M1S1: INTRODUCTION TO CORPORATE GOVERNANCE function is carried out by a body or group of people (board of

directors/trustees) who govern the organization, making sure

Corporate Governance that the company or entity is efficiently and effectively run by
• Tricker (2019), who is considered by many to be the father of management.
corporate governance, defines it as a way in which a • Management is defined as how an organization is operated
corporation is controlled or governed. This definition tells us by its human and material resources to achieve
that governance is a process that allows internal and organizational success. Such success may be measured by
external mechanisms to ensure that a company's resources profits generated through its operations and the continued
are optimized for the benefit of stakeholders. growth of its resources to produce more revenues.
• Good governance is a strategic direction for all organizations
because long-term sustainability or organizational activity is • The board does not readily manifest itself in the organization
dependent on the proper governance of their resources. structure because of its explicit definition.
• Corporate governance is distinct from operating and • A board supervises the management and provides oversight,
managing the business. Management runs the business and ensuring that the company is steered in the right direction
is involved in the day-to-day operations of the company. for the satisfaction of its various stakeholders without direct
However, the idea of doing business is not simply to operate interference in the day-to-day operations of the company.
a business. • The board of directors may be viewed as an overlapping
entity that provides oversight for the organization and that
• Management deals with “running the business” some executives (e.g., CEO, president, or vice president) are
• Corporate governance deals with “making sure that the members of the board.
business is being run properly”
Key Players in Corporate Governance
• Corporate governance works like a “captain of the ship who 1. CEO – The CEO is the person responsible for leading and
must navigate the ship to safer waters amid bad weather” managing the entire organization in achieving its
organizational goals. The CEO must collaborate with the
• Corporate governance is the process through which the board for the overall direction of the company.
company can fulfill its long-term 2. Chairman of the Board – The chairman of the board of
economic, moral, legal, and social obligations to directors should not only provide leadership of the board but
stakeholders. also play an important role in the governance practices of
the company.
• Good Corporate Governance is a system of stewardship and 3. Board of Directors – This is the best entity for steering the
control to guide organizations in fulfilling their long-term company’s strategic direction and evaluating its
economic, moral, legal, and social obligations toward their performance. As a director, questions must be asked during
stakeholders. board meetings to make sure decisions made by the
company will be in the best interest of the company in the
• The definition of corporate governance can be broken into long term.
three parts: 4. Shareholders – Considered owners of the company through
1. It is a system of stewardship and control of corporate their ownership/holdings of stock shares, this group actively
entities. seeks to maximize stock price increase over some time
2. It is intended to fulfill long-term obligations (economic, 5. Stakeholders – Any group of people who are affected by how
moral, legal, social) of the company; and a corporation operates (i.e., employees, suppliers,
3. It benefits the stakeholders government, and society among others)

• Good governance should apply to all forms of organizations Theoretical Perspective

