Episode 12 - Individual accountability beyond financial services

Nasdaq empowers business leaders with technology and intelligence to innovate, grow and stay ahead of the changing markets. We offer an integrated suite of market intelligence, analytics, and collaboration solutions that support corporate executives, investor relations, and governance professionals around the globe. https://www.nasdaq.com/solutions/governance

JB: Thanks, Rachael. My role at Nasdaq is to lead Board Advisory in Europe, Middle East and Africa for Nasdaq. That focuses on things such as board evaluations and other key processes such as succession planning with which we support our clients and partners. I'm also the lead for Nasdaq Center for Board Excellence in the region, which is our focus on building community and developing thought leadership around good governance.

My background is governance advisory with a big spike in financial services and that's why we're talking about individual accountability today. Individual accountability is the concept of defining and communicating senior individuals’ accountabilities, i.e. those things where the buck stops with them. Under these kinds of frameworks, organisations can refer to delegated responsibilities and governance constructs like processes and committees, but they seek to identify the individuals ultimately responsible for certain key matters. Those matters may be things like defining or implementing the organisation's desired culture, for its financial system controls, or for overseeing risk.

As I alluded to, as a concept [individual accountability] started in financial services. Those people listening [who are] working in financial services organisations in the UK would be very familiar with the UK’s framework applied by our two regulators ¬–– the Prudential Regulation Authority (PRA) and the Financial Conduct Authority (FCA) – which is called the Senior Managers and Certification Regime, or SM&CR for short.

As a concept, [individual accountability] started in the UK and it was designed as a means to hold senior people to account and to help external stakeholders, primarily the regulators initially, to understand how the company operates. Globally, now, there's an increasing move in this direction in financial services from Australia to Ireland, Singapore, to Hong Kong.

I recognise this can seem a bit dry if you're at a tech firm or a fashion retailer. But lessons [learned] over recent years from the implementation of SM&CR pose the question of whether there are broader benefits to the approach or elements that could be proportionately applied to organisations of different sizes and natures. I deliberately emphasise the word proportionately there because I don't want to advocate regulation for its own sake or gold plating where that would be detrimental. The two main things it has driven is a sense of responsibility coupled with a strong degree of clarity. And surely that can't be a bad thing?

JB: I think that's a really interesting question because the regulatory regimes around the world that apply the concept, including in the UK, do typically apply the concept at board level, even though the concept’s genesis was driven by executive accountabilities. So surely, it is fundamentally at odds with the concept of collective accountability of boards.

When the concept was first introduced, there was a huge amount of debate led rightly by the legal profession about whether this was the case. The regulators were [of the view] that applied as it was to individual accountability at the board level [it] was complementary to collective accountability. Happily, I think after a few years, I think we're in about the seventh year since this was first applied to some very large and complex organisations, that seems to have been the case.

The way it applies at a board level is in certain positions on a board ¬– the chair, the senior independent director, the committee chairs – they undeniably have a specific role to play and de facto responsibilities. It's an established practice to develop role profiles for these positions. Individual accountability arguably provides a framework for communicating these [responsibilities] and also clarifying how they fit into broader governance.

For example, leading the relationship with the company's independent auditors would logically sit with the chair of the audit committee, as would oversight of the independence and performance of internal audit. So, that doesn't have any impact on collective accountability, that's just something that logically that individual would be taking the lead on due to their position as chair of the relevant committee. You can think about these particular responsibilities linked to what the organisation does, and how it's structured and who it works with. The list doesn't need to be exhaustive for different organisations and different stages in their lifecycle. This kind of construct can motivate organisations to know key responsibilities, and for individuals to consider how they fulfil those responsibilities, which then doesn't stop boards from still being collectively accountable for their decisions.

JB: Practically it means there's no impact on the way boards do their job. It just means that certain members of the board may be thinking about their own contributions, their own activities versus a defined list of things in addition to their day-to-day role on the board, but it may be no more than one or two.

JB: I think that will probably go back to the reflections on how individual accountability as a concept has been rolled out in the firms that it has been rolled out to. These are financial services firms, but of various types. You could have an investment bank on one hand and a local credit institution in a region on the other hand. Or a credit card company versus a building society versus an insurer versus an asset manager. They're all very different organisations with different strategies and business models and different customer demographics.

