Some form of governance has always been present in organizations, but the attention paid to governance issues has evolved with changes in the business environment. Due to the recent corporate scandals and failures and regulatory responses ( for example, Dodd-Frank Bill, Sarbanes Oxley Act, King 111, Basel Accord and Solvency Rules), corporate governance has again become a priority. Although most organizations have some form of governance structures in place, the focus is mostly on conformance with rules and regulations.
There is nothing wrong with following industry or sector rules and regulations. The problem arises when this conformance becomes a box-ticking exercise. As organizations and the business microeconomic and macroeconomic environment change, the governance system in place must also change and adapt to future opportunities and threats by improving business processes and practices. In other words, the organization’s governance structure should fully support its efforts to drive and improve enterprise performance.
Successful organizations do not view enterprise performance and conformance in isolation. They fully understand how these two dimensions together represent the entire value creation, resource utilization and accountability framework of an enterprise. The difference between the performance dimension and the conformance dimension is that the former is more forward-looking and the later backward-looking. Performance responsibilities focus on strategy, value creation and resource utilization whereas conformance responsibilities focus on providing assurance to stakeholders that the organization is working effectively and efficiently to achieve its strategic and operational goals. However, both performance and conformance responsibilities enhance each other and the organization as a whole.
In today’s ever-changing business environment, organizations need to be proactive. By taking a proactive forward-looking view, organizations can also address many of the risks associated with non-conformance and help ensure that effective measures are in place. In addition to adhering to governance principles, they must periodically evaluate performance results to ensure the continued effectiveness of their governance systems and strive for continuous improvement. One way to do so is to benchmark your organization against governance procedures and practices of successful organizations within your industry, sector or line of business.
Organizations that are serious about successfully creating a balance between performance and conformance and experience positive results must do the following:
• Establish a set of fundamental values by which the organization operates: Management must set the “tone at the top” by clearly defining the organizational values, developing and implementing a code of conduct and adhering to these principles as an example of appropriate behaviour. For these fundamental values to be understood, accepted, put into practice and upheld enterprise-wide, they must be clearly communicated to all the organizational stakeholders. At the same time, stakeholders should be allowed to freely communicate their governance concerns to senior management.
• Avoid paying too much attention on compliance: Most organizations are wasting valuable time and resources focusing more on compliance at the expense of strategic planning and execution, performance improvement and growing their enterprises. Compliance alone is not sufficient to ensure long-term organizational success hence the need to spend enough time and resources on strategy and performance. Furthermore, instead of having a checklist mentality, organizations should take a balanced approach to conformance governance and performance governance.
• Clearly define the relationship between risk management and strategy: Effective and efficient enterprise risk management (ERM) should form an integral part of an orgnization’s governance system. Successful organizations have recognized the importance of taking a more performance-focused approach to risk management and internal controls. These organizations have successfully integrated risk management and internal controls into all organizational decision-making activities and processes by developing a framework that strategically identifies, assesses and responds to organizational risks. Their governing bodies clearly define, communicate and maintain the organization’s risk appetite and risk capacity.
• Fully integrate good governance into the organization: This is more than a compliance exercise. Governance should form part of the organization’s DNA and permeate all facets of the organization. Thus, governance principles should be taken into account when planning, implementing and reviewing the organization’s objectives. The organization as a whole and every individual within the organization is responsible for good governance and helping the organization achieve its objectives.
How else can an organization successfully create a balance between performance and conformance and achieve positive enterprise results?