Tag: Governance

Geplaatst op

De Nederlandse Corporate Governance Code 2016

Monitoring Commissie Corporate Governance Code | 2016

De Nederlandse corporate governance code (hierna: de Code) richt zich op de governance van beursgenoteerde vennootschappen en geeft een richtsnoer voor effectieve samenwerking en bestuur. Governance gaat over besturen en beheersen, over verantwoordelijkheid en zeggenschap en over toezicht en verantwoording.

Het doel van de Code is het met of in relatie tot wet- en regelgeving bewerkstelligen van een deugdelijk en transparant stelsel van checks and balances binnen Nederlandse beursgenoteerde vennootschappen en het daartoe reguleren van de verhoudingen tussen het bestuur, de raad van commissarissen en de algemene vergadering/aandeelhouders.

Naleving van de Code draagt bij aan het vertrouwen in goed en verantwoord bestuur van vennootschappen en hun inbedding in de maatschappij.

De Code is voor het eerst vastgesteld in 2003 en eenmalig gewijzigd in 2008. Op verzoek van het Christelijk Nationaal Vakverbond, Eumedion, de Federatie Nederlandse Vakbeweging, Euronext NV, de Vereniging van Effectenbezitters, de Vereniging van Effecten Uitgevende Ondernemingen en de Vereniging VNO-NCW is de Code aangepast door de Monitoring Commissie Corporate Governance Code (hierna: de Commissie). Voortschrijdende ontwikkelingen, de tijdgeest en overlap met wetgeving zijn aanleiding geweest om de Code aan te passen. Onderhavige Code vervangt de Code uit 2008.

Reikwijdte

De Code is van toepassing op:

    • alle vennootschappen met statutaire zetel in Nederland waarvan de aandelen of certificaten van aandelen zijn toegelaten tot de handel op een gereglementeerde markt of een daarmee vergelijkbaar systeem; en
    • alle grote vennootschappen met statutaire zetel in Nederland (> € 500 miljoen balanswaarde) waarvan de aandelen of certificaten zijn toegelaten tot de handel op een multilaterale handelsfaciliteit of een daarmee vergelijkbaar systeem.

Voor de toepassing van de Code worden met houders van aandelen gelijk gesteld de houders van certificaten van aandelen die met medewerking van de vennootschap zijn uitgegeven. De Code is niet van toepassing op een beleggingsinstelling of instelling voor collectieve belegging in effecten die geen beheerder is in de zin van artikel 1:1 Wet op het financieel toezicht.

Inhoud van de Code

De Code bevat principes en best practice bepalingen die de verhouding reguleren tussen het bestuur, de raad van commissarissen en de algemene vergadering/aandeelhouders. De principes en bepalingen zijn gericht op de invulling van verantwoordelijkheden voor lange termijn waardecreatie, beheersing van risico’s, effectief bestuur en toezicht, beloningen en de relatie met (de algemene vergadering van) aandeelhouders en stakeholders.

De principes kunnen worden opgevat als breed gedragen algemene opvattingen over goede corporate governance. De principes zijn uitgewerkt in best practice bepalingen. Deze bepalingen bevatten normen voor het gedrag van bestuurders, commissarissen en aandeelhouders. Zij geven de ‘best practice’ weer en zijn een invulling van de algemene beginselen van goede corporate governance. Vennootschappen kunnen hiervan gemotiveerd afwijken. De voorwaarden voor afwijking worden hierna onder ‘Naleving van de Code’ toegelicht.

De verhouding tussen de vennootschap en haar werknemers (en vertegenwoordigers) is bij wet geregeld. In de Code komt deze verhouding aan bod in bepalingen die betrekking hebben op cultuur en de contacten tussen de raad van commissarissen en het medezeggenschapsorgaan.

Download De Nederlandse Corporate Governance Code 2016.

Read in English.

Geplaatst op

COSO Enterprise Risk Management

Integrating with Strategy and Performance, June 2017

This project was commissioned by the Committee of Sponsoring Organizations of the Treadway Commission (COSO), which is dedicated to providing thought leadership through the development of comprehensive frameworks and guidance on internal control, enterprise risk management, and fraud deterrence designed to improve organi- zational performance and oversight and to reduce the extent of fraud in organizations.

Foreword

“In keeping with its overall mission, the COSO Board commissioned and published in 2004 Enterprise Risk Management—Integrated Framework. Over the past decade, that publication has gained broad acceptance by organizations in their efforts to manage risk. However, also through that period, the complexity of risk has changed, new risks have emerged, and both boards and executives have enhanced their awareness and oversight of enterprise risk management while asking for improved risk reporting. This update to the 2004 publication addresses the evolution of enterprise risk management and the need for organizations to improve their approach to managing risk to meet the demands of an evolving business environment.

