printer friendly version

Security's role in corporate governance

Good corporate governance is all the rage these days, yet what many companies overlook is the vital role that security plays in this process - a role which might in the very near future have legislative impact.

This is according to Mariaan van Kaam, executive director of behaviourial management specialists, VoiceIT South Africa. "High profile cases of blatant fraud, both locally and internationally, have focused security's role in corporate governance," says Van Kaam.

"More and more, people are asking the question of how could employees - management or otherwise - get away with their fraudulent activities for so long?"

The answer, of course, lies in sloppy corporate governance policies, which have allowed dishonest individuals to take advantage of the system to their own benefit. This is, however, a trend which is going to change as shareholders could start taking direct legal action against company directors and managers in their personal capacities for any fraud or mismanagement which takes place. King II, the Public Finance Management Act and the Money Laundering Act are a few of the initiatives raised recently to address this problem.

Worldwide, the trend towards legislated personal responsibility is on the uptake. "In the USA, for example, recent legislation has compelled CEOs to personally vouch for the veracity, timeliness, and fairness of their companies' public disclosures, including their financial statements, and the Securities Exchange Commission has been given the power to freeze improper payments to corporate executives when a company is under investigation," she says.

Another piece of US legislation, the Sarbanes-Oxley Act of 2002, contains some of the most far-reaching reform of American business practices since the time of Franklin D. Roosevelt. Among other reforms, the legislation created a new accounting oversight board to police the practices of the accounting profession and increased the accountability of officers and directors.

The new laws have led to a spate of arrests and trials of company executives and employees, all with the idea of trying to prevent another Enron type scandal.

"In South Africa, we have the King II Report, which although not legislated, carries a moral weight which without doubt can be used as a basis for any court action by shareholders for compensation in the event of loss due to poor corporate governance," says Van Kaam.

The King II report includes full reporting on aspects such as fraud prevention, ethics and integrity standards. In terms of King II, all companies have a fiduciary duty to protect the assets of the company, as it is in the direct interests of the shareholders.

"It is more than theoretically possible for shareholders to take action - which might include legal action - against company directors who did not implement and report on a company-wide fraud prevention policy in their reports, as specified in the King Report."

Already, listed companies on the JSE need to meet all the requirements of King II before they can list. Financial institutions and the public sector has to abide by King II as well. King II will therefore be a decisive factor in the creation of corporate governance policies with regard to asset protection and security policies.

While it is more commonly known that King II requires specific accounting policies to be followed, it is less well known that it also includes an obligation on the part of directors to ensure that all reasonable steps have been taken to ensure that physical company assets are protected and that ethical and integrity standards are upheld through leadership, awareness, communication and training, among others.

"Companies have to draw guidelines on security polices, and will have to implement them in terms of a broader coordinated sustainable integrated reporting system," Van Kaam said.

This obligation, which could easily be tested in court, means that companies have to ensure that assets are protected, not just by physical barrier methods - such as gate controls or cameras - but also by broader sustainability measures, designed to curtail intra-organisational criminality through attitude, mindset and behaviour-change programmes," she says.

Share this article:

Further reading: