Corporate Governance

Over disclosure of information could erode stakeholder trust
May 2018
In the rush to comply with pressure to disclose ever-increasing levels of non-financial information, companies could inadvertently erode stakeholder trust by publishing too much data, delegates heard at the 22nd European Corporate Governance Conference in Sofia this April.
Since statutory auditors in Europe – with the exception of those in Italy and the UK – do not check the content of non-financial reporting, directors may be unaware that they are revealing competitive information. Since an estimated 80% of companies’ value is now intangible, such disclosure could have serious consequences.
“Getting the balance right on disclosure should boost competitive advantage rather than erode it,” Farid Aractingi, ECIIA President says. “There is clearly a potential gap in companies’ control systems that internal auditors are ideally placed to fill.”
Internal auditors have a unique oversight position as the third line of defence in organisations. That means they are ideally placed to help co-ordinate and provide assurance on the quality and relevance of information in non-financial reports.
Additional tools that can help organisations face non-financial disclosure challenges include the Global Reporting Initiative and IFAC’s integrated thinking and reporting resources.
The pressure on increased non-financial disclosure has been seen as part of a societal shift as stakeholders expect organisations to adopt more ethical and responsible strategies. Corporate governance has been responding to these shifts in expectations by expanding its remit to look at the environment, social justice issues and culture.
Boards need to be courageous if they are to rise to the challenge that these pressures.
ECIIA and FERMA launch cyber governance framework
June 2017

ECIIA and FERMA have launched joint guidance aimed at helping organisations across Europe develop an effective cyber governance framework.

The framework – detailed in At the junction of corporate governance and cybersecurity – enables companies to make consistent and understandable decisions about their security measures, risk management and overall cyber security posture.

“Risk managers and internal auditors play an important role of coordination and cooperation to build an effective and resilient cyber security system within an organisation,” ECIIA President Henrik Stein says. ”We hope to convince organisations and regulators about the importance of a strong governance model to mitigate cyber risks.”

The guidance outlines a comprehensive risk management approach to cybersecurity, a cyber awareness program covering everyone in the organisation from top to bottom and, most important, the interactions between the three lines of defense to facilitate the communication to the board that is ultimately responsible for the oversight of the cyber governance framework.

Read the guidance here.

Governance and cyber conference
May 2017

ECIIA members attended a free cyber risk governance conference held in Brussels on 29 June hosted by MEP Antennas Guoga.

The event – organised jointly by ECIIA and FERMA – presented recommendations a new cyber risk governance model designed to include key internal stakeholders, the risk and audit committees. A working group representing risk managers and internal auditors from eight EU countries developed the model and other recommendations was presented at the event.

The proposed model will increase cyber-resilience, define the key stakeholders and the conditions for success.

Developing cyber governance principles for greater resilience is supported by the World Economic Forum, which published a report in January 2017: Advancing cyber resilience: principles and tools for boards.

See the full programme here.

When: Thursday 29 June 2017 from 16:00 to 18:00 (CET time)
Where: European Parliament – JAN 6Q1 / Rue Wiertz 60, Brussels, Belgium

Join the governance debate in Malta
March 2017

ECIIA members are invited to sign up today for a major debate at the 20th European Corporate Governance Conference to take place on 4th May in Malta.

The conference will open with keynote speeches from the Maltese Minister for Finance, Edward Scicluna, and the Commissioner for Justice, Consumers and Gender Equality Minister Vĕra Jourová.

Panel discussions on creating long-term value, rebuilding trust with corporate governance, corporate social responsibility and digitisation promise to tackle the most pressing issues facing internal auditors and their stakeholders. Silvio de Girolamo, ECIIA Board Member and Chief Audit Executive, Autogrill Group is a panellist.

“This conference represents a fantastic opportunity for auditors to get up-to-speed with the most recent corporate governance thought-leadership,” Henrik Stein, ECIIA President, says. “The lessons learned should help auditors better understand where their work can add value.”

View the programme here.

Sign up today here.

ECIIA and FERMA collaborate in cyber risk initiative
January 2017

Given the growing risk posed by cyberattacks on businesses across Europe, ECIIA and the Federation of European Risk Management Associations (FERMA) have launched a joint initiative aimed at helping organisations strengthen their cyber defences.

The group’s key objective is to help define the best governance model when managing cyber risk. The two bodies set up a working group to explore the scope and range of the work needed, which held its first meeting in 11 January 2017 in Brussels.

“We want to explore ways of helping organisations create better risk management and auditing structures to deal with this threat,” Henrik Stein, ECIIA President, says. “Given the fast- moving nature of cyber-risk and recent European legislative changes, a fresh look at how such threats are managed is timely.”

The group will The European Parliament adopted the Network and Information Security Directive July 2016, which EU countries have 21 months to transpose into local legislation – and an extra six months to designate national authorities to deal with cyber matters. The legislation is aimed at strengthening Europe’s cyber defenses.

In May 2016, it adopted the General Data Protection Regulation, which comes into effect 25th May 2018. The legislation introduces tougher measures on data protection and higher sanctions for those who do not comply.

The ECIIA/FERMA working group aims to publish its preliminary findings in the summer.

Theme author: Web developer Front End Developer Wordpress developer Web developer Front End Developer Wordpress developer Notariusz Szczecin