The updated document, now titled Enterprise Risk Management—Integrating with Strategy and Performance, highlights the importance of considering risk in both the strategy-setting process and in driving performance. The first part of the updated publication offers a perspective on current and evolving concepts and applications of enterprise risk management. The second part, the Framework, is organized into five easy-to-understand components that accommodate different viewpoints and operating structures, and enhance strategies and decision-making. In short, this update:

  • Provides greater insight into the value of enterprise risk management when setting and carrying out strategy.
  • Enhances alignment between performance and enterprise risk management to improve the setting of performance targets and understanding the impact of risk on performance.
  • Accommodates expectations for governance and oversight.
  • Recognizes the globalization of markets and operations and the need to apply a common, albeit tailored, approach across geographies.
  • Presents new ways to view risk to setting and achieving objectives in the context of greater business complexity.
  • Expands reporting to address expectations for greater stakeholder transparency.
  • Accommodates evolving technologies and the proliferation of data and analytics in sup- porting decision-making.
The figure illustrates the framework considerations in the context of mission, vision, core values, and as a driver of an entity’s overall direction and performance.

Sets out core definitions, components, and principles for all levels of management involved in designing, implementing, and conducting enterprise risk management practices.

Readers may also wish to consult a complementary publication, COSO’s Internal Control— Integrated Framework. The two publications are distinct and have different focuses; neither supersedes the other. However, they do connect. Internal Control—Integrated Framework encompasses internal control, which is referenced in part in this updated publication, and therefore the earlier document remains viable and suitable for designing, implementing, conducting, and assessing internal control, and for consequent reporting.

The COSO Board would like to thank PwC for its significant contributions in developing Enterprise Risk Management—Integrating with Strategy and Performance. Their full consideration of input provided by many stakeholders and their insight were instrumental in ensuring that the strengths of the original publication have been preserved, and that text has been clarified or expanded where it was deemed helpful to do so. The COSO Board and PwC together would also like to thank the Advisory Council and Observers for their contributions in reviewing and providing feedback.”

By Robert B. Hirth Jr. (COSO Chair) and Dennis L. Chesley (PwC Project Lead Partner and Global and APA Risk and Regulatory Leader)

2017 COSO ERM: Integrating with Strategy and Performance (Executive-Summary)

Geplaatst op

Risk Management at the Edge of Three Worlds

City management in the perspective of ‘risk’

Jack P. Kruf | 2007

In this article, I want to focus on the specific characteristics of the role and position of local authority CEOs and city managers in relation to the three worlds of politics, society, and management. A specific focus on the role of risk management in supporting the CEO and the process of discussing these issues should be made to emphasise that risk management belongs on the strategic agenda and demands a holistic approach.

The “best” job

Some might say it is the most attractive and fascinating job there is: serving as CEO in local public management (or city manager or secretary). Why? Because it is at the very heart of dynamic society, close to politics and government, at the centre of the world of “power and influence”, and at the top of the management pyramid. This person is at the junction of necessary skills, ambitions, rights, stakes, and interests. He or she is, via society, close to disasters, successes, poverty, and environmental challenges, and, via politics, to elected officials like the mayor and local alderman, but always in close contact with officials in higher government and very close to the professionals in within the organisation. Local government leadership is a very exciting job.

“It is clear that risk management should be seen as a core competence for every public leader.”

The CEO is a generalist, not a specialist. One might say that a realistic comparison of the job would be with the decathlon. As with decathletes, the CEO must be well-rounded, competitive and competent in many areas. 

Furthermore, the CEO cannot operate in isolation but has to be open to the world, always authentic, and able to act like a chameleon. A phrase that has always appealed to me is being able to walk the web as a spider and be familiar with the rules of chess. This broad spectrum makes the role challenging, very attractive, and influential, but also very vulnerable. And it is here where risk management comes into play. 

Risk management 

As the demands of the city manager job are diverse but inter-connected, so must be the management approach: the manager must possess a broad, non-panicky and non-dogmatic perspective on risk and risk management – one which stresses usability in relation to a wide range of public risk issues, as well as to risks in public organisations. 

Such an approach requires a holistic, opportunistic and dialogue-oriented form of risk management, which seeks to harvest the value added, the ethical, resilient, and innovative potential in risk management as a natural part of public governance. 

Managing risks is among the most challenging issues for the public sector today. Whether risks arise from the physical environment, economic environment, or even from changes in voter preferences, public institutions are responsible for assessing and addressing the risks that impact the community they serve and their organisation. For example, what risks are possible when investing in a new IT system? Which risk elements are to be analysed when decisions about building a new school are made? Which risk elements are to be assessed to prevent vandalism and break-ins on municipal buildings? And which risks emerge from decisions made by higher governmental institutions? 

Risk management should be seen as a core competence for every public leader. But what is risk management? Generally, it is a way of approaching business, a sound attitude towards and style in managing people, projects, processing, and reaching goals. It comprises tools and techniques but, more than that, a smart, honest, and externally oriented approach that is open and authentic. Risk management leads to an effective and efficient way of reaching goals. It is the road to success. Let me focus on the three domains; society, politics and management. 

“One of the major goals for the public sector worldwide is a continuous building and rebuilding of public trust in close combination with sustainable development.” 

The three worlds 

The worlds of society, politics, and management always overlap and are connected. This fact requires a new risk management approach. It should consist of more than just preventing losses and reducing costs. Increasingly, risk management can be defined as the coordinated management of all risks. In this regard, modern risk management is a general management function that permeates an organisation, is linked to the organisation’s overall strategic plan and enables the achievement of political and organisational goals and objectives. 

One of the major goals for the public sector worldwide is the continuous building and rebuilding of public trust in close combination with sustainable development. Risk management is thus a most valuable management concept and tool in today’s complex and globalised world with increasing demands on governance and compliance. 

Risks in society 

The attacks on the World Trade and the Madrid trains, the Indian Ocean tsunami, the financial scandals of Enron and Worldcom, increasing poverty, climate change, increasing problems in the supply of clean water, unexpected riots in the suburbs of our cities, the murder of a Dutch politician, the Danish cartoon controversy, and the massacre at Virginia Tech University – all tell us how fragile society is. This underlines the urgency of and demands the control of risks, not only on a global but certainly also on a local level. 

Risk management requires knowledge of what is happening in society and how it develops in our streets, neighbourhoods, villages, suburbs, and cities. Knowing requires measuring and monitoring stress, satisfaction, trust, and safety; that is, perceptions of risk as well as objective and factual measures of risk. Monitoring and diagnosing society is important. Understanding relevant trends and developments is critical. 

Risk management also asks us to understand how and to what extent institutions in society really cooperate, where they should and why they don’t. This chain of interrelated institutions should be working if we want to be in control. Only the right information can lead to the right conclusions and the right things to do. So, sensing society and its institutions is a form of risk management.

 Of course, we receive some social feedback from citizens during elections. But I believe we need to develop a more consistent and permanent way of monitoring and sensing the state or health of society and its risks. This will contribute to an overall improvement in the quality of federal and local policies. If set up internationally, which it should be, it will lead to more exchange of knowledge and experience between local authorities worldwide.

Risks in politics 

The CEO’s task is to advise his local politicians as effectively as possible to prevent and protect them from risks. This boundary between politics and management requires special attention. Politicians often have a different view of risks than specialists and professionals. The approach here is to invest in the awareness of risks and to put it on the common strategic agenda. This seems so easy, but actually, it is not. Politicians and managers do not always speak each other’s language. On the other hand, the local government is an entity committed to developing policies and legislation by politicians on a regional, national and European level. Yes, there is the fact these are sometimes difficult to implement or, if so, against high costs and with intense efforts from municipal organisations. 

Risk management compels us to consciously calculate the risks and bring them forward. National organisations should play a key role in this. In my view, we should invest in partnerships between the different governmental layers. The other approach is to share your experiences in implementation and synchronisation and cooperate in this as much as possible. In the long term, higher levels of government should involve lower levels of government in policy development and implementation. The best form of risk management is a true partnership. 

Another factor that local government has to deal with is the lack of cooperation on a higher level. Central governmental institutions and ministries are organised by sector: traffic, environment, agriculture, economic, social, legal, et cetera. An integrated approach to specific areas, projects, problems, target groups, and even individuals is often literally blocked by this compartmentalisation. And this fact itself leads to higher risks for “control” of society. For example, the result is inconsistent legislation that may even be contradictory at the local level. 

“Mind you, another factor that local government has to deal with is the lack of cooperation on a higher level.”

Introducing risk management here implies bridging the gap between the government’s compartmentalised nature and the need for integration, which is truly a challenge for the city manager, generalist, process engineer, chameleon, or spider, as he or she may be. 

