting requirements, including the resilience statement and the AAP.

The FRC will need to update its Guidance in the light of the proposed changes. Once finalised, the revised Guidance will be published in time for the implementation of the revised Governance Code.

Footnote

1. See our briefing on the government's response paper for details of this threshold.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.