An “adapted” UK Corporate Governance Code

01 June 2023

The FRC is consulting on changes to the UK Corporate Governance Code that would bring it more up to date and encourage more focussed reporting

The Financial Reporting Council (FRC) is consulting on changes to its UK Corporate Governance Code which, if implemented, would take effect for financial years beginning on or after 1 January 2025.

The proposed changes follow the Government’s 2021 white paper on restoring trust in governance and audit.

The UK Corporate Governance Code is a code of corporate governance aimed at larger listed companies with a listing in the United Kingdom. It operates on a “comply or explain” basis (see box “What is comply or explain?” below): companies apply the provisions of the Code, explaining why they have done so in a particular way, as well as any respects in which they have not applied them.

Strictly speaking, the Code (including its “comply or explain” approach) is voluntary. However, under the Financial Conduct Authority’s Listing Rules, premium-listed companies are required to apply the Code and explain any respects in which they deviate from it.

In addition, companies on the London Stock Exchange’s AIM market are required to adopt a corporate governance code and explain both how they comply with that code and any in respects in which they depart from it. Several larger AIM companies choose to adopt the UK Corporate Governance Code.

The FRC has asked for comments on the proposed changes by 13 September 2023.

We have set out the key points below, along with our thoughts at the end.

A familiar structure

The FRC is not proposing to change the overall structure of the Code, which will continue to comprise five specific sections, each divided into “principles” and “provisions”:

  1. Board leadership and company purpose
  2. Division of responsibilities
  3. Composition, succession and evaluation
  4. Audit, risk and internal control
  5. Remuneration

The Code will also continue to be supplemented by FRC guidance on audit committees, board effectiveness and risk management, each of which the FRC intends to update alongside the changes.

What is “comply or explain”?

In the UK, many standards operate on a “comply or explain” basis.

Examples include:

  • the UK Corporate Governance Code;
  • the QCA Corporate Governance Code for smaller and mid-sized traded companies;
  • the Wates Principles for very large private companies; and
  • the Recommendations of the Financial Stability Board’s Taskforce on Climate-related Financial Disclosures (the “TCFD Recommendations”).

An organisation that adopts standards on this basis is expected to apply those standards to the letter and to explain any respects in which it has failed to do so or has intentionally deviated from them.

An example of this is UK Corporate Governance Code Provision 10, which states (among other things) that the roles of chair and chief executive of a company should not be exercised by the same person. A company that adopts the Code is nonetheless permitted to install the same person as both chair and chief executive but is expected to explain (in its annual report) why it has done so.

Standards that operate on a “comply or explain” basis are, therefore, not strictly mandatory and there is no penalty for failing to comply with them. Historically, companies may have been able to choose whether or not to adopt a particular set of standards and explain against them.

However, increasingly, companies are being required to comply or explain against particular standards. For example, companies with a premium listing in the UK are obliged to comply or explain against the UK Corporate Governance Code, and companies with any kind of equity listing in the UK are obliged to comply or explain against the TCFD Recommendations.

In recent years, there has been an increasing trend from “comply or explain” towards “apply and explain”. The Wates Principles, for example, operate explicitly on an “apply and explain” basis. This requires a company not only to confirm it has complied with the relevant standards, but also to explain how it has applied them within its organisation and culture.

Although still billed as based on a “comply or explain” model, in reality, the UK Corporate Governance Code now operates on more of a hybrid model, with certain provisions requiring greater narrative.

Placing risk responsibility on the board

Perhaps the most significant proposed changes to the Code affect the parts covering audit, risk and internal controls (section 4).

A key concept floated by the Government was a new requirement for company directors to assess and report annually on the effectiveness of their company’s internal control structure and financial reporting procedures, an idea borrowed from the US Sarbanes-Oxley Act.

The FRC is proposing to implement this through the Code. Changes to the principles in section 4 would require directors not only (as at present) to establish an effective risk management and internal control framework, but also to maintain it.

More prescriptively, changes to the provisions in section 4 would require the board to make an annual declaration that the company’s risk management and internal control systems have been effective throughout the reporting period in question. Under a change made by the FRC, this would be expanded beyond financial reporting to reporting as a whole, including narrative reporting.

The board would also be required to describe any “material weaknesses or failures” and what remedial action it is proposing to take.

Coupling this with the requirement to “comply or explain” may well, in practice, create a sort of “SOX-lite” requirement to report on the ongoing effectiveness of internal controls. Quite how this develops in practice would remain to be seen.

An expanded role for the audit committee

The revised Code would also include an updated exegesis of the audit committee’s responsibilities, most of which are important but will not surprise audit committees. Perhaps the key addition is a duty to develop, implement and maintain the company’s audit and assurance policy (AAP).

The AAP was a key recommendation in the Government’s white paper. The idea is that it would set out what independent assurance the company intends to obtain over a three-year period, as well as describe the company’s internal assurance processes and external audit tender policies.

The requirement would be based on the statutory requirements for an AAP. These will be set out in secondary legislation that has not yet been published, although the FRC has, for convenience, provided a summary of the Government’s proposals in this area.

The new statutory regime, when introduced, is to apply only to “public interest entities”. However, the FRC has taken the view that all companies subject to the Code should publish an AAP, and that this will be “easier to comply with and monitor against”.

In effect, this will place the requirement of producing an AAP onto overseas premium-listed companies, as well as AIM companies that choose to adopt the Code, or explaining why they have not done so.

