Clean. Simple. 100% Finance.

Archive for the ‘fraud’ Category

Governance @ Distance

In board members, corporate governance, Finance, fraud, General, Management, Uncategorized on April 5, 2019 at 1:12 pm

CorpGov.jpeg

Transparency, higher commitment, and independence are buzz words for good corporate governance. The role of independent directors plays an important role in Corporate governance to keep an eye on the board activities to flag off non-promoter group issues. However, the challenge is neither the independent directors get appropriate compulsory training to understand their roles and responsibilities in an organisation nor the appropriate data promptly to act upon effectively. Board has a limited duration to understand and reflect on issues. Sometimes the independent directors are from different industries and are not able to understand the context and indulge in granularities, though, diversity of thoughts may add significant value. Governance at distance is often seen where the board chairman leads the discussion and independent directors often distant from reality less engaged in a discussion.

According to recent Board Practice Report by Deloitte Centre for Board Effectiveness and Society for Corporate Governance, almost 80% of board members think that their primary focus is on company strategy, 42% attributes risk oversight as important and 29% focuses on board selection. To sum up, strategy formulation, risk oversight and board selection are three important roles of board. In this blog, I will talk about the issues related to the first two.

In the current business environment, the markets are turbulent more than ever. World over, not only regulators, every stakeholder such as partners, and creditor are accusing board if anything goes wrong in governance. Social media and newspapers have abundant stories of poor risk governance. A board strategy cannot be the same in normal, turbulent and crisis situations. Strategic change has become important for companies. Punjab National Bank (PNB) in India has recently faced one of the biggest frauds in history, and within a short period, the company’s board needs to change the strategy of the company to address the crisis. Not only the fraud affected the PNB strategy, but it also impacted the strategy of other banks in India and the global market. The strategies perfectly working in normal market conditions may not work in crisis situation. Are companies’ board trained and prepared to handle how to change the company’s strategy in normal, volatile and crisis situations?

Post-2008 crisis, the role of the board in enterprise-wide risk oversight has become challenging. No specific training is provided to the board to refresh their knowledge on the subject. Many companies still don’t know what are their key risks and issues in the management of risks. Surprisingly, directors don’t know their roles and responsibility in risk oversight. Understanding the inter-connectivity of risk is the next big challenge, and a very few companies are able to link risk management with strategy and compensation system. How the board of directors perform their duty in overseeing the executive decisions and how compensation structures and practices drive an executive’s risk-taking. Many such questions need to be answered.

Let us understand the logic of why the understanding of risk is paramount for the board for effective corporate governance. Shareholders want a higher return for higher risk and vice-a-versa. One of the roles of the board is to define the risk appetite (the amount and extent of risk the company is willing to take as promised to shareholders) in the company. The informal approach of risk management will bring several surprises in the organization and may hinder the fulfillment of organisational objectives. To deal with the situation, the board needs to effectively oversee the organisation key risks holistically and disclose them to shareholder at appropriate times so that value at risk can be calculated. The only quantification of risk exposure will not suffice; the quality of risk-taking directly impacts the profitability of a company. Quality of risk profile also needs a significant attention. Balancing the risk while adding value to the organisation is only possible when risk management is well understood by board, implemented in a formal way and linked to the organisational strategy.

I strongly believe that the board should get a refresher course or a certificate course to carry out their duties effectively. Governance at a distance is not working. Categorization of risks in market risks, operational risk, and strategic risk has become bizarre and mundane.  Helicopter view of risk for oversight has become unacceptable as stakeholders want to understand what were the key risks of the organisation last year, whether risks are increasing or decreasing and the reasons behind them. Higher interaction and participation of the board by probing questions will certainly enhance the current state of governance. Higher engagement of the board is the key to good governance.

Advertisements

Understanding ‘Conflict of Interest’ is need of hour in India

In Banking, corporate governance, fraud, Insurance, Legal, Management, Uncategorized on December 23, 2018 at 3:57 am

100shares

I was not really shocked to read another issue of conflict-of-interest for Bank of Maharashtra after Chanda Kochhar case at ICICI Bank. Conflict of interest issues has been discussed for several years in news and media. Banking than insurance industry have more examples to such nature, though in the government we have seen examples where lawmakers have taken up roles resulting in the conflict-of-interest. This is because Insurance regulator in India has mentioned it specifically in Corporate Governance Guidelines that Conflict of interest and nature of interest should be defined, yet banking regulator is lagging behind. RBI guidelines indicated that there should be no conflict of interest but do not indicate ‘how to identify and take actions’ for such activities. Conflict of interest arises when a board member takes the strategic decision considering personal interest. Board members of all significant MNC’s in the global market place have to sign either ethical framework/Compliance guidelines or follow conflict of interest policy.

There is a desperate need of Conflict of Interest policy for Indian banking system. Ideally, it should be at all levels in the organisation  from managers to board members. For example, In some cases in India, bank managers are receiving more incentives than their salaries for selling insurance policies which divert their attention from selling banking products. Technically, insurance policies are sold by both banks and insurance companies while banking products are not even sold by their core employees, why? Why not introduce reverse bancassurance where insurance companies can also offer banking products. The reason is ‘KYC’. Some practitioners argue that banks know their customer more than insurance companies. Others argue that in a bank, customers receive money, while in insurance companies they pay money. The differentiation in the quality of agents between banks and insurance also sets the increased expectations. In a bank, a top MBA graduate joins as manager while in insurance companies they do not pay such salary at managerial level. Instead, I saw a reverse trend of hiring graduates in banking following insurance industry to lower the cost.

How do banks promote their products when half of the time banking executives spend on selling insurance? They cannot ignore banking services but what they can easily overlook is controls. Another conflict of interest arises related to favoritism by CMD of banks or CMD of insurance companies: who can question them. In case of banks, it could be a case of favouritism in granting new loans or extending the existing loans which may, later on, turn as NPA while in case of insurance companies, it may be a market investment to gain personal benefits.

What is a Conflict of Interest Policy?

A Conflict of Interest policy can be prepared by the Corporate legal department and must be signed by all board members at the first organizational board meeting. It should be mandated that no board member should be allowed to serve without signing this policy. It includes fiduciary duties (considering organizational interest for financial and legal matters), the duty of loyalty (putting board responsibilities for outside interests), and duty of confidentiality ( keeping how key business will deal with private information). Moreover, it should define the key definition about ‘interested person’ and ‘financial interest,’ duty to disclose and procedures for addressing conflict of interest for board and individuals. The process of deriving reasonable cause to show the violation of conflict of interest should also be discussed. Some questions like how compensation of director will impact the board quality of discussion. There is a requirement of the annual review of conflict of interest policy, the disclosure of outside interests and re-signing of the policy.

Worldwide, Conflict of Interest issue is not resolved in good faith. Recently, I have met Group CROs and senior executives of German Insurance Companies and regulator. The regulatory board in Germany and their staff have to sign an ethical framework compulsorily. The logic behind signing an ethical framework is that every employee in the organization takes the responsibility of disclosure of conflict of interest. This also depicts their promise of not engaging in any such activity. Thus, conflict of interest can be reduced by promoting a cognitive risk culture where everyone understands the risk of conflict of interest and their associated role in dealing with the risks.  India may follow German market for good practices to deal with the emerging issue of ‘Conflict of Interest’.

comments welcome !

An Organisation Risk Pendulum

In crime, fraud, Risk Management on September 9, 2017 at 7:17 am

“Risk is often misinterpreted as a bad thing; however, it is not. Business needs risk to grow and thrive. Understand it, take risks which help you fulfilling your purpose. The key question remains how to balance risk pendulum in the organizational life”.

riskpeshark-pendulum-clock.jpeg

If your company offers a unique product, any risk which provides a value to the product or customer is worth considering, however, the proportion should not be increasing 50% risk for a minuscule value to the customers. Think twice whether you are capable of handling enhanced risk for value creation. If you are unable to handle it, build capacity and then take the proportionate risk. On the other side, some risks are inherent in the business. For example, fraud risk. You will be surprised to know that fraud risk is often considered strategic risk. Tightening of controls in the business may be considered as a constraining activity in short-run but imagine in the long run, employees say that these frauds happened under the nose of senior management and question their integrity? What is the relevance of board, risk management team, auditors and audit committees in such instances?

A country with negligible crime rate (i.e. Dubai) attracts high investments while a country (i.e. Nigeria) with relatively very high crime rate has to struggle in inviting investors. Do controls play a positive role in business? Yes, it not only reduces the risk but also provides efficiency to the business with a potential of strategic advantage.

Many of us heard that after 2008 crisis, some large organisations are reluctant to take further risks. Does it mean they are over-matured and declining, or markets are exhausted, or they have just become risk averse for some period? This shows how a crisis impacts the speed of the Organisational Risk Pendulum. When the speed is low, what these organisations do – sit idle, focus on weakest links in organisational process or improve their strength in one or two core domains or simply learn from others mistakes. Over and above this, some companies wait for the crisis to occur because they are expert in dealing with crisis situations. For example, Business Continuity experts get maximum business after a crisis. Enterprise Risk Management and Risk Governance experts do the same, many consulting and credit rating companies take over the customers and markets. A more generic example is a doctor. When a pandemic spread in the society, doctors suddenly become highly in demand. It is clear that investment in risk management enhances the organisation capacity to maintain the speed of organisational risk pendulum during the crisis while it provides confidence to retain the speed in normal and volatile market situation.

Another key question arises How to drive your organisation at a speed to maintain an equilibrium between the risk of riskiness and risk of safety? What is right – Riskiness, stability, survival?

I believe all are important as Enterprise Risk Management (ERM) by definition maintains a balance in downside and upside of risk and uncertainty and considers all risks holistically. Knowing your organisational risk at integrated level provides a strategic direction to the company. Don’t wait. Know what you don’t