Legal Consultation

What you need to know about board structures and controls

The structure and controls of a board play a pivotal role in ensuring accountability, transparency, and ethical behaviour within a company.

Legislative framework:
The Companies Act 71 of 2008 is the primary regulator of business and it provides requisite guidelines for board structures and controls. The Companies Act lays down the foundation for corporate governance principles and practices. It emphasizes the importance of establishing independent boards that acts in the best interests of the company and its stakeholders.

Furthermore, the King Reports on Corporate Governance also provide recommendations and guidelines for board composition, risk management, ethics, and disclosure practices.

The King Reports emphasize the need for effective risk management systems and internal controls. Boards are expected to establish robust risk committees to identify, assess, and mitigate risks. These controls include regular monitoring of financial performance, internal audits, and compliance with applicable laws and regulations.

Board structures: The Companies Act encourages the appointment of both executive and non-executive directors, ensuring a separation of powers and independent oversight. Non-executive directors are expected to bring diverse skills, experience, and independent judgment to the board, contributing to better decision-making and accountability.

Various types of board structuring and controls are implemented to ensure effective corporate governance. These include:
1. Independent directors who bring objectivity and impartiality to board decision-making. Independent directors are not affiliated with the company or its management, enabling them to provide independent oversight. They play a critical role in safeguarding shareholder interests and ensuring the board's accountability; and
2. Board committees which are instrumental in strengthening governance controls. One of the key committees is:
a. Audit committees: They are mandated by the Companies Act. They play a vital role in ensuring financial transparency and the integrity of financial reporting. This committee consists of independent non-executive directors and is responsible for reviewing financial statements, risk management, and internal control systems.

Board controls:
Codes of Conduct and Ethics Policies: Board structuring also places emphasise on the adoption and implementation of codes of conduct and ethics policies. These documents provide a framework for ethical behaviour, guiding directors' conduct and ensuring adherence to high standards of integrity, transparency, and accountability.

Compliance and Internal Controls: Compliance with applicable laws, regulations, and corporate governance codes is also emphasised. Boards establish internal control systems to ensure compliance, prevent fraud, and safeguard the company's assets.
Overall, boards are expected to provide accurate and timely information to shareholders and stakeholders. This includes financial reporting, annual reports, sustainability reports, and disclosure of material information that may impact the company's performance or reputation.

What is a GCR framework?

A Governance, Compliance, and Risk (GCR) framework is a structured approach that organisations use to manage and address various aspects of governance, compliance, and risk management within their operations. It is a critical framework that companies adopt for decision-making processes and management of the company.

The GCR framework depends on three important components being:
1. Governance: Governance frameworks typically outline the roles and responsibilities of key stakeholders, establish reporting structures, and set guidelines for ethical behaviour and integrity.

Governance requires implementing structures, policies, and procedures to ensure effective decision-making, accountability, and transparency within the organisation. It also includes board oversight, ethical guidelines, and performance monitoring.

The Companies Act serves as the primary legislation governing corporate governance in South Africa. It sets out the responsibilities of directors, requirements for financial reporting, and provisions for shareholder rights and engagement.

The King Reports on Corporate Governance provides guidelines and principles for good corporate governance in South Africa. The King Reports emphasises ethical leadership, accountability, transparency, and stakeholder inclusivity.

2. Compliance: Compliance encompasses the adherence to laws, regulations, standards, and internal policies that apply to an organisation's operations.

Compliance frameworks help organisations establish processes and controls to ensure that they meet legal and regulatory requirements, industry standards, and internal policies. For example, companies should ensure that their operations comply with the Companies Act, Labour Relations Act, Basic Conditions of Employment Act (BCEA) and Employment Equity Act.

It is also important for companies to comply with industry-related regulatory requirements. For example, the financial sector is regulated by the Financial Sector Conduct Authority (FSCA).

 For the compliance framework to be successful, it requires risk assessments, monitoring and reporting mechanisms, training programs, and audits to ensure ongoing compliance.

3. Risk: This involves identifying, assessing, and mitigating risks that could impact an organisation.

It allows organisations to make informed decisions and take appropriate actions to minimize potential negative consequences. Risk management typically involves risk identification, risk assessment, risk mitigation strategies, risk monitoring, and regular review and update of risk management practices.

Examples of risks faced by companies include operational risks, financial risks, market risks, technology risks, environmental and social risks, legal risks, reputational risks, and strategic risks.

A GCR framework helps organizations maintain ethical standards, minimise legal and regulatory risks, and enhance overall governance and operational efficiency. Furthermore, for the GCR framework to thrive, it requires companies to establish clear guidelines, establish accountability mechanisms, and regularly update risk management practices.

Overall, the benefits of implementing a GRC framework for the company outweighs the costs of doing so. Companies with a GCR framework make informed decisions, identify, and mitigate risks more effectively, ensure companies stay updated with applicable laws, and industry standards, increase accountability and transparency and improve operational efficiency. GRC frameworks should be developed and adopted based on the company’s industry, size, and specific regulatory requirements.

Therefore, it is important to engage with external auditors, consultants, and legal advisors to ensure compliance and effective implementation of their GRC frameworks.