More focus on ESG

The proposal would introduce a new principle in section 1 requiring a company’s board to focus on outcomes when reporting on its governance activity.

This is designed to address the FRC’s ongoing concerns about the quality of governance reporting. It would require companies to “demonstrate the impact of [their] governance practice” and, in line with the trend towards “apply and explain”, ask boards to explain how they have applied the Code.

Changes to the accompanying provisions in section 1 would include explicit requirements to:

  • explain how the board takes environmental and social matters (including climate ambitions and transition planning) into account when delivering the company’s strategy; and
  • report on how effectively the desired culture has been embedded.

These changes are certainly in keeping with the increased attention on climate-related matters and a desire among investors to see culture more deeply ingrained within companies’ organisation.

The question is what impact these changes will have in practice. Although they shift the focus slightly, they do not materially alter (or, indeed, make any change at all) to existing expectations of companies under the Code. We suspect that the effectiveness of any drive towards deeper reporting on governance and culture is more likely to come through pressure from institutional investors.

Perhaps more significant is a proposed change that would bring ESG oversight within the remit of the audit committee. This includes scrutiny of narrative reporting on sustainability matters and assurance of ESG metrics and other sustainability matters.

Although ultimate responsibility for these matters would remain with the board, allocating specific duties to the audit committee in this respect should provide for more extensive scrutiny and review.

Linking pay to performance

The FRC is proposing several changes to the section of the Code that deals with executive pay. None of the changes is ground-breaking, but they do display a clear desire to create a stronger link between remuneration and long-term strategy, particularly ESG matters.

A revised fundamental principle on executive remuneration now makes it clear that remuneration outcomes should be clearly aligned to “performance, purpose and values” and the successful delivery of the company’s long-term strategy.

Although the inclusion of ESG in the context of remuneration and strategy is a new addition to the Code, it merely reflects the fact that the vast majority of listed companies now link some element of executive pay to the company’s ESG objectives.

As expected, the revised Code also include an ever-increasing focus on malus and clawback, mandating these as a standard feature of director contracts and remuneration arrangements. The changes require companies to report, in their annual directors’ remuneration report, not only details of the relevant malus and clawback provisions they have adopted, but also their practical use during the prior year and over the last five years.

By contrast, the FRC is proposing to remove existing Provision 40, which currently sets out six factors that must inform a company’s executive director remuneration policy and practices. The FRC is concerned that this prescriptive list is generating boilerplate disclosure, rather than thoughtful reporting.

Instead, reporting would rest on a shorter list of factors that remuneration committees should consider, which would, in turn, allow for more flexible narrative reporting.

Eyes on overboarding

A new addition to Provision 15 of the Code would require companies to list all significant director appointments in their annual report. The board would need to explain how each director has sufficient time to undertake their role effectively in light of their other commitments.

Other changes would require companies to consider a director’s commitments to other organisations as part of their annual performance review.

However, the FRC has decided against introducing into the Code a formal cap on the number of outside commitments a director may have.

The potential for over-commitment by directors has long been a concern of investors and is a frequent factor in failed resolutions to appoint directors. The issue has received increased attention in recent years from proxy advisors, such as Glass Lewis, which announced last year that it would put increased focus on director overboarding during the 2023 AGM season when issuing voting recommendations to shareholders (see our previous Corporate Law Update).

Transparency over other appointments is not new a new concept. The Pension and Lifetime Savings Association (PLSA) Voting Guidelines already encourage companies to disclose directors’ other board appointments. And, when proposing a new director, the Code itself requires a company to list the candidate’s other “significant commitments”.

But, by introducing an explicit requirement to list outside appointments in the annual report – an obligation from which it is likely to be difficult to adequately explain any deviation – the FRC is effectively making this mandatory for premium-listed companies.

Diversity and inclusion remains a key priority

The Code already requires boards and nomination committees to promote diversity and inclusion when making new director appointments.

The FRC’s proposals aim to broaden and deepen the integration of D&I initiatives within the nomination and succession-planning process.

The changes would eschew the current specific and, arguably, limiting references to “gender, social and ethnic backgrounds” in favour of wider concepts of “protected and non-protected characteristics”. This would bring the Code in line with current mainstream terminology, which seeks to be expansive and not linked to discrete concepts or the narrow list of characteristics that are protected by law.

The FRC is, however, proposing to retain references to “cognitive and personal strengths”, a useful reference to encourage boards to consider the positive benefits of aspects such as neurodiversity and emotional intelligence.

Refinements, rather than reform?

Unlike the changes in 2017, which resulted in a radically new Code for 2018 onwards, what the FRC is proposing here is no major overhaul.

Rather, the proposed changes are targeted tweaks around the edges to create a more up-to-date and targeted disclosure and governance regime that appear to have three main objectives:

  • to implement changes from the Government’s white paper;
  • to address perceived deficiencies in governance reporting; and
  • to bring the Code in line with evolving market practice.

For larger premium-listed companies with established practices, the proposed changes are unlikely to have significant impact. Smaller companies that are subject to the Code, however, may be more affected and should take note.

It will remain open to companies not to comply with specific provisions of the Code. However, the way in which the FRC is proposing to reframe many provisions may well make it more difficult for a company to issue a credible explanation for non-compliance.

This will, in turn, prompt greater and more targeted disclosure, which is precisely what the FRC is seeking.