Latest Blogs from SBS and Company LLP

    Corporate Governance Perspectives And Role Of Internal Auditing


    Corporate Governance is a multi-faceted subject and trying to comprehend in a concise definition. The central theme of corporate governance is to integrate sound management policies in the corporate framework in such a manner to bring economic efficiency in the organization in order to achieve twin goals of profit maximization and shareholder welfare. Few comprehensive definitions on Corporate Governance are discussed below.

    “Corporate Governance is the way a company is organized and managed to ensure that all financial stakeholders receive a fair share of the company’s earnings and assets.” - Standard and Poor

    "It is a system by which companies are directed & controlled." - The Cadbury Committee U.K.  


    If we look at the corporate history which includes several frauds and scams further from investigation results the regulatory bodies were able to highlight control failures that had allowed several major corporations to make illegal payments and siphon the money which should have been used for purpose of business. Lack of regulatory measures from authorities as an adequate response to check them in future gave birth to COSO ( Committee of Sponsoring Organization). Sarbanes – Oxley  Act, 2002 (SOX), was introduced which made a sincere attempt to address all the issues associated with the corporate failure to achieve quality governance  and to restore investors confidence. The most critical aspect of SOX  is that it makes clear that Company's senior officers are responsible for the corporate culture they create and must be faithful to the same rules they set out for other employees.

    The scope of Corporate governance

    Corporate governance instills ethical standards in the company. It creates space for open dialogue by incorporating transparency and fair play in strategic operations of the corporate management. The significance of corporate governance lies in :

    • Accountability of Management to shareholders and other stakeholders
    • Transparency in basic operations of the company and integrity in financial reports produced by the company
    • Component Board comprising of Executive and Independent Directors
    • Adherence to the rules of the company in law and spirit
    • Code of responsibility for Directors and Employees of the company

    Internal Audit roles:

    As organizations address the growing array of risks created by new technology, geopolitics, cybersecurity, and disruptive innovation, a vibrant and agile internal audit function can be an indispensable resource supporting sound corporate governance. Internal audit assures by assessing and reporting on the effectiveness of governance, risk management, and control processes designed to help the organization achieve strategic, operational, financial, and compliance objectives.

    It is best positioned to provide assurance when its resource level, competence, and structure are aligned with organizational strategies. It can do this best when it is free from undue influence. By maintaining its independence, internal audit can perform its assessments objectively, providing management and the board an informed and unbiased critique of governance processes, risk management, and internal control. Based on its findings, the internal audit recommends changes to improve processes and follows up on their implementation.

    Functioning independently within the organization, internal auditing is performed by professionals who have a deep appreciation of the importance of strong governance, an in-depth understanding of business systems and processes, and a primary drive to help their organizations succeed.

    Internal audit provides insight by acting as a catalyst for management and the board of having a deeper understanding of governance processes and structures.  Internal audit insights on governance, risk, and control provoke positive change and innovation within the organization. It inspires organizational confidence and enables competent and informed decision making.

    Internal audit can add value by providing advisory and consulting services, intended to improve governance, risk management, and control processes, so long as internal audit assumes no management responsibility. This is vital to maintaining internal audit’s objectivity and avoiding conflicts of interest.

    Role of Board and Audit Committees

    The board establishes structures and processes that define governance within the organization, taking into consideration the perspectives of investors, regulators, and management, among others. The board oversees and monitors the company's strategic, operational, financial and compliance risk exposures, and it collaborates with management in setting risk appetite, risk tolerances, and alignment with strategic priorities.

    A corporate governance practice for listed companies – sometimes mandated -- is to use audit committees to provide strengthened oversight of the financial and ethical integrity of publicly held companies. The audit committee, made up of independent directors, can significantly strengthen the independence, integrity, and effectiveness of audit activities by providing independent oversight of the internal and external audit work plans and results, assessing audit resource and qualification needs, and mediating the auditors' relationship with the organization. Audit committees also ensure that audit results are discussed, and any recommended improvements or corrective actions are addressed or resolved.

    Ideally, internal audit should report functionally to the board or audit committee and administratively to management.

    Recent Corporate Governance Issues in India

    Promoters have considerable leeway to siphon corporate resources away from the minority shareholders via skewed contracts with related companies and undeserving pecuniary benefits for promoters. The focus of the boards in such promoter companies that are ubiquitous in India must be to ensure that minority shareholder rights are not trampled upon. 

    Unfortunately, in practice, returns to the minority shareholders depend on the benevolence of the promoter. If the promoter needs to return to the equity markets and adequately weighs the shadow of the future, minority shareholders receive natural protection. Independent directors represent the interests of minority shareholders. However, as was observed in the Tata case, these directors normally toe the promoter's line. In exceptional circumstances when they do not, even some powerful and well-connected Directors can be dismissed because of promoters ‘control' on the Annual General Meeting. Such events have a chilling effect on the ‘independence' of directors, as it reiterates to everyone the power of promoters in India.

    Issues affecting Corporate governances’ practices in India:

    1. Getting the Board Right

    The law requires a healthy mix of executive and non-executive directors and appointment of at least one woman director for diversity. There is no doubt that a capable, diverse and active board would, to a large extent, improve governance standards of a company. The challenge lies in ingraining governance in corporate cultures so that there is improving compliance "in spirit." Most companies' in India tend to only comply on paper; board appointments are still by way of "word of mouth" or fellow board member recommendations. It is common for friends and family of promoters and management to be appointed as board members. Rating of board diversity and governance practices and publishing such results or using performance evaluation shall be the minimum benchmark for director appointment. 

    1. Performance Evaluation of Directors

    Performance evaluation of directors has been part of the existing legal framework in India; it caught the regulator's attention recently. SEBI, India's capital markets regulator, released a 'Guidance Note on Board Evaluation' in January 2017. This note elaborated on different aspects of performance evaluation by laying down the means to identify objectives, different criteria, and method of evaluation. For performance evaluation to achieve the desired results on governance practices, there is often a call for results of such evaluation are made public.

    1. Directors Independence

    Independent directors' appointment was supposed to be the most significant corporate governance reform. However, 15 years down the line, independent directors have hardly been able to make the desired impact. The regulator on its part has, time and again, made the norms tighter – introduced comprehensive definition of independent directors, defined a role of the audit committee, etc. However, most Indian promoters design a tick-the-box way out of the regulatory requirements. The independence of such promoter appointed independent directors is questionable as it is unlikely that they will stand-up for minority interests against the promoter. 

    1. Removal of Independent Directors

    Under the law, an independent director can be easily removed by promoters or majority shareholders. Independent directors have been generally criticized for playing a passive role on the board, instances of independent directors not siding with promoter decisions have not been taken well – they were removed from their position by promoters. This inherent conflict has a direct impact on independence. Earlier this year, even SEBI's International Advisory Board proposed an increase in transparency about appointment and removal of directors. 

    1. Executive Compensation

    Executive compensation is a contentious issue especially when subject to shareholder accountability. Companies have to offer competitive compensation to attract talent. However, such executive compensation needs to stand the test of stakeholders' scrutiny. Presently, under Indian law, the nomination and remuneration committee (a committee of the board comprising of a majority of independent directors) is required to frame a policy on the remuneration of key employees. Also, the annual remuneration paid to executives is required to be made public.  

    1. Responsibility to Stakeholders

    Indian company law, revamped in 2013, mandates that directors owe duties not only towards the company and shareholders but also towards the employees, community and for the protection of the environment. Directors independence has to be supplemented with greater duties for, and accountability of directors. Although these general duties have been imposed on all directors, directors including independent directors have been complacent due to lack of enforcement action. To increase accountability, it may be a good idea to require the entire board to be present at general meetings to give stakeholders an opportunity to interact with the board and pose questions.

    1. Risk Management

    Today, large businesses are exposed to real-time monitoring by business media and national media houses. Given that the board is only playing an oversight role on the affairs of a company framing and implementing a risk management policy is necessary. In this context, Indian company law requires the board to include a statement in its report to the shareholders indicating the development and implementation of risk management policy for the company. The independent directors are mandated to assess the risk management systems of the company. For a useful governance model, a vigorous risk management policy which spells out fundamental principles and practices for mitigating risks in day-to-day activities is imperative. 

    1. Data protection and confidentiality

    Privacy and data protection is an important governance issue they are the critical aspect of risk management. In the digitalization era, a sound understanding of the fundamentals of cyber security must be expected from every director. Good governance will be only achieved if executives can engage and understand the specialists in their firm. The board must assess the potential risk of handling data and take steps to ensure such data is protected from potential misuse. 

    1. Corporate Social Responsibility

    India is one of the few countries which has legislated on CSR. A board should manage CSR projects with as much interest and vigor as any other business project of the company. Companies meeting specified thresholds are required to constitute a CSR committee from within the board. This committee then frames a CSR policy and recommends spending on CSR activities based on such a policy. Companies are required to spend at least 2% of the average net profits of the last three financial years. For companies who fail to meet the CSR spend, the boards of such companies are required to disclose reasons for such failure in the board's report. During the last year, companies which failed to comply received notices from the ministry of corporate affairs asking for reasons why they did not incur CSR spend and in some cases questioning the reasons disclosed for not spending. In these circumstances, increased effort and seriousness by the board towards CSR is necessary.


    Companies Act, 2013 and SEBI's listing obligations and disclosure requirements regulations have contributed significantly in strengthening governance norms and in increasing accountability by way of disclosures. Internal audit strengthens corporate governance through risk-based audits that provide assurance and insights on the processes and structures that drive the organization toward success. As risks grow and become more complex, internal audit’s role is likely to expand in areas such as risk governance, culture and behavior, sustainability, and other nonfinancial reporting measures. For achieving desired results, it is essential that regulatory measures are modeled based on the practices and business environment in India.

    Looking for suggestions?

    Subscribe SBS AND COMPANY LLP updates via Email!