Tuesday, October 13, 2009
I argued that Three Lines of Defence (TLD from now on) had not worked... witness RBS and HBOS and others in the States etc. To which this participant replied, but had it been done better it would have provided clear guidance on what should have been done.
My contention is that TLD allows assurance (actually that should be Assurance with a capital A) should not be divided. What we need is: a balanced view to risk, ethical programmes, mature risk management, a risk management and assurance framework, and an organisational structure that works. Now TLD might do that, but it is not the only way at all.
So I am arguing that TLD is fine if you really want it, but don't depend on TLD to protect you next time round. It wasn't that we were slightly wrong in our approach to risk management, we were fundamentally inadequate and TLD did not spot that...
I would welcome your comments, either here, on LinkedIn, or via my website.
Friday, October 2, 2009
My main recommendations are fourfold (excuse the numbering...):
- I continue to believe that we need to see a paradigm shift in Corporate Governance. In order to make incumbent boards and individual directors take this seriously we need to see new fiduciary duties relating to Corporate Governance responsibilities, which should be discharged with due and diligent care.
- I applaud the recommendation to create effective board risk oversight committees. I happen to believe that the remit as described in Sir David's paper is insufficient for the purpose. The remit and mechanics should:
- Encompass the development of a balanced view of risk;
- Include the oversight of the development and implementation of a robust ethics programme;
- Encompass the periodic assessment of the maturity of risk management maturity;
- Include the development of a risk management and assurance framework that is fit for purpose; and
- Address the development of an appropriate risk management organisation.
- Although it may well be difficult, in the context of the worst dereliction of Corporate Governance responsibilities of recent economic history, I continue to believe that we should find ways to make a form of permanent, full time non-executive director role work in BOFIs (and other organisations) that have a major societal impact.
- I continue to believe that the most important attribute of a non-executive director is an ability to act in a challenging, and yet supportive manner. Akin to risk management, the role of such directors is to periodically pierce the “perfect place arrogance” that develops in large corporate organisations. I am therefore less interested in the sectoral background, while of course acknowledging the need for a number of the directors to have BOFI backgrounds.
I set out more detail supporting my recommendations in my letter to Sir David, a copy of which can be found at http://randerson-assocs.co.uk/WalkerConsultationPaper.aspx. I would be pleased to hear what you think of (a) Sir David's consultation paper, (b) my responses and whether you believe Corporate Governance will improve as a consequence of his work.