Corporate Governance in Financial Institutions·
I am happy to be here this afternoon to participate in a Top management workshop on Corporate Governance and Corporate Social Responsibility in Public Enterprises. I am fully aware along with all of us assembled here that, corporate governance is a subject of tremendous relevance, focus and significance in the present day context. Recent history is replete with examples of scams and frauds making headlines every now and then. If in India, we had Harshad Mehta, C.R. Bhansali, Ketan Parekh, advanced countries like US were no way behind with their scams of Enron and WorldCom and many more all of which fell like the nine pins. Thus, there is growing concern world over for the Governments, Regulators of stock exchanges, Banks and other financial institutions to continuously review the system and procedures and how to enhance corporate governance. In developing countries governance issues of small and mid-sized companies, often family controlled also is an issue. It would be good to refresh ourselves briefly with some definitions of eminent persons who understood corporate governance and as they visualized it:
Definitions
1. I would like to quote an Economist and Noble laureate Milton Friedman. According to him “Corporate Governance is to conduct the business in accordance with owner or shareholders’ desires, which generally will be to make as much money as possible, while conforming to the basic rules of the society embodied in law and local customs”
2. According to Sir Adrian Cadbury, “Corporate Governance is the system by which companies are directed and controlled……
……to do with Power and Accountability: who exercises power, on behalf of whom, how the exercise of power is controlled.”
3. According to OECD the Corporate Governance structure specifies the distribution of rights and responsibilities among different participants in the corporation, such as, the Board, managers, shareholders and other stakeholders spells out the rules and procedures for making decisions on corporate affairs.
4. Yet another definition is “Corporate Governance is about promoting corporate fairness, transparency and accountability.”
There are many more points of view all revolving around the process and structure to direct and manage the affairs of a company with the objective of enhancing shareholder value which not only includes the financial numbers in the balance sheet but the value system and the ethics observed in achieving at the numbers.
Ironically, it was US which brought in legislation called Foreign and Corrupt Practices Act of 1977 followed by Securities and Exchange Commissions tightening of mandatory reporting of internal financial controls in 1979. The Treadway commission was formed in 1987 after the collapse of several Savings and Loan institutions in US. The Treadway report highlighted the need for a proper control environment, Independent Audit committees and an objective internal audit function. It also requested the sponsoring organizations to write for themselves and develop an integrated set of control criteria for betterment of the companies. Despite of this in 1990s, companies like Polly Peck, BCCI and Robert Maxwell group of companies in UK became victims of spectacular failures, primarily out of poorly managed business practices often times, standards set by the respective Boards. In the Annexure I to my speech, I am summarizing the Cadbury Code of Best Practices and I feel the 19 points there are of great relevance even today. The Combined code was subsequently derived from the Ron Hampel report and the Greenbury Report all of which were appended to the listing rules of London Stock Exchange. Compliance is mandatory for all listed companies in the UK.
History continues to tick and Sarbanes-Oxley Act of the US was a serious wakeup call. It has been much debated and there are very mild protests in some quarters. Nevertheless, it is a call to get back to fundamentals and it identifies 58 separate provisions that affect internal auditing and the question of Directors of Boards looking the other way is unacceptable and must change. This message is applicable to the public and private companies alike. I am tempted to quote some of the important extracts from the BIS review 2003.
The message for boards of directors is: Uphold your responsibility for ensuring the effectiveness of the company’s overall governance process.
The message for audit committees is: Uphold your responsibility for ensuring that the company’s internal and external audit processes are rigorous and effective.
The message for CEOs, CFOs, and the senior management is : Uphold your responsibility to maintain effective financial reporting and disclosure controls and adhere to high ethical standards. This requires meaningful certifications, codes of ethics, and conduct of insiders that, if violated, will result in fines and criminal penalties, including imprisonment.
The message for external auditors is: Focus your efforts solely on auditing financial statements and leave the add-on services to other consultants
The message for internal auditors is: You are uniquely positioned within the company to ensure that its corporate governance, financial reporting and disclosure controls, and risk management practices are functioning effectively. Although internal auditors are not specifically mentioned in the Sarbanes-Oxley Act, they have within their purview of internal control the responsibility to examine and evaluate all of an entity’s systems, processes, operations, functions and activities.
[/list]
Thus, the role of the internal auditor has substantially got escalated and the external auditor perhaps took a back seat. However, a specific section of Sarbanes-Oxley Act requires senior management to assess and report on the effectiveness of disclosure controls and procedures as well as on internal controls for financial reporting. All of these have to be in the public disclosure domain of the reports but outside the financial statements. There is one risk to merely lean heavily on the certification, which after a while become ritualistic. It would be good to be associated with the framing of the robust audit programme and the company’s disclosure control framework. Further an internal auditor must have the highest ethics and be willing to sacrifice everything (consultation assignments) to maintain their independence within the auditing company. If there are different sections of companies, which offer turn-key management consultation, at least those who are involved in the audit exercise should disassociate themselves from being a part of consulting side of the company’s work. Some of the provisions in the Act are quite draconian particularly one would be the internal auditor of publicly traded financial services company, as there are threats of fines and imprisonment, the internal auditor’s voice is heard loud and clear by the Board and as such all those Boards who choose to ignore this valuable advice would in my opinion be consigned to the dust bin of history. Complex collapses, misfeasance and malfeasance of staggering proportions, Auditors failing in their duties, call for tough Regulatory responses like the above Act and related rules introduced and interpreted by Securities and Exchange Commission in USA.
Indian Situation:
Next I would like to turn to Indian situation. By and large we have followed the Cadbury model. It is true that Audit Committees, Managing Committees and Remuneration Committees have all come into existence. In most Indian companies and the CIIs studies of 1999 chaired by Mr. Kumara Mangalam Birla was a landmark document with 25 recommendations 19 of them which are ‘mandatory’. The roles of a company with a combination of Executive and Non-Executive Directors with atleast 50% comprising non-executive directors is important. Likewise, the audit committee is chaired by qualified independent Director preferably a Chartered Accountant and the members of the Audit Committee are invariably non-executive independent Directors. We all know that the independent Directors apart from receiving Director’s remuneration, do not have any pecuniary relationship or transactions with the company. The Audit Committee has wide powers and also looks into the compliance with Accounting Standards and all of the other regular compliances like the stock exchange, legal requirements and it also looks into several internal control systems. There is sub-committee of the Board, which also looks at the shareholders’ grievances and files its compliances to the stock exchange. Publication of quarterly or half yearly results of the companies after being vetted by the Audit Committee is now a well established practice. What perhaps is missing in the Indian situation at the present moment is the equivalent legislation, inline with the Sarbanes-Oxley Act although, the dust has not settled down on the subject. The Institute of Chartered Accountants of India have set up quite rigid Accounting Standards to be followed which have progressively tightened compliances. This assumes importance as many mid-sized and small companies are family controlled and at times pyramidical structures are developed so that layered investments and crossholdings go unnoticed. There is urgency to ensure against controlling of companies in the group by a group of people who are not direct investors.
Corporate Governance for Banking Organizations:
I am afraid, I could not avoid the lengthy preamble.
The subject given to me is to speak about financial institutions, which if one would look from right perspective would encompass all the financial institutions within our country. Particularly, you may divide them into following:
Ø Term-Lending Institutions, governed by the Companies Act or Special Act
Ø Banks [public sector, private sector (old and new generation banks, Cooperative Banks)] governed by Special Act or BR Act.
Ø Finance companies also known as non-banking financial companies governed by Companies Act and guidelines issued by RBI and FCS.
The Basel Committee in the year 1999, had brought out certain important principles on corporate governance for banking organizations which, more or less have been adopted in India.
Basel committee underscores the need for banks to set strategies for their operations. The committee also insists banks to establish accountability for executing these strategies. Unless there is transparency of information related to decisions and actions it would be difficult for stakeholders to make managements accountable. The underlying theme is accountability at all levels including the Boards.
