This note is designed to help fund managers and particularly company directors understand their responsibilities in setting and leading environmental and social (E&S) and business integrity (BI) agendas when they sit on company boards. It is not intended to be a detailed technical guidance document.
This note provides an overview and general guidance. Fund managers and company directors should carefully consider each company based on its specific characteristics and circumstances, including jurisdiction, scale, management capacity and commitment, and track record. This note relates to the E&S and BI aspects of board oversight. Please refer to ‘Further resources’ for advice about broader corporate governance issues.
Understanding a company’s environmental, social and governance (ESG) impact and management capacity has become an increasingly important lens through which to assess its performance and long-term sustainability. Environmental criteria look at how a company performs as a steward of the natural environment; social criteria examine how a company manages relationships with its employees, suppliers, customers and the communities in which it operates. Meanwhile, governance relates to a company’s internal processes and leadership, including executive pay, audit and internal controls, and shareholder rights. CDC’s definition of BI takes in a broader scope than simply governance, incorporating the systems and processes that help to manage BI exposure and risks, but also the underlying behaviours, ethics and values.
E&S and BI are complementary disciplines. However, at all levels in an organisation, different sets of skills are needed if both functions are to be effectively managed. It is therefore important to clearly distinguish between the two areas.
Environmental and social
E&S issues include:
BI encompasses a broad range of subjects. It also requires the development and promotion of an ethically oriented culture. The Governance & Business Integrity section of this Toolkit provides guidance on key governance and BI topics. Core areas of BI are:
E&S and BI issues occur in all aspects of a company’s business, from its commercial focus to managing its reputation and brand, ensuring that societal expectations are managed and met, and complying with all relevant regulatory obligations. Addressing E&S and BI risks, impacts and opportunities ultimately helps to secure a company’s licence to operate.
Risks for the business
By failing to incorporate E&S and BI practices in a company, a business puts itself at risk of events occurring that can include:
Opportunities for the business
The opportunities for a business that effectively addresses E&S and BI matters include:
The Sector Profiles section of this Toolkit explains further some of the risks and opportunities to consider for different sectors that have important E&S and BI aspects such as oil and gas, healthcare, education, retail and agriculture.
Although a fund may have part or full ownership of a company, fund managers need to be clear about their roles and fiduciary responsibilities when they are also directors of the company. The role of a shareholder may sometimes conflict with that of a director.
Shareholders and investors are the owners and ultimate decision makers of a company. They are typically entitled to access information on the company and can vote on company issues at general meetings. Shareholders appoint directors and auditors of the company, and satisfy themselves that the company has the appropriate governance in place to protect its interests. While the board is responsible for overseeing management’s implementation of the company’s strategy, day-to-day decisions are made by management (the executive team). These principles hold for both privately held and publicly listed companies; however, publicly listed companies may have additional requirements from the local stock exchange. In addition, the diversity and degree of activism of shareholders also influences the level of shareholder/investor engagement.
Board members/directors have fiduciary responsibilities which are generally broken down into a duty of loyalty and a duty of care. The duty of loyalty requires a director to act in the best interests of the company, act with the utmost good faith and avoid conflicts of interest. The duty of care requires the director to act with diligence, care and skill; this is often referred to as the ‘business judgement rule’.
The core roles and responsibilities of a board and individual directors in setting and overseeing the E&S and BI agenda of a company include:
Steers and sets strategic direction
Sets risks and tolerance materiality
Approves policy and planning
Oversees and monitors
Ultimately, the board should be comfortable that the company has in place:
4.1 General advice
Oversight commensurate with level of risks and impacts
The board and management should be clear about the company’s risk thresholds and tolerances. If the company has a robust risk identification and management process, which adequately accounts for E&S and BI matters and stakeholder views, the material risks should be evident. There also needs to be a clear understanding of how strategic business decisions may impact the E&S and BI practices and performance of a company and conversely, how these issues influence strategic business decisions. It is therefore important to consider the E&S and BI risks and issues across the entire supply chain in assessing the impacts of a decision, operation or activity.
There are certain factors to consider in assessing the level of risk and potential impact. While taking these into account, it’s important to focus on the quality of governance over the quantity, and recognise that governance is a process of continual learning and improvement – there’s no perfect model.