However, reducing the risks of a noncongruent and consistent approach on a local level caused by compartmentalisation is often very difficult and frequently impossible. Most power and influence, laws, regulations, and project budgeting are organised along such sectoral lines. This causes high risks for society. Bridging those gaps may be one of the highest forms of risk management. 

In general, it is very clear that a broader approach to risk management can lead to successful projects and policies and, from there, to successful local politics and politicians. While this seems obvious, it has not always been that way. Indeed, risk management is often seen as an obstacle to political goals and ambitions. I would simply argue here that risk management enables the fulfilment of goals, and if it isn’t happening in an organisation, risk management is not being effectively practised.

“Introducing risk management here implies bridging the gap between the compartmentalised nature of government and the need for integration…”

Risks in management 

The CEO is, in general, responsible for the management of the municipal organisation. Every manager has to be perfectly in control and, therefore, be able to realise the political targets. In this, the CEO, along with the mayor and alderman, is also responsible for the mistakes/faults of the local organisation. In this context, risk management has much to do with minimising errors, mistakes and accidents. Preventing crises and disasters and, if they occur, doing the right things. 

Another factor is that good news always travels fast to the top, but the bad news often stays hidden. Most employees never enter the executive room to tell the top manager that a decision is risky and will lead to trouble. This would be, as they say, not a good career move. That is why it should be the CEO who puts risk management high on the strategic agenda as an invitation and a request to employees in the organisation to come forward. Beyond that, he or she has to develop a safe and open culture for employees to discuss risks and, more importantly, reduce them. Most CEOs today delegate directly to others. But it is my opinion that this is a risk in itself. Risk management requires the involvement of all management team members, and it requires that they all explicitly share the risks. 

Another important aspect of the job of the CEO is realising political targets. This demands a management style focused on results. Defining the goals and auditing the risks of not realising them can give an enormous stimulus to develop and focus employees on those results. This is a risk management pursuit and can assure success and improved control. In this regard, the CEO needs to be open and transparent in his approach to facing risks. In my view, the process of reducing risks and uncertainties is often too implicit, sometimes even hidden and not visible. 

To prevent the organisation itself from approaching risks sectorally, it is worthwhile considering the “bundling” of control in the organisation in one place, of course, with the checks and balances embedded and incorporated. Legal, IT, financial and quality officers often don’t talk with each other because they have their own specialisms. The city manager also has to develop an integrated approach, as it will improve the quality of political advising, address the needs of society and foster higher-quality decisions. 

The necessity of sharing 

In my judgment, all preceding comments underscore the importance of sharing—that is, sharing ideas, techniques, and strategies among public sector managers. For reasons that escape me, we do not see the level of sharing (between local authorities, between local and central governments, and – yes – between governments of various nations). But sharing is necessary, in significant part because of globalisation. We can learn a lot more if we are prepared to look around us and learn from each other, as well as share our experiences and approaches. 

A new visionary and comprehensive risk management organisation for public risk management on a CEO level has been set up to encourage and facilitate the goal of sharing. It is called the Public Risk Management Organisation (PRIMO). It is an international association that strives to establish an influential transnational network for creating awareness, setting up networks, connecting people, and developing and disseminating well-founded, solid, useful, and cutting-edge knowledge on public risk management for the benefit of society, the citizens, and the public organisations. 

Just get started 

Risk management has a good scientific basis, though it is relatively young in the public sector. However, there are sufficient tools and techniques available to start. Put risk management high on the strategic agenda. Start the debate about the most experienced risks, and create a safe atmosphere and culture where it is possible to share and bring risks forward. Identifying the risks is a start in itself and the first step in reducing risks and uncertainties on projects, advising, and processes. And I want to underscore this final point; it has to be the city manager who sets the example and leads the way.

Geplaatst op

Global Risks Report 2007

World Economic Forum

“At the core of this year’s overview of risks to the global community over the next decade is a fundamental disconnect between risk and mitigation. Expert opinion suggests that levels of risk are rising in almost all of the 23 risks on which the Global Risk Network has been focused over the last year – but mechanisms in place to manage and mitigate risk at the level of businesses, governments and global governance are inadequate. The global economy has been expanding faster than at any time in history – but it remains vulnerable.

Some tactical gains have been made in specific areas of risk mitigation: despite the raised threat of terrorism, cooperation on dealing with the threat continues to improve; fears of a major pandemic outbreak have driven a major effort to upgrade our global preparedness to identify and isolate new diseases; there is a growing recognition of the need to improve access to mechanisms of risk transfer in emerging markets, to allow risks to be priced in a way that allows the potential economic growth of this century to be fully unlocked.

