Lessons from the APRA report on CommBank
susheela peres da costa, head of advisory
1 May 2018
For companies looking to step up their governance of 'non-financial risk', and for responsible investors planning corporate engagement, APRA's Prudential Enquiry into the Commonwealth Bank of Australia (CBA) is an extremely valuable – and surprisingly readable - resource.
Although focused on diagnosis, prognosis and treatment for CBA, it readily generalises to other ESG risks and, with a little reader-licence, also generalises to companies in every industry that must balance short term profits and priorities against the legitimate interests of others – including employees, customers, community members, and long term investors.
Its recommendations focus on five main levers for improvement at CBA (noting many improvements are underway). These are arguably relevant for many other companies:
- More rigorous board and executive committee level governance of non-financial risks;
- Exacting accountability practices reinforced by remuneration practices;
- A substantial upgrading of the authority and capability of the operational risk management and compliance functions;
- Injection into the company’s DNA of the “should we?” question in relation to all dealings with and decisions on customers; and
- Cultural change to support enhanced risk identification and remediation, moving the dial from reactive and complacent to empowered, challenging and striving for best practice.
But the report’s real value for a general readership is its detailed analysis of governance in practice, illustrating how different arrangements can either:
- Empower or dampen director proactivity on non-financial risk;
- Highlight or obscure relevant information for decision-makers; and
- Clarify or scatter responsibility and accountability.
For instance, while most readers will be familiar with the need for independence and skills on boards, the report shows (rather than merely stating) the need for directors to have:
- A proactive cast of mind;
- The freedom to determine the board’s agenda;
- The confidence to challenge the perspectives of management; and
- The support to better seek, capture, analyse and consider other sources of relevant information.
This functional elaboration of governance arrangements offers excellent fodder for those formulating or evaluating governance of non-financial risks, regardless of whether they sit inside or outside a company.
In fact the main quibble is the word 'non-financial' as a description of risks that are plainly, predictably (and preventably) proving to be very financial indeed.