Some of the factors to consider in assessing the level of risk associated with a company and, therefore, the appropriate system of oversight include:
|Size/complexity||Culture and societal dynamics|
|Vision and strategy||Emerging sector/industry trends|
Investor/lender requirements and shareholder rights
|Capacity/access to skills and resources||Local legislative requirements or voluntary codes|
Material risks (legacy, current and future)
Listing rules and regulatory requirements
|Market economics and outlook; Political and regulatory stability|
Oversight versus implementation
The board’s primary role is one of oversight. It needs to be comfortable that the company’s risk management and controls are sufficient to ensure compliance and sound stewardship of the company’s core business and assets. The board’s oversight of E&S and BI issues is reflected in the strategy and policies drawn up by the board. As the board approves policy (under recommendation from management), they must have the right skillset to understand the implications of the policy for the business. Their scope of oversight on E&S and BI issues must therefore be well-defined, comprehensive and encompass the entire value chain/product life-cycle and company’s jurisdictions/areas of operations. This may sometimes be articulated in the board’s mandate or documented separately in a charter (or similar).
Based on the policy approved by the board, management is typically tasked with implementing mandatory standards and procedures which support policy objectives, especially internal and external communication. These policies and processes are usually endorsed by the board too. Management is also responsible for implementing and executing the strategy in accordance with policies and plans, which are overseen and supervised by the board.
4.2 Elements of a board E&S and BI oversight framework
When considering issues of composition and structure in E&S and BI oversight, it is important to bear in mind ‘quality over quantity’. Diversity in its broadest sense has proven to be a critical factor in improving not just the quality of a company’s leadership and decision making, but also its overall financial and ESG performance. Diverse skillsets and experiences help boards to more effectively discharge their oversight obligations, avoid ‘group think’ and, when necessary, provide robust counsel on ESG issues and other matters. The Organisation for Economic Co-operation and Development (OECD) and the Association of Chartered Certified Accountants (ACCA) have both made efforts to address the need for diversity in board composition. The OECD revised its Principles of Corporate Governance in 2015 and ACCA has included board diversity in its course syllabus. Diversity can include:
When operating in different markets, boards need to be sensitive to the ethnic mix in their geography. Having a diverse representation of different ethnicities in their geographies allows boards to better understand stakeholder claims, particularly those of their consumers, and therefore make more informed decisions. The same applies to the need for female representation on a company board.
Female board members have been proven to contribute to increasing the financial performance of companies. For example, in sectors where women are often the largest consumers – such as healthcare, automobiles, home improvement products and consumer electronics – boards benefit from the additional consumer perspective of their female board members. Female board members also help to challenge and steer discussions, often have strong relationship-building skills and have been shown to act in the interest of shareholders, and make fair and ethical decisions. They also act as role models for employees, which can positively affect employee performance. Having female representation on a board also positively affects corporate reputation. Companies such as Safaricom, MTN, East African Breweries and Sasko have been recognised as admired brands by Brand Africa 100 for having more than 30 per cent female representation on their respective boards.
Regulators have also begun to take note of the importance of diversity, particularly female representation, and are encouraging company boards to become more diverse. In 2013, the Central Bank of Nigeria issued a directive requiring that 30 per cent of board positions in Nigerian banks be reserved for women. In India, the law mandates the presence of at least one female director. In Norway, a recent law bases quotas on the size of the board which, in 2016, saw an average of 42 per cent female board representation achieved.
It is important to avoid tokenism when looking at diversity on a board. In certain circumstances, a quota requirement can be an effective way to encourage and benefit from diversity. However, it can lead to non-merit-based recruitment which can critically affect the profitability of a company and render a board ineffective. Quotas without a significant-enough strength in number or without qualified candidates can also negatively impact the dynamics of a board, especially if a forward-thinking attitude is not adopted and board members are not accepting of the new directors. To address the issue of tokenism, fund managers should address diversity from a strategic perspective rather than from a compliance standpoint. Adopting a merit-based recruitment selection based on a 50:50 male to female candidate ratio, broadening the assessment criteria in which candidates are selected, tapping into female business networks and building a pipeline of next generation female leaders, are ways fund managers can financially and strategically benefit from the positive contribution that female diversity can bring to a board.
Typical E&S and BI oversight models are:
Full board oversight
A decision to oversee E&S and BI issues at full board level will depend on the size of the company and risk assessment of the issues. For smaller companies with limited capacity, E&S and BI issues will typically be included as an agenda item for the board meeting. The key to success is to tackle the issues head on.