There has also been major improvement in the understanding of the interdependencies between global risks, the importance of taking an integrated risk management approach to major global challenges and the necessity of attempting to deal with root causes of global risks rather than reacting to the consequences.

Climate change is now seen as one of the defining challenges of the 21st century – and as a global risk with impacts far beyond the environment. Effective mitigation of climate change may ultimately have the consequence of improving resilience to oil price shocks in developed countries by moving them from hydrocarbons to alternative energy sources; ineffective mitigation of climate change will almost certainly be a factor in major interstate and civil wars within the next 50 years. The way in which climate change is dealt with at the global level will be a leading indicator of the world’s capacity to manage globalization in an equitable and sustainable way.

But the tactical gains may be illusory and are certainly temporary. The manifestation of any number of global risks in the way described in the plausible scenarios in this report could quickly put those gains into reverse.

Global Risks 2007 suggests two possible institutional innovations that may help mobilize businesses and governments to approach the global risks of the next 10 years. One is the idea of a Country Risk Officer – an analogy to Chief Risk Officers in the corporate world – intended as a focal point for managing a portfolio of risk across disparate interests, setting national prioritization of risk and allowing governments to engage in the forward action needed to begin managing global risks rather than coping with them. The second is to create an avant-garde of relevant governments and companies around different global risks – “coalitions of the willing” – allowing risk mitigation to be a process of gradually-expanding alliances rather than a proposition requiring permanent consensus.

Above all, Global Risks 2007 makes the case for the active engagement of all sections of the international community in dealing with global risks. No one group has the ability to effectively mitigate most global risks. Interdependency implies not just common vulnerability, but a shared responsibility to act.

Download Global Risks Report 2007

Geplaatst op

Global Risks Report 2013

World Economic Forum

The report analyses 50 global risks in terms of impact, likelihood and interconnections, based on a survey of over 1000 experts from industry, government and academia.

This year’s findings show that the world is more at risk as persistent economic weakness saps our ability to tackle environmental challenges. The report highlights wealth gaps (severe income disparity) followed by unsustainable government debt (chronic fiscal imbalances) as the top two most prevalent global risks. Following a year scarred by extreme weather, from Hurricane Sandy to flooding in China, respondents rated rising greenhouse gas emissions as the third most likely global risk overall.

The findings of the survey fed into an analysis of three major risk cases: Testing Economic and Environmental Resilience, Digital Wildfires in a Hyperconnected World and The Dangers of Hubris on Human Health. In a special report on national resilience, the groundwork is laid for a new country resilience rating, which would allow leaders to benchmark their progress. The report also highlights “X Factors” – emerging concerns which warrant more research, including the rogue deployment of geoengineering and brain-altering technologies.

Read online

WEFvGlobal Risks Report 2013

Geplaatst op

Risicoperceptie van gemeentesecretarissen

Bert van de Velden, Leo ’t Hart en Franc Weerwind* | 2004, VGS en Marsh

Anticiperend op het per 1 januari 2004 in te voeren Besluit Begroting en Verantwoording provincies en gemeenten (BBV) is medio 2003, bij een aantal gemeentesecretarissen het idee ontstaan om aandacht te geven aan het onderwerp risicomanagement. Dit idee is vervolgens uitgewerkt en besproken met het bestuur van de VGS. Hierbij is afgesproken om binnen het kader van risicomanagement onderzoek te doen naar de risicoperceptie van gemeentesecretarissen.

Bij publieke besluitvorming spelen veel aspecten een rol. Visie, nut en noodzaak, uitvoerbaarheid, (financiële) haalbaarheid en handhaafbaarheid zijn voorbeelden van die aspecten. Risicomanagement is een ander perspectief dat bij deze besluitvorming een rol kan spelen.

Lees verder “Risicoperceptie van gemeentesecretarissen”

Geplaatst op

An Inconvenient Truth

The Planetary Emergency of Global Warming and What We Can Do About It

Al Gore | 2006

In his best-selling book, An Inconvenient Truth, former Vice President Al Gore argues against the climate crisis and argues that it is imperative that we solve it.

Our climate crisis may, at times, appear to be happening slowly, but it is happening very quickly and has become a true planetary emergency. The Chinese expression for crisis consists of two characters. The first is a symbol of danger; the second is a symbol of opportunity.

Lees verder “An Inconvenient Truth”