Corporate Governance

In this article, Norman Marks explores the absence of a formal US corporate governance code, unlike those adopted in other countries such as the UK, Japan, and South Africa. Marks discusses the newly introduced COSO Corporate Governance Framework, a collaboration with the National Association of Corporate Directors (NACD) and PwC, designed to guide organizations in enhancing their governance practices. While the framework offers valuable principles across six key components, Marks highlights its limitations, particularly its lack of enforceable authority and depth compared to a full-fledged governance code. This piece delves into the implications of the framework and raises important questions about the need for a US corporate governance code.

On May 15, 2025, the Eight Chairs, a group representing the national corporate governance committees of Belgium, France, Germany, Italy, the Netherlands, Spain, Sweden, and the United Kingdom, gathered to discuss the evolving landscape of corporate governance across Europe. Their goal was clear: to reinforce the importance of sound governance as a foundation for long-term value creation, particularly during these challenging economic and geopolitical times.

Our recent survey reached over 100 dedicated and experienced professionals from across the GRC spectrum. Ranging from compliance and risk management to cyber risk and integrated GRC, these individuals are the ones on the front lines, and their insights remind us that behind every percentage is not just statistic but a true human story, a tale of vigilance, collaboration, and the unyielding drive to create a resilient, compliant, and better future.

Today, the Australian Prudential Regulation Authority (APRA) unveiled a series of proposals that promise to reshape the governance landscape for banks, insurers, and superannuation trustees. It’s been more than a decade since APRA’s last major update to its governance standards, and these new changes are set to address critical gaps in the system—an evolution that is both timely and necessary as the financial environment grows increasingly complex.

If you’ve been keeping up with the evolving world of Governance, Risk, and Compliance (GRC), you may have come across my recent article that argues many GRC programs are fundamentally backward by focusing too much on compliance and risk before objectives. The article makes the case that true GRC should always start with clear organizational objectives, and everything else—risk, governance, and compliance—should support those goals. But why does this matter, and how can organizations better align their GRC strategies?

With the clock ticking down to the 2025 implementation of Provision 29 under the revised UK Corporate Governance Code (UK CGC), companies are in a race to align their risk management and internal controls with the new requirements. The mandate, which calls for boards to provide a declaration on the effectiveness of their risk frameworks, has sparked widespread discussion among compliance professionals, corporate leaders, and risk strategists.

The Securities and Exchange Commission (SEC) has approved a new quality control (QC) standard developed by the Public Company Accounting Oversight Board (PCAOB), marking a significant step forward in improving the audit practices of registered public accounting firms.