Tim Stueven, CPA
Audit director, ACM
There is no better place to live than Colorado. Whether it’s the natural beauty, abundance of outdoor activities, professional sports teams, craft beer or nightlife – there is something for everyone. And because we understand Colorado, we don’t wait for a blizzard to hit before we buy our snow coats, winter caps, shovels and snowbrushes, we already have them. Similarly, companies should not wait for that blizzard to hit before asking, What went wrong? How did we not see this coming? What should we have done? Rather, companies should avoid a corporate disaster by implementing, promoting and building upon a high standard of corporate governance.
Corporate governance, which is defined by Investopedia as a system of rules, practices and processes by which a company is directed and controlled, can be a critical component to a company’s growth and success. And no, corporate governance is not just for public companies. Private companies can benefit from corporate governance. The following will cover some benefits of corporate governance and some areas of corporate governance that should be implemented (or improved upon) for a private company.
Benefits of Good Corporate Governance
The right corporate governance can benefit a private company in the following ways:
1. Attractive to potential buyers. Adding internal control procedures, a board of directors, an audit committee and a code of ethics can add an additional level of assurance to potential buyers.
2. Initial public offering. Private companies considering an initial public offering would benefit from already having implemented certain provisions of the Sarbanes-Oxley Act that they will be required to implement once they go public.
3. Public perception. Good news travels fast, but bad news travels even faster. Corporate governance may be the first line of defense against unintended negative public perception. By taking the necessary steps in identifying and mitigating risks through policy and procedure, a company may be able to avoid a public relations nightmare.
4. Avoid corporate disaster. Mitigating and regulating risk will reduce the prospect of a corporate disaster. Through policies and procedures, companies can identify and alleviate potential risks prior to occurrence. Additionally, having a disaster recovery plan with pertinent relationships with attorneys, public relations firms and related experts in place can reduce stress and increase responsiveness when issues occur. Time is of the essence when it comes to corporate disaster recovery so having plans and relationships formulated in advance is imperative to making lemonade out of lemons and reducing costly expenses and negative impacts on the organization.
Areas to Consider When Implementing Corporate Governance
The following are some ideas to consider when implementing corporate governance standards.
1. Independent board of directors. Having an independent board member can provide a company with a different perspective and fresh eyes from which to approach issues. Additionally, independent directors can support, mentor and monitor the chief executive officer.
2. Audit committee. An audit committee oversees all aspects of a company’s financial reporting and control processes. For companies that have a more robust financial reporting and control environment, they may benefit from having a diverse audit committee to assist in these processes. The audit committee will help to strengthen the company’s financial reporting processes, oversee an appropriate control environment and engage with the external auditor. An audit committee charter can be adopted that will govern the audit committee.
3. Code of ethics. A code of ethics is a guide of principles that outlines the mission and values of a company. The creation of a code of ethics will help a company set the standards of ethics across the company that employees must follow.
4. Risk management. Risk management is a company’s process to identify potential risks, create steps to reduce the risk and minimize the potential risks impact to the business. Companies may look to mitigate risk’s by adding three policies.
First is an information security policy, which is designed to create a process for all persons who have access to a company’s information technology. It should include both internal and external parties. Security policies that follow best practices can be the first line of defense in avoiding costly breaches.
Second is an effective internal control policy, which can help reduce the risk of loss and help ensure that financial information is complete and accurate, financial statements are reliable, and that the company is in compliance with all laws and regulations. Creating internal policies will define roles and responsibilities across the company to ensure all parties are aware of their day-to-day duties.
Third is a document retention policy. Regulatory requirements typically dictate how long certain documents are required to be maintained. By creating a document retention policy, the company will ensure that documents are not destroyed prior to the maintenance period.
5. Conflict of interest policy. A conflict of interest policy is designed to identify transactions or situations that may present conflicts of interest. Adding a policy will create awareness and ensure regulatory compliance to keep you out of trouble.
Creating a high standard of corporate governance does not mean a company creates policies and procedures and stops there. Similar to the snow analogy above, would it make sense to have snow coats, winter caps, shovels and snowbrushes, but not use them when it snows? No, and, similarly, a high standard of corporate governance requires the company to monitor, control and update its policies as changes to its business environment occur. And, most importantly, for a private company, it requires the full buy-in from its executive team. Tone from the top and good governance creates an environment that allows issues to be addressed before they happen.