Feedback appears to be that there is real value overall in the concept: in helping them to communicate how things work as an organisation, in helping individuals to organise their time and efforts, and in recognising where improvements could be made. The organisations subject to these kinds of requirements seem, in my experience, and those of my colleagues, seems to be overall positive, even though when it's applied as a regulatory regime it's obviously a huge headache and it's a compliance issue as much as anything else. But conceptually, it's adding value.

Feedback from external stakeholders: regulators, shareholders, external advisers like me, customers where things are disclosed on websites, for example, it's even more positive. So simply, it aids transparency. It enables individuals to understand the organisation better, to understand individual roles better, and that transparency enables comfort and confidence in an organisation. From the firm's point of view, that should lead to fewer awkward questions and demands from external parties where they've already clarified this upfront, and they’ve shown that they're on top of it.

JB: As with everything in governance, it’s sensible to start by thinking about what you have and where you can improve. All organisations are constantly evolving, and the good ones want to continuously improve. The concept of individual accountability, as it's typically applied, contains a list of things that need accounting for, an understanding of how those things fit into the governance and operation of the firm, and an account of how the related responsibilities are discharged. It's not just the ‘what’ but it's also the ‘how’.

Those considerations usually give rise to identification of potential blind spots for certain individuals and areas for improvement. Going through that process, they act as a spotlight on things that you'd rather know about now than know about when something goes a bit wrong down the line.

Another point to make [about] what's included, where we're talking about people having individual accountabilities, this wouldn't be a situation whereby you are changing the shape of the peg to fit the hole. What this should be doing is reflecting the way things work now. When you have individuals who may be allocated certain accountabilities per those examples I talked about earlier on with the chair of the audit committee, for example, that shouldn't come as a surprise. The chair of the audit committee is ultimately responsible for overseeing the relationship with the external auditor. It's not as if that's suddenly taking that responsibility away from someone else and then saying, ‘no, no, this now sits with you.’ You might do that if for some reason it did sit somewhere else and that wasn't very logical. But broadly speaking, it should be aligned to the governance structure of the organisation and therefore, if you are responsible or ultimately accountable for something, what this provides is a framework for how to think about that and check if there are any gaps, if there are any things to think about.

When considering the application, boards might commission a review, or a test, of how an individual accountability concept might apply at the organisation. Test some assumptions. A powerful way to do that can be scenario testing. Looking at, here's a bunch of responsibilities which are very important. [It should be undertaken at a] very high level [and of a] very limited number [of responsibilities]; these aren't exhaustive. Effectively saying, ‘if x happened, or if we were doing y tomorrow, how would that work? Who would make the decisions? Does everyone understand that? Does that individual know and are they comfortable with ultimately having that responsibility?’

JB: Absolutely, in fact, it started outside the boardroom, really. Regulators wanted to see which senior managers had what authority. By senior managers, I mean, executives. They wanted to encourage them to think whether they have everything they need, and do everything they should do, to meet that accountability and ultimately, in that particular case in financial services, to hold them to account if they failed in their duties.

Think of those banking CEOs during the financial crisis. Arguably, depending on how we want to frame it, how many of them were held accountable and ultimately punished for [their] decisions and actions? Think of the board's role in overseeing CEOs and their teams. Where there were oversights in the negative rather than the positive sense of the word, where there was any lack of clarity [about] who to go to or who should own an action. That's why board roles were included, but also why it's been so important in recent years for the responsibility for application of the concepts to sit with the board or a member of it. It all comes back to things the board is supposed to oversee. When boards think about which aspects of the concept they might want to apply, they should certainly look beyond the boardroom to extract maximum value because the model works when thinking about senior management structures but also it really does have validity around the board table for those certain roles as well.

JB: I think the two principal benefits would be transparency for all stakeholders, including the board, and clarity for individuals. The starting point, regardless of size and nature of the organisation, is coming up with a proportionate list of things that need an accountable owner. Then figuring out who those owners should be. Members of the board, other than those specific roles I mentioned, shouldn't have any, and some members of the senior management team might not have any, whereas others, like the CEO, might have multiple, for example. It's not a case of [saying] we have these things, we need to spread them out equally but rather, identifying really, how does this work and where does the buck stop? Some organisations will have many areas of accountability, particularly larger organisations, more complicated ones, or ones operating in regulated fields, such as pharmaceuticals, or energy, and some will have fewer.

