Survey finds non executive directors concerned about ‘honesty’ and ‘integrity’ of the boards they work with

FTSE 350 independent directors (formerly non executive directors) are concerned about the extent to which they need to place trust in their executive colleagues on the board, according to a new report.

The report from Ernst & Young shows that assessment of company culture and tone from the top are the main ways in which independent directors discharge their role in risk management.

All participants in the study, who between them hold over 60 independent director posts across FTSE 350 companies, said that they had to trust the executives with whom they worked. But when asked the biggest problem they face when looking at company risk, almost 40% said it was concern over the honesty and integrity of the boards they work with, and the company’s culture permeating the organisation.

As one respondent from a FTSE 250 company said: ‘As a non executive, the biggest problem generally is do I trust the integrity of management?’ And another, from the financial services industry commented: ‘The worrying things are what you are not told.’ While a third candidly said that some companies simply, ‘may find it difficult to get independent directors.’

Gerald Russell, Ernst & Young’s senior partner in London commented: ‘By definition an independent director is not close to the day-to-day operations of a business – their job is to stand back. Because of this they are reliant on executives to brief them fully and appropriately, not only on current matters but also emerging issues. It is essential that independent directors are able to trust the executive board members and push for assurance that a suitable risk aware culture permeates the organisation at all levels.’

He added: ‘Recent events surrounding Northern Rock have led the Treasury Select Committee to recommend that accounting bodies should consider what further assurance auditors can give to shareholders – in respect of the risk management processes of a company. While we fully support such consideration, our research shows just how difficult that could be in practice.’

He continues, ‘If directors have to make subjective judgments on the risks taken and disclosures by executives, it is extremely difficult to assess such control objectively. ‘Trust and feel’ is not a process, yet it does appear to be the main way in which independent directors approach the situation.’

“It is essential that independent directors are able to trust the executive board members and push for assurance that a suitable risk aware culture permeates the organisation at all levels.

Gerald Russell, Ernst & Young’s senior partner in London

The Companies Act 2006 – much of which comes into force this year – should, in theory, go some way towards making disclosure of risk management more transparent.

The business review, a new requirement of the Act to be included in director’s reports, should detail the risks and uncertainties facing a company, among other things. However, those independent directors that responded to the Ernst & Young study and hold positions in non-regulated industries balked at the idea of additional reporting.

Russell said that there was concern from this group of independent directors that the review might actually create competitive disadvantage, particularly where risk management is a fundamental part of the organisation’s business model. There was also nervousness over the reaction of current and prospective shareholders to extensive risk disclosure.

‘Reactions to the Companies Act 2006 and in particular the business review have been mixed. It is a necessary requirement and one cannot yet judge its effectiveness,’ added Russell.

The report shows that what most independent directors are unanimous on is that standardisation of risk practices, or a formalised system that can be used by all listed companies, is not appropriate or practical.

Russell concluded: ‘Changes in practice driven by regulation can often lead to box-ticking exercises. FTSE 350 boards and their independent directors do not want to see risk management being divorced from corporate governance and day-to-day business operations. Having a risk checklist or register does not in itself provide a good tool to manage the complex risks faced by a complex organisation. Indeed, too much focus on the mechanics of the risk register could lull independent directors into a false sense of security.’