From the perspective of banking industry, corporate governance also includes in its ambit the manner in which their boards of directors govern the business and affairs of individual institutions and their functional relationship with senior management. This is determined by how banks:
set corporate objectives (including generating economic returns to owners);
run the day-to-day operations of the business and;
consider the interests of recognized stakeholders i.e., employees, customers, suppliers, supervisors, governments and the community and
align corporate activities and behaviours with the expectation that banks will operate in a safe and sound manner, and in compliance with applicable laws and regulations; and ofcourse protect the interests of depositors, which is supreme.
[/list]
You may be aware that the Committee has issued several papers on specific topics, where the importance of corporate governance is emphasized. These include Principles for the management of interest rate risk (September 1997), Framework for internal control systems in banking organizations (September 1998), Enhancing bank transparency (September 1998), and Principles for the management of credit risk (issued as a consultative document in July 1999). These papers have highlighted the fact that sound corporate governance should have, as its basis, the following strategies and techniques:
the corporate values, codes of conduct and other standards of appropriate behaviour and the system used to ensure compliance with them;
a well-articulated corporate strategy against which the success of the overall enterprise and the contribution of individuals can be measured;
the clear assignment of responsibilities and decision-making authorities, incorporating an hierarchy of required approvals from individuals to the board of directors;
establishment of a mechanism for the interaction and cooperation among the board of directors, senior management and the auditors;
strong internal control systems, including internal and external audit functions, risk management functions independent of business lines, and other checks and balances;
special monitoring of risk exposures where conflicts of interest are likely to be particularly great, including business relationships with borrowers affiliated with the bank, large shareholders, senior management, or key decision-makers within the firm (e.g. traders);
the financial and managerial incentives to act in an appropriate manner offered to senior management, business line management and employees in the form of compensation, promotion and other recognition; and
appropriate information flows internally and to the public
[/list]
For ensuring good corporate governance, the importance of overseeing the various aspects of the corporate functioning needs to be properly understood, appreciated and implemented.
There are four important aspects of oversight that should be included in the organizational structure of any bank in order to ensure the appropriate checks and balances:
(1) oversight by the board of directors or supervisory board;
(2) oversight by individuals not involved in the day-to-day running of the various business areas;
(3) direct line supervision of different business areas; and
(4) independent risk management and audit functions.
In addition to these, it is important that the key personnel are “fit and proper” for their jobs. The latest directive issued by RBI on 25th June, under section 35A of the BR Act is very important. A copy of issued directive is placed as Annexure II. Certain criteria must be fulfilled by persons aspiring to become Directors of Banks and due diligence must be done in this regard. In future, Directors must also execute covenants binding themselves to discharge the duties, rules individually and collectively. Qualification, track record, integrity and other ‘fit and proper’ norms, importantly duly filled in forms must be scrutinized by Nomination Committees.
The supervisory experience of Regulators in general, in banks consider the following as critical elements in the governance process:
Establishing strategic objectives and a set of corporate values that are communicated throughout the banking organization.
Setting and enforcing clear lines of responsibility and accountability throughout the organization.
Ensuring that board members are qualified for their positions, have a clear understanding of their role in corporate governance and are not subject to undue influence from management or outside concerns.
Ensuring that there is appropriate oversight by senior management
Effectively utilizing the work conducted by internal and external auditors, in recognition of the important control functions they provide
Ensuring that compensation approaches are consistent with the bank’s ethical values, objectives, strategy and control environment.
Conducting corporate governance in a transparent manner
Ensuring an environment supportive of sound corporate governance.
[/list]
I would like to discuss these practices in some detail, as dealt with by Basel Committee.
Regarding establishing strategic objectives and a set of corporate values that are communicated throughout the banking organization, Basel Committee feels that it is difficult to conduct the activities of an organization when there are no strategic objectives or guiding corporate values. Therefore, the board should establish the strategies that will direct the ongoing activities of the bank. It should also take the lead in establishing the “tone at the top” and approving corporate values for itself, senior management and other employees. The values should recognize the critical importance of having timely and frank discussions on problems. In particular, it is important that the values prohibit corruption and bribery in corporate activities, both in internal dealings and external transactions.