The question then is, what to do once you've gathered that, what to do with that information once you've figured it out? How many should we have and how might we proportionately apply it? What do you do with the information that you have? There's two priorities in my view: generating an overall record for the organisation, the ‘who’, the ‘what’, the ‘where’ all in one place, and [generating] a record for each individual who's captured by it. That's the way it works in financial services, you have something called a management responsibilities map, which looks at the organisation, summarises all the information in one place, and then each individual has their own record, which clarifies to them, just like in a role profile, your job description, saying these are the things you're accountable for.

Where the real power is, is on the individual lens. Where it really adds value, and this is what I want to focus on, is beyond the, ‘here's a list of things, and here's who's accountable’, that's great, that adds clarity, but where the value to good governance can be added is when an individual asks three questions of themselves. One is, what am I accountable for? Let's get that list for me. It might be one thing and maybe ten things. Number two, how do I discharge my responsibilities? Including, who do I rely upon? What governance fora do I use? What other tools such as management, information, research do I use? Then number three, what evidence could I provide that I do all of those things? That's where you get those eureka moments sometimes with senior leaders, where they say, ‘I was comfortable that's what I was responsible for but actually as I've gone through this thought process, I don't know how I would demonstrate that I am ultimately accountable for that.’ ‘I don't know what I would show someone to say that I've done [it].’ Or, ‘actually thinking about it, I think I need to beef that up in order to make sure that I'm doing this properly.’ Or ‘this could save me time if I did it this way.’

You go through that real qualitative thought process, which then has a knock-on impact on the governance of the organisation where by definition, you're making improvements as you go, but it's driven by an individual's own lens, who can then figure out with the relevant parties, ‘if I did this, what knock on impact might that have?’ ‘How does that fit into the broader governance?’ It's literally pushing individual accountability into the organisation, pushing that responsibility for thinking about continual improvement into the individual sphere, rather than just thinking about it at the board and committee level.

Typically, company secretaries can be a really important individual in this process, sitting down with those individuals to walk through those questions that we talked about, kicking the tyres, identifying any gaps that need closing, and making the connections across the board where there might be themes emerging.

JB: I think the benefits I've already outlined probably speaks to that. It really is an embedding of a sense of accountability, sense of responsibility, and providing that clarity and transparency to others who maybe need to understand, internally or externally.

On the risk side, I'm probably going to read anyone-listening-to-this-podcast’s minds right now. It could be a lot of effort for little benefit, in theory, if we were playing devil's advocate. You could be essentially applying a regime on one's own organisation when there's 101 other priorities out there. But I would just say, that's precisely why it's important to think how it might best apply to the organisation, how broad and deep you might want to go.

Consider up front how it will work. Proportionality is important here. If elements of the concept of individual accountability, if the learnings from what's happened in the financial services world trickle down where you just pick and choose and say, ‘hey, actually, if we did that, that would actually add a little bit of benefit to us,’ that's fine. It's all in the concept of continuous improvement and maybe you prioritise certain elements of it and that adds real benefit. Then there's a longer-term approach as well.

It's also important to think through how much of a priority this might be versus other items on the agenda and when might be optimal timing to bring this concept in. It might be that this is something that you take note of but, given the board's agenda and strategic priorities over the next year or so, this isn't necessarily top of the list. But you can start to maybe bring a discussion to the board, bring it forward into people's minds.

JB: I think first things first, bring it up with the chair. See if this is something that the chair feels there could be any benefit to. Maybe bring it up with the CEO at the same time. Just talk through the concepts, how they might apply, what the benefits will be, some of the lessons learned, and then think through that [question of] prioritisation or proportionality. Bring it to the front of minds, there's no harm in discussing it. I think it's something that company secretaries can add so much value on in terms of picking up on these themes and feeding that through to the relevant leaders.

Secondly, depending on resource, depending on size of team, depending on level of interest, doing a discrete project within the team can be really useful within the company secretarial function. Appointing someone to do a bit of digging into what those lessons are from financial services. [What] the high-level pillars of the application of the concept have been and think through how they might apply. And maybe just do a little bit of a test. Say, ‘okay, if we applied this, would we know who that is? Would they know that it's them that's ultimately accountable here?’ Ask the questions that we talked about, what would I, or do I, do to discharge that responsibility? What would I show to show that I definitely have done it?

JB: Thanks Rachael, my pleasure.