Delegation to existing committee
When it’s decided that E&S and BI issues need to be discussed at sub-committee level and a separate dedicated committee is not needed, the usual practice is to delegate this to either the audit or risk committee with a mandate to oversee E&S and BI matters and report to the full board. The committee terms of reference should include its E&S and BI responsibility. The relevant committee would discuss the issues in more depth, provide feedback to the full board, and recommend approval of any policies by the full board.
A dedicated committee
When deciding to establish a dedicated committee, a sustainability, ESG or health and safety committee is established to provide oversight of E&S and BI matters and report to the full board (and other sub-committees when necessary). Dedicated committees can have an allocated budget and devote attention to particular ‘change agendas’ which would not be appropriate for a full board discussion. In some jurisdictions, it has become a requirement for certain businesses to have a dedicated committee. In South Africa, the Companies Act 2008 authorised the Minister of Trade and Industry to require companies that have an impact on public interest to have a Social and Ethics Committee.
Companies can establish a dedicated sustainability committee. However, the type of committee is less important than the scope and ambition of its mandate, which may include company-wide oversight of issues such as BI policy, E&S performance, sustainable supply chain management, and health and safety. While there can be overlap across committees, there are also distinct differences, for example, between audit, risk and sustainability committees. It is important to note that committees do not make decisions, but advise and enable the board to make better informed decisions. Decision-making authority and accountability remain with the board.
Things to consider when deciding on an oversight model for a company include:
Board capacity and competency
It is critical that the board has the right skills and competencies to effectively discharge its oversight obligations and provide guidance (when necessary) to the company on material E&S and BI risk management. Boards should have the expertise to understand the agendas and decision-making processes of key stakeholders, and include members who are familiar with emerging industry ESG trends, standards and benchmarks. Where necessary, a board should seek external expertise to support them in this role.
Information adequacy refers not only to the quality of information provided but the ability to interpret and understand the information. Management must raise E&S and BI matters at board level in a timely manner and in a format that the board can interpret and digest to accurately address E&S and BI matters. It is also important that:
Information presented to the board may include:
Oversight of regulatory compliance and business integrity
The role of the board is to:
The board and management also need to determine the company’s key anti-money laundering (AML) risks and oversee compliance with relevant AML regulations. The Anti-Money Laundering section of this Toolkit provides guidance on this.
Codes of conduct
An organisation’s code of ethical conduct is a critical tool in managing BI risks as it provides a clear benchmark for ethical behaviour; it guides and supports people in making decisions and carrying out their work in ways that are compatible with the organisation’s values.
For a code of ethical conduct to be effective, it must be promoted and championed throughout the organisation. Managers and staff, at all levels, must be provided with the necessary training and support, and the code must be supported by appropriate disciplinary and whistleblowing procedures. The ‘tone at the top’ should permeate through the organisation, and the code must be owned by all staff.
Each company should develop a code of conduct that suits the needs of employees and other associates in defining behaviours and addressing the risks, challenges and customs in operational areas. A code should also reflect the attributes of the specific industry.
A code of conduct can be a key step in establishing an inclusive culture, but it’s not a comprehensive solution on its own. An ethical culture is created by the organisation's leaders who manifest their ethics in their attitudes and behaviour. As the highest governing authority in the company structure, the board of directors plays a critical role. A company's leaders need to practise and demonstrate the values and guidelines in their code of conduct, providing positive, authoritative examples for employees to emulate. They also need to ensure the code is reviewed and updated regularly to comply with the applicable legal framework.
There is guidance on the process for developing a code of conduct but critical steps for the board and management to follow include:
Understanding stakeholder perspectives is critical to determining, assessing and managing key risks and issues. As such, companies must have an active interest in the views, concerns and perspectives of the company’s key stakeholders, including employees and those working across the supply chain. A company can proactively manage both current and expected stakeholder issues via a comprehensive stakeholder management strategy and plan.
It is the board’s responsibility to approve policies on stakeholder engagement and external communication. Management must therefore make the board aware of key stakeholder issues raised in engagement and consultation processes through agreed reporting structures and raise awareness of any major changes in the composition or views of key stakeholders. The board needs to provide guidance to management on the type of issues it would like to discuss.
Role of leadership and culture
Directors occupy important leadership roles in an organisation and quite often within the broader industry. Establishing the culture, values and ethics of the company is a central part of the board’s mandate. It is also important to recognise that good corporate governance depends on the personal integrity of those on a board and in management. Directors, individually and collectively, must ‘set the tone’ at the top – leading by example and ensuring that good standards of behaviour permeate all levels of the organisation.
Fostering a culture of mutual respect and trust is another critical success factor – trust among the board, between the board and management, and externally with stakeholders. Openness between non-executives and executives is essential, with confidence that information is openly shared and differences of opinion are discussed and resolved in a collegiate manner, making sure the vision and values truly permeate the company.
Monitor and review
Poorly managed E&S and BI issues can result in crisis situations, leading to changes in the company’s management, culture and financial well-being. Managers and the board need to understand these risks and how they impact the business model. Once the material risks of the business have been identified and thresholds set, the board and executive management can then decide how they are monitored and reported on an ongoing basis.
As the operating context and the process of managing E&S and BI risks evolves over time, it is important that both current and future risks are accounted for and regularly reviewed. Companies often fall short during periods of major change, such as mergers and acquisitions or divestment. Investors will typically also have an interest in a company’s preparedness for the known and unknown.
A company must adopt an active approach to managing E&S and BI issues. It is best practice to have a quarterly report on key E&S and BI metrics from the internal audit, compliance and risk functions to the relevant board committees. Following the discussion at committee level, the full board can then be updated on key issues, especially those requiring approval or follow-up. Companies also need to have a mechanism for flagging key issues which can affect a company’s short- and long-term performance, reputation and ultimately value to relevant committee chairs and board chair for inclusion in the main board meetings.
Another function of the board is to approve company policies. Policies are one of the mechanisms via which compliance is assessed, specifically where a company may have a contractual, legal or regulatory obligation towards E&S performance standards or BI practices. It is therefore important that a system is in place for the continuous review and monitoring of policies and performance. Integrating sustainability performance data into executive-level scorecards informs decision making at the highest level, underpins robust leadership and helps to ‘set the right tone’ for the rest of the organisation. The board can also link remuneration to E&S and BI performance and integrate performance into ‘SMART’ key performance indicators. SMART indicators – specific, measurable, attainable, relevant and time-bound – help create accountability in organisations.
Guides to broader corporate governance and best practice
OECD Guidelines for Multinational Enterprises
In a global environment, it is important for companies to make sure they adhere to all relevant regulatory obligations. These guidelines provide a global context of a non-binding standard for responsible business practice.
Subsidiary board governance
When considering the effectiveness of board governance, it’s important to remember all aspects of a company’s business, which includes subsidiaries.
Institute of Directors’ Corporate Governance Code
Corporate governance has many definitions. The Institute of Directors provides a factsheet that discusses the definition of corporate governance and the legal framework around the concept, outlining the main principles of the UK Corporate Governance Code.
IFC Corporate Governance Progression Matrix
IFC provides a toolkit to help assess current governance in a company.
Ethics Resource Centre
Board members have a responsibility to act with diligence, care and skill, in the best interests of a company. The Ethics Resource Centre provides organisations with a platform to engage with peers and learn new insights into ethics and compliance.
Institute for Global Ethics
Directors have a fiduciary responsibility to act with a duty of care. The Institute for Global Ethics provides members with tools, frameworks and processes to help analyse ethical decision making and act accordingly.
UK CCAB’s guidelines
An organisation’s code of ethical conduct is a critical tool in managing BI risks. The Consultative Committee of Accountancy Bodies provides a guide for businesses on developing and implementing a code of ethical conduct.
IFAC’s guide Defining and Developing an Effective Code of Conduct
A company’s ethical code of conduct must be effective and implemented with the support of the board. The International Federation of Accountants provides guidance on developing and implementing a code of conduct in a value-based culture.
EY’s Global Code of Conduct
A code of conduct must reflect a company’s operating environment. The EY Global Code of Conduct provides an example of a company’s ethical framework forming the basis of its business decisions in its operating context.
Unilever Committee TORs
A company that has sub-committees must clearly state its terms of reference (TORs), which should include the scope of its E&S and BI responsibility. An example of clearly outlined TORs can be seen in Unilever sub-committees.