The board of directors should ensure that senior management implements policies that prohibit (or strictly limit) activities and relationships that diminish the quality of corporate governance, such as:
conflicts of interest;
lending to officers and employees and other forms of self-dealing (e.g., internal lending should be limited to lending consistent with market terms and to certain types of loans, and reports of insider lending should be provided to the board, and be subject to review by internal and external auditors); and
providing preferential treatment to related parties and other favoured entities (e.g., lending on highly favourable terms, covering trading losses, waiving commissions).
Prohibiting insider trading based on knowledge of sensitive information before it becomes public knowledge.
[/list]
Processes should be established that allow the board to monitor compliance with these policies and ensure that deviations are reported to an appropriate level of management.
On the practice of setting and enforcing clear lines of responsibility and accountability throughout the organization, Basel Committee says that effective boards of directors clearly define the authorities and key responsibilities for themselves, as well as senior management. Such boards also recognize that unspecified lines of accountability or confusing, multiple lines of responsibility might exacerbate a problem through slow or diluted responses. Senior management is responsible for creating an accountability hierarchy for the staff, but must be cognizant of the fact that they are ultimately responsible to the board for the performance of the bank.
Regarding the practice of ensuring that board members are qualified for their positions, have a clear understanding of their role in corporate governance and are not subject to undue influence from management or outside concerns, Basel Committee stipulates that the board of directors is ultimately responsible for the operations and financial soundness of the bank. The board of directors must receive on timely basis sufficient information to judge the performance of management. An effective number of board members should be capable of exercising judgement, independent of the views of management, large shareholders or the government. Inclusion on the board, qualified directors that are not members of the bank’s management, or having a supervisory board of board of auditors, separate from the management board, can enhance independence and objectivity. Moreover, such members can bring new perspectives from other businesses that may improve the strategic direction given to management, such as insight into local conditions. Qualified external directors can also become significant sources of management expertise in times of corporate stress. The board of directors should periodically assess its own performance, determine where weaknesses exist and, where possible, take appropriate corrective actions.
According to the Committee the Boards of directors add strength to the corporate governance of a bank when they:
Understand their oversight role and their “duty of loyalty” to the bank and its shareholders;
Serve as a “checks and balances” function vis-à-vis the day-to-day management of the bank;
Feel empowered to question the management and are comfortable insisting upon straightforward explanations from management;
Recommend sound practices gleaned from other situations
Provide dispassionate advice;
Are not overextended;
Avoid conflicts of interest in their activities with, and commitments to, other organizations; meet regularly with senior management and internal audit to establish and approve policies, establish communication lines and monitor progress toward corporate objectives;
Absent themselves from decisions when they are incapable of providing objective advice;
Do not participate in day-to-day management of the bank
[/list]
It is found that in a number of countries, bank boards have found it beneficial to establish certain specialized committees. Let us look at a few of them:
Risk management committee: It provides oversight of the senior management’s activities in managing credit, market, liquidity, operational, legal and other risks of the bank. (This role should include receiving from senior management periodic information on risk exposures and risk management activities)
Audit Committee: It provides oversight of the bank’s internal and external auditors, approving their appointment and dismissal, reviewing and approving audit scope and frequency, receiving the reports and ensuring that management is taking appropriate corrective actions in a timely manner to address control weaknesses, non-compliance with policies, laws and regulations, and other problems identified by auditors. The independence of this committee can be enhanced when it is comprised of external board members that have banking or financial expertise.
Compensation committee: It provides oversight of remuneration of senior management and other key personnel and ensuring that compensation is consistent with the bank’s culture, objectives, strategy and control environment
Nominations committee: It provides important assessment of board effectiveness and directing the process of renewing and replacing board members.
[/list]
Even in very small banks, key-management decisions should always be made by more than one person, which is known as “four eyes principles”. It is also necessary to put strict ‘firewalls’ between the persons involved in the frontline business taking risks and decisions, getting involved in framing policies or serving in any of the important set of committees like the Audit committee. The philosophy of the Board must percolate to every employee in the organization that the Board is not unwilling to discipline successful or key employee when he goes wrong and the company do not fear losing such persons. The scenario in the Indian banking situation is - several audits takes place continuously beginning with the statutory auditors, the internal auditors, the concurrent auditors (who could be internal or external) and occasionally audit from the CAG and ofcourse the regulatory oversight / inspection by the Reserve Bank of India under Section 35 of the BR Act. There is also a risk rating of each bank on the CAMEL parameters and managements of the banks are called in for discussions with Regulators to express their concerns in certain areas. In respect of public banks, the majority is held by the government as such regulatory concerns are also periodically and confidentially shared with the government as well. Ownership and shareholding in PSU Banks is actively under debate with the government desirous of having a golden share with special rights should it disinvest more than 51% of the shares sometime in future. Recommendations of Narsimham Committee I & II are relevant.
For the same reason of governance, I would like to raise an issue - Should there be officials of RBI on the Boards of the Banks and would there not be a conflict of interest in the role of a Regulator and a Board member taking the decisions? Likewise Government servants serving on the Bank Boards also raises a similar issue. I am aware there is no immediate resolution to this dilemma but a compromise could be worked out by having well reputed eminent professionals as nominees in the transition period before totally exiting from the Boards.
It is true that only a “fit and proper” person can be appointed as a Director of a bank and very recently Reserve Bank has issued guidelines on this subject to which I made a brief reference already. It is very necessary that the Directors seriously address themselves to the various risks that the bank faces particularly in their operations in the various types of businesses and to design proper risk mitigation measures and to adopt suitable measures for effective control so that the risk is mitigated. Banking, per-se, involves risk taking and one need not and should not be afraid of taking a decision as long as the Board or the executive suitably empowered, ensures that you have recognized the risk and taken the decision in transparent manner and the Board is quite competent to handle it.
It is also well known that when certain financial parameters are breached, like the well known trigger points, action is taken immediately to put the bank on proper monitoring till such time it improves. Despite all these changes and a better appreciation of each other’s affairs, it is true there have been serious problems in some Banks and also in Cooperative banks both DCCBs & Urban Banks. The time to make a judgmental call in placing a bank under moratorium and subsequently merging it with another stronger bank or liquidating is not an easy decision. Friends, it brings me to the most painful subject of governance in the cooperative banking sector. I had spoken on an earlier occasion in July 2002, on this very same subject where because of these institutions reporting both to the Registrar of Cooperative societies and to the Reserve Bank of India there have been cases of regulatory arbitrage. It is also widely known that in Cooperative banks the general principle of governance of collective decision making is not always followed resulting in related parties being shown special favours, accumulation of non performing assets (NPA), loss of profit by bidding for deposits at excessive rates and weak and inadequate action where required by the respective state governments have all contributed to the sad scene. Some other district cooperative banks have lost moneys in the so called investments of purchasing government securities to meet the SLR requirements. It is a nightmare to entrust Rs.100 crores to a broker, who neither delivers the scrips purchased nor renders an account for the purchases. I would not like to go into a host of other delicate and sensitive issues but, I would only reiterate that Regulators may be looked upon as external pressure points for good corporate governance. Disclosure and transparency are also very important so that all the stockholders can judge the strength and weaknesses of a bank. Collective decision making by “fit and proper” professional directors and last but not least, as all credit institutions are linked to each other through a complex chain of inter-bank relationships which – as recent instances have showed – in any event of difficulty, become mechanisms for spread of the ‘contagion’ effect has to be arrested at the earliest. Vulnerable in this chain is default in payment systems and clearing facilities. RTGS reduces this risk largely. Cooperative banks were built on human capital and did exceedingly well for about 50 to 60 years. Its time to introspect and see how the lost luster can be regained using the tool of corporate governance, risk management etc., and also bringing about legislative changes so that a single Regulator regulates a financial entity or corporate entity to prevent arbitraging. I strongly believe, State Governments must not hesitate to take strict action where warranted against the DCCBs rather than mild or no action being taken and also reconcile to a single Regulator even if it meant losing a part of the turf and power.
