A New US Corporate Governance Code?

Key Takeaways

• Corporate Governance Codes Globally: Many countries, including the UK, South Africa, and Japan, have established corporate governance codes, but the US does not have a formal code yet.
• New COSO Framework: The COSO framework, developed in collaboration with the NACD and PwC, offers a corporate governance framework with 24 principles under six components: Oversight, Strategy, Culture, People, Communication, and Resilience.
• Framework vs. Code: Unlike a formal code, this is a framework without binding authority, intended to provide guidance rather than enforceable rules.
• Lack of Depth: While the framework covers broad governance concepts, it lacks the depth needed for a comprehensive assessment of corporate governance practices, with many points remaining high-level.

Deep Dive

In this article, Norman Marks explores the absence of a formal US corporate governance code, unlike those adopted in other countries such as the UK, Japan, and South Africa. Marks discusses the newly introduced COSO Corporate Governance Framework, a collaboration with the National Association of Corporate Directors (NACD) and PwC, designed to guide organizations in enhancing their governance practices. While the framework offers valuable principles across six key components, Marks highlights its limitations, particularly its lack of enforceable authority and depth compared to a full-fledged governance code. This piece delves into the implications of the framework and raises important questions about the need for a US corporate governance code.

The Need for a US Corporate Governance Code and the COSO Framework

Many countries around the world have adopted a corporate governance code, including:

• South Africa: King IV Code from the Institute of Directors (my favorite)
• United Kingdom: The Financial Reporting Council’s Corporate Governance Code
• Netherlands: Dutch Corporate Governance Code
• Germany: The German Corporate Governance Code
• France: Corporate Governance Code for Listed Corporations
• Singapore: Code of Corporate Governance
• Japan: Corporate Governance Code
• Malaysia: Code on Corporate Governance
• Italy: Corporate Governance Code

However, the United States does not have one—yet.

There are elements of corporate governance embedded in US legislation, such as the Securities Act of 1933 and the Securities Exchange Act of 1934. Additionally, the NYSE and Nasdaq exchanges have listing requirements. But to establish a formal code similar to those in other countries, it will likely require another Act of Congress, along with enabling rules from the SEC. Whether that will ever happen is still up for speculation.

A Nascent Corporate Governance Framework

While a comprehensive US Corporate Governance Code may still be a distant possibility, a new framework has emerged.

The Corporate Governance Framework (CGF) is a recent initiative developed by COSO (Committee of Sponsoring Organizations of the Treadway Commission) in collaboration with the National Association of Corporate Directors (NACD). PwC was engaged to help develop the framework, which complements COSO’s existing internal controls and enterprise risk management frameworks.

A Public Exposure Draft of the framework was released this week, with a request for public comments by July 11th.

A promising aspect is that the draft has received input from prominent figures at the SEC, PCAOB, and the Office of the Comptroller of the Currency. However, it's important to note that this is a framework, not a code, meaning it lacks binding authority.

Framework Overview

The document, which spans 73 pages, includes introductory sections and a glossary. The body of the framework is 54 pages long, but it is broad and not particularly deep. Its structure mirrors the internal controls framework with six components: Oversight, Strategy, Culture, People, Communication, and Resilience, each containing a set of principles.

Oversight

• Principle 1: Establish Board Structure and Exercise Oversight
• Principle 2: Appoint Board Leadership and Members
• Principle 3: Select CEO and Delegate Authority
• Principle 4: Establish Executive Structure and Effectively Manage
• Principle 5: Operate the Board Effectively
• Principle 6: Uphold Shareholder Rights and Accountability

Strategy

• Principle 7: Define Purpose and Core Values
• Principle 8: Develop and Communicate the Strategy
• Principle 9: Execute the Strategy
• Principle 10: Measure Performance Against Strategy and Adjust

Culture

• Principle 11: Establish and Model Culture and Behaviors
• Principle 12: Promote Ethics, Respect, and Open Communication
• Principle 13: Assess and Adapt Culture

People

• Principle 14: Deploy People Strategy and Succession Planning
• Principle 15: Manage People and Compensation
• Principle 16: Drive Performance and Development

Communication

• Principle 17: Commit to Information Quality
• Principle 18: Engage Stakeholders Strategically
• Principle 19: Communicate Effectively with Internal Stakeholders
• Principle 20: Communicate Effectively with External Stakeholders

Resilience

• Principle 21: Manage and Oversee Risks and Opportunities
• Principle 22: Manage Compliance Responsibilities
• Principle 23: Establish and Evaluate Internal Control
• Principle 24: Monitor Governance Effectiveness

Key Insights from COSO

According to COSO, "Governance is considered effective when all components and their related principles are present, functioning, and operating together in an integrated manner. This principles-based approach reflects stakeholder expectations and leading practices without prescribing a one-size-fits-all approach."

Each principle is supported by Points of Focus, which provide guidance on how entities can work toward achieving these principles. These points help leaders put principles into action or assess effectiveness in relation to an entity’s unique circumstances.

COSO's authors believe that, "The principles and points of focus assert key aspects of leading practices for corporate governance. Leaders can use these as guideposts for assessing the quality of an entity’s governance practices and can serve as an aspirational blueprint."

However, given that the framework is relatively high-level (an "inch deep" as it were), it's unlikely that it will be sufficient to fully assess an entity’s governance practices. Governance is a complex topic, and many of its aspects could—and often do—require their own in-depth frameworks or standards.

That said, the CGF could serve as a useful source for discussion. It provides a solid foundation with valuable suggestions for improving governance.

Do We Need a US Corporate Governance Code?

While nations with corporate governance codes may exhibit strong governance practices, I’m not convinced that adopting such a code would necessarily make governance practices in the US any better. Notably, I haven’t seen the SEC report to Congress advocating for one.

What do you think?

What’s your take on the COSO draft? Do you think it has value and will contribute to improving corporate governance?

Do you believe it could help assess the quality of an entity’s corporate governance?

The GRC Report is your premier destination for the latest in governance, risk, and compliance news. As your reliable source for comprehensive coverage, we ensure you stay informed and ready to navigate the dynamic landscape of GRC. Beyond being a news source, the GRC Report represents a thriving community of professionals who, like you, are dedicated to GRC excellence. Explore our insightful articles and breaking news, and actively participate in the conversation to enhance your GRC journey.