“Of course, I knew what was happening!” said the regulator with regard to a particularly sensitive concern. “I knew which of these companies was at risk. I was clear who was, and who was not responsible [referring to CEOs and chairs]. I knew what to do. But I am a regulator in the British system, which means that by the time I can act it is already too late.”
Possessing full insight, understanding what needs to be done and why, and yet experiencing a complete sense of helplessness is nothing new.
The Kakabadse Global Studies collection has reviewed thousands of organisations and boards, identifying that over 34% of private companies and third sector entities are left continually divided on organisational mission, vision and strategy.
The result of this is a counterproductive dynamic at the board and C-suite level. Equally striking is the degree of inhibition to raise uncomfortable issues at senior levels.
As chairs, regulators have to address ever greater complexities, but are also tasked with adhering to strict compliance requirements, which in turn does little to enable positive engagement when attempting to work through uncomfortable issues.
Despite this, the government has chosen compliance as the route forward following the recent establishment of the Audit Reporting and Governance Authority (ARGA), the regulator which succeeds the Financial Reporting Council (FRC).
Strengthening the audit process through greater compliance enhances the resilience of the company, or at least this is the supposition. In adopting the US Sarbanes–Oxley Act of 2002 (SOX) philosophy, the UK is pinning its hopes on greater trust being realised through stricter protocol enforcement.
However, SOX had absolutely no effect in holding back the financial crash of 2008, despite there being previously known deficiencies about the Lehmann Bros-sponsored subprime mortgage packages from as early as 1999.
The relationship between trust and compliance
It is assumed that more stringent compliance will enable the regulator to act more promptly and decisively than is currently the case. This is unlikely. Deficiencies in audit are not a cause, but more a symptom of the population’s diminishing trust in our institutions and government.
In reality trust has been eroded because of the insufficient attention paid to the generation and delivery of strategy. This is the point where the board and the regulator should be focusing their attention.
In fact, a brief overview of the major organisational collapses, from the 1980s onwards—including Barings Bank, Blue Arrow, Marconi, Enron, HBOS and Carillion—demonstrates a series of consistent characteristics:
- The board and management were intimately aware of the deficiencies of the strategy being pursued.
- Most board and executive directors did not confront the strategic deficiencies they were facing.
- Only a few top team members raised concerns, all of which were dismissed.
- A significant majority were able to accurately predict the demise of their entity, in some cases more than five years ahead of collapse. But still nothing happened.
Strategy shortcomings arise from an over-reliance on the CEO or chair’s favoured value propositions. With a greater focus on compliance, poorly-thought-through value propositions are likely to be relentlessly pursued without challenge, eroding trust even further.
A short history of trust
Trust is in short supply in modern-day Anglo-American governance. In 14th century England, people of wealth pursued a monopolistic hold on particular markets by persuading the monarch to issue them with a Royal Charter. Being awarded a Royal Charter required payment, followed by yearly dividends. Finally an exit fee would close the contract.
To ensure that the monarch’s interests were safeguarded, a crude oversight body—today termed the board—was formed to monitor the contract holder’s adherence to the agreement. The governance of the Royal Charter relied heavily on compliance, and this is the legacy we are left with today.
By contrast, European governance, reportedly founded in 1152 under the patronage of Pope Pius IV, encouraged stakeholder sensitivity in the oversight of townships, guilds, universities and villages of note, ensuring wealth-creation and its fair redistribution within the community.
Compliance was recognised as an inadequate tool to guarantee sustainable community care and so stewardship of medieval entities was vital to building trust. Sound business became intertwined with stakeholder enhancement.
A reluctance to intervene
Cue the regulator again. “I know how to help [referring to those companies in distress], but to do so would compromise my position as regulator.”
A reluctance to intervene has not been the experience of the Capital Markets Authority (CMA) of the Kingdom of Saudi Arabia (KSA). Instead the Commissioners (regulators) have learnt to combine the compliance and prosecution of rogue CEOs and chairs, with a stewardship approach designed to enable better company performance. All of this aims to build and strengthen trust with foreign investors. To date, the combined strategy of stewardship with compliance seems to be paying dividends for the KSA.
The Irish Charities Regulator has openly declared their values to be: engagement, transparency, fairness, proportionality and independence. Also clearly stated is the necessity for monitoring and compliance, alongside encouragement and facilitation to better engage with the sector.
The current debate emanating from the Office of the Scottish Charity Regulator (OSCR) acknowledges the necessity, but also the delicacy of balancing monitoring with advice and guidance. It is openly stated that sound guidance within set parameters enables each entity to avoid repeating past errors.
Governance requires oversight
The essence of governance, whether it is at an institutional or national level, is the exercise of oversight. It is the duty of guardians to realise greater value from the assets under their care than is currently the case. Value reflects hard factors, such as products or financial gain, and soft factors, including a service culture, community development, building trust and reputational defence.
The realisation of value through effective oversight over time has, and continues to, draw on the two vital levers of compliance and stewardship. The balance of these contrasting forces hangs on the delicacy of discretionary judgment, which in turn shapes engagement through misalignments, and in doing so builds or undermines trust. Trust requires this continual and dynamic balance on a circumstance-by-circumstance basis.
To be clear, trust cannot be built by compliance alone. Compliance only provides a basic foundation which prevents trust eroding further. Today’s pressures centre on realising sustainability, ESG, performance-related goals and enhancing stakeholder interaction. Despite this, we seem to have fallen into the trap of relinquishing essential stewardship while embracing control.
How compliance can hinder trust
Compliance reaches an extreme level when taken in the context of today’s suggestion that ARGA might even address the softer side of organisational and sector function, specifically through the shaping of culture and the positive development of people, teams and interpersonal dynamics.
History has shown us repeatedly that focusing exclusively on compliance enforces political correctness, which then hinders the building of trust and disables key governance mechanisms from raising relevant concerns.
“I really did know what to do, but to publicly state that would force the response of ‘Well, then do it’, and should I have acted too early my time as regulator would be over. So what should I have done?” This is the ongoing dilemma of the regulator.
Denied access to stewardship, the regulator is constrained. A visible lack of prompt action results in the regulator being accused of second-rate performance and not being a member of a recognised profession.
A cursory glance over recent regulators, shows these people to be predominantly:
- of considerable talent and experience
- of high IQ and perfectly capable of accurately identifying trends, despite confusing and conflicting multitudes of data
- of high moral worth and able to navigate through complexities
- individuals who are often restricted by a deeply ingrained mind-set which relies on compliance, inadvertently spawning a no trust culture.
Regulators who are averse to intervention, especially when strategy is being derailed, leave us with little more than light touch oversight, ultimately reliant on the firm self-regulating within an already dubious culture of increasing compliance. The need for stewardship has become deeply evident, but instead the UK has piled an overwhelming amount of additional and expansive protocol onto an already top heavy system of compliance.
It is little wonder that transgressions continue to occur, ranging from relatively small misdemeanours, all the way up to scandalous, organisational collapse. Throughout this chain of unnecessary circumstances the regulator, board and C-suite watch on, fully aware of the situation as it unfolds. Unless something changes, and fast, we must await the outcomes of the ARGA initiative with trepidation.
Andrew Kakabadse is professor of governance and leadership at Henley Business School.