Unlocking the Code: What do the changes mean for you? Continued...

Here we consider another of the changes appearing the new UK Corporate Governance Code.

Risk Management and Internal Control

A new, clearer statement of a board’s responsibility relating to risk is laid out in Main Principle C.2:

The board is responsible for determining the nature and extent of the significant risks it is willing to take in achieving its strategic objectives. The board should maintain sound risk management and internal control systems.

This idea is expounded in provision C.1.2 which states:

The directors should include in the annual report an evaluation of the basis on which the company generates or preserves value over the longer term (the business model) and the strategy for delivering the objectives of the company.

In other words, by setting out in layman’s terms the company’s strategy for generating long term value, a company can illustrate to investors, and other readers of the report, how the board has applied the new principle on risk.

The Code’s publishers, the Financial Reporting Council (FRC) have stated that it was not their intention to “promote particular methodologies for dealing with risk”; boards must merely recognise that it is their responsibility to consider how much risk the company can bear and how willing it should be to take risk on.

It makes sense to include this description in the same part of the annual report as the Business Review. This will not require a major change in reporting practices for most companies. Those that are properly applying the Accounting Standards Board’s voluntary Reporting Statement on the Operating and Financial Review will already be providing this information. See the Reporting Statement for detailed guidance on how this provision can be complied with.