Let me now go back to the Dr. Ganguly Group’s Report submitted in April 2002 and placed at RBI’s website for comments. Banks were advised to place the report to their Boards to adopt the decisions constrained therein, some of which required legislative changes have been referred to the Government of India. In view of its importance, the same is placed as an Annexure III. This read together with SEBI guidelines that is placed as Annexure IV to my speech form anchor documents and efforts are underway by RBI for harmonizing them.
Thus, it is the collective wisdom of eminent professionals serving on the Boards of the financial institutions, which can further enhance corporate governance. I am afraid this search for improvement is not limited by time. It would continue forever and it is only hoped that scamsters are brought to justice sooner than later. There is an entire subject called ‘whistle blowing’ and there is enormous literature on this subject. When to blow the whistle? Who should blow the whistle? And where should the whistle be heard? These are the questions for which one need to find the answers between spate of anonymous letters to which any one working in public sectors is used to and often honest officials harassed on one side, to which thanks to CVC are now ignored, and damaging investigative audit reports and doctored Balance sheets on the other side. Somewhere in between lies the governance and ethics and standards set up by virtuous men heading institutions. In such institutions the reputation of the organization and the leader go hand in hand. In such organizations the shareholders and other stakeholders truly derive their value. It is myopic to look for astronomical return by the shareholders to allow the Boards to indulge in unethical practices like market rigging, insider trading, speculation and host of other irregular practices for making huge profits. One cannot argue that the shareholders value is enhanced and higher profits and dividends are distributed, the Board acting as agent of the shareholder being the principal. Here lies the real test of governance of the Boards walking the well defined, honest and straight path in conducting the affairs in the required atmosphere of transparency, seen and perceived by all the stakeholders and the markets and regulators. Then only can one confidently state that corporate governance has taken firm roots in the countries.
Friends, I thank you for your patience in listening through this somewhat lengthy, important and sensitive subject as understood by me, after being on the Boards of State Bank of Travancore, State Bank of India, SEBAL, SBI Mauritius and SBI Canada, NABARD, NHB and Reserve Bank of India finally before I retired. I thank the organizers for inviting me to speak today.
* * *
ANNEXURES (I – IV)
ANNEXURE - I
Cadbury Code of Best Practices
The Cadbury Code of Best practices had 19 recommendations. The recommendations are in the nature of guidelines relating to Board of Directors, Non-executive Directors, Executive Directors and those on Reporting and Control.
Relating to the Board of Directors these are:
The Board should meet regularly retain full and effective control over the company and monitor the executive management
There should be a clearly accepted division of responsibilities at the head of a company, which will ensure balance of power and authority, such that no individual has unfettered powers of decision. In companies where the Chairman is also the Chief Executive, it is essential that there should be a strong and independent element on the Board, with a recognized senior member.
The Board should include non-executive Directors of sufficient caliber and number for their views to carry significant weight in the Board’s decisions.
The Board should have a formal schedule of matters specifically reserved to it for decisions to ensure that the direction and control of the company is firmly in its hands.
There should be an agreed procedure for Directors in the furtherance of their duties to take independent professional advice if necessary, at the company’s expense.
All directors should have access to the advice and services of the Company Secretary, who is responsible to the Board for ensuring that Board procedures are followed and that applicable rules and regulations are complied with. Any question of the removal of Company Secretary should be a matter for the Board as a whole.
[/list]
Relating to the Non-Executive Directors the recommendations are:
Non-executive Directors should bring an independent judgement to bear on issues of strategy, performance, resources, including key appointments, and standards of conduct.
The majority should be independent of the management and free from any business or other relationship, which could materially interfere with the exercise of their independent judgement, apart form their fees and shareholding. Their fees should reflect the time, which they commit to the company.
Non-executive Directors should be appointed for specified terms and reappointment should not be automatic.
Non-executive Directors should be selected through a formal process and both, this process and their appointment, should be a matter for the Board as a whole.
[/list]