regardless of their structure, be it private or publicly owned, There are many lenses with which to study and look at corporate
profit and non-profit, cooperatives, government-owned and governance. Let’s take a look at the most widely used and
controlled corporations (GOCCs), non-government researched perspectives:
organizations (NGOs), or just about any organized entity. • Agency Theory – This perspective assumes that the two
principal characters, the agent (manager) and the principal
Difference Between Governance and Management (owner) are at odds with their objectives. This theory
• Governance and management are two distinct functions. suggests that managers cannot be trusted and act on their
Management takes charge of the day-to-day operations of interests and not for the benefit of the owners of the
the business. Simply stated, management deals with company.
“running the business.” Governance, on the other hand, is • Stewardship Theory - The agent acts in the principal’s best
“ensuring that the business is being run properly.” interest and therefore acts as a responsible steward of the
o The board sets the direction of the organization. company.
• Resource Dependency Theory – Based on organizational
Governance and Management theories, this theory looks at corporate governance from a
• It must be stated at this point that governance and strategic management view. It examines how the external
management are two different areas. resources of organizations affect how organizations behave
• Management focuses on the day-to-day operations of an for their maximum utility.
organization. Executives and managers in management • Stakeholder Theory – This approach to corporate governance
ensure that the company is running well and, ideally, brings encourages boards to consider their stakeholders’ concerns,
profit to its shareholders. On the other hand, the governance not only shareholders, as the metric for a successful
 organization is the satisfaction of all its stakeholders. the achievement of long-term profitability and cash flow.
Theoretical Perspective This is to prevent the so-called “short-termism”
• “Short-termism” is a term that connotes actions of
Stockholder Theory and Stakeholder Theory corporate managers intended to increase short-term profits
• Stockholder theory suggests that the corporation exists for only.
the benefit of the shareholders or stockholders. Therefore,
corporate managers (e.g. CEO, CFO) have to maximize Board Setups
returns to the benefit of stockholders. • There are two types of corporate board setups, namely:
• Stakeholder theory states that the corporation exists not 1. All-executive board; and
only for the benefit of the stockholders. It also exists for the 2. Board with non-executive directors.
benefit of the other stakeholders. The other stakeholders • An all-executive setup is a board comprised solely of
include employees, creditors, suppliers, the government, executive or corporate managers. As discussed previously,
and society in general. this is often the case for small or family-owned corporations.
• The board with non-executive directors is often the case for
The Agency Problem publicly listed companies and other regulated entities such
• The “agency problem” is a situation that exists when the as banks and insurance companies.
“agent” of the corporation uses their authority for their
benefit and not for the benefit of the “principal” or owners. M1S2: CORPORATE GOVERNANCE: WHAT IS A WELL-
• The term “agent” pertains to corporate managers while GOVERNED ORGANIZATION?
“principal” pertains to the shareholders of the company.
• To ensure that corporate managers act in the best interests Introduction
of the owners, the following are implemented: • High-profile blunders such as Enron and WorldCom
o External and internal audits highlighted the need for an effective corporate governance
o Oversight of managerial performance by the board structure in every organization. Whether big or small.
of directors • Corporate governance such as the Sarbanes-Oxley Act
o Management compensation is linked to corporate (SOX) requires strict rules when it comes to the governance
performance and/or stock price. of covered entities.
o Code of ethical conduct • The OECD Principles of Corporate Governance, on the other
o Internal Controls hand, provide guidance in defining what a well-governed
o Government regulations organization is. Corporate laws, alongside the Philippines
SEC – Code of Corporate Governance, come into play and
Board Independence require various regulations for Philippine companies.
• For an appropriate oversight and assessment of managerial
performance, the board of directors must be both objective Governance Risk  Management  Internal Control
and competent. Otherwise, the result of any performance “To ensure governance in the conduct of its affairs, the company
assessment will not be truthful and will not meet its should have a strong and effective internal control system and
intended objectives. enterprise risk management framework”
• In the case of small and family-owned businesses, the
managers are also the members of the board. What is a Well-governed Organization?
• An independent director is a person who is independent of • A well-governed organization implements effective risk
management and controlling shareholders and is free from management and internal control systems.
business or other relationships that could reasonably be • As shown in the previous diagram, internal control is the
perceived to interfere with his/her exercise of independent innermost circle. Internal control addresses internal events
judgment in carrying out his/her responsibilities as a that affect the company’s operations, reporting, and
director. compliance.
• On the other hand, non-executive directors (NEDs) are those • Some events are beyond the scope of internal control. They
who are not involved in operations and are not corporate are the “external events.” These external events would
officers. Independent directors are automatically NEDs but include economic recessions, natural calamities,
not all NEDs are independent directors. pandemics, and the negative impact of stiff competition,
among others.
Long-term Sustainability Goal of Governance • To address these negative external events, the company
• According to the OECD, “Corporate governance is a system needs to implement sound risk management.
of direction, feedback, and control using regulations,
performance standards, and ethical guidelines to hold the Internal Control and Risk Management
board and senior management accountable for ensuring • Internal Control – A process effected by an entity’s board of
ethical behavior-reconciling long-term customer satisfaction directors, management, and other personnel, designed to
with shareholder value-to the benefit of all stakeholders and provide reasonable assurance regarding the achievement of
society” objectives relating to operations, reporting, and compliance
• The purpose of corporate governance is to maximize the • Enterprise Risk Management – A process, effected by an
organization’s long-term success, creating sustainable value entity’s board of directors, management and other
for its shareholders and stakeholders. personnel, applied in strategy setting and across the
• Corporate governance must not only ensure that short-term enterprise, that is designed to identify potential events that
profit goals are achieved. Its goal is to ensure may affect the entity, and manage risks to be within its risk
 appetite, and provide reasonable assurance regarding the
achievement of entity objectives. ➢ Assessment of internal controls over financial reporting
• The management is required to assess the effectiveness of
The Need for Corporate Governance: Sarbanes-Oxley Act the company’s internal controls over the financial reporting
• Corporate governance, in a nutshell, is the effective way of process
“directing and controlling companies”. How companies are • The CEO and CFO must certify the assessment of internal
directed and controlled is of interest to investors, directors, controls over the financial reporting process
managers, regulators, auditors, and practically everyone • Auditors are to perform an attestation of the management’s
• The Sarbanes-Oxley Act (SOX Act) was passed in the United assessment of internal controls over the financial reporting
States after the financial scandal of 2001. The SOX Act is process
primarily a corporate governance regulation
• SOX seeks to strengthen the board of directors functioning in • Fraud Prevention
overseeing managerial performance and enhance board • Provides criminal penalties for obstruction of justice or
independence. destruction of accounting and other documents
• SOX regulations also require evaluation of internal controls • Protects “whistleblowers’ who report fraud and other
to ensure reliable and transparent financial reporting to irregularities of corporate officials
investors. SOX also instituted improvements in the oversight
of audits of corporate financial statements, whistle-blower • The following are the most important sections of the Act:
policies, and transparent disclosures of financial and non- Sections 302, 401, 404, 409, 802 (penalties)
financial information among others.
Benefits of SOX Act to Investors
Sarbanes-Oxley Act (SOX law): A ‘Rules-based” Corporate • Financial crimes and accounting fraud have become less
Governance Regulations frequent
• The Sarbanes-Oxley Act (or SOX Act) is a United States • Organizations were discouraged from attempting to inflate
federal law that aims to protect investors by requiring more figures such as revenues and net income
reliable and more accurate corporate disclosures. • The maximum sentence term for securities fraud was
• The act was spurred by major accounting scandals, such as increased to 25 years, while the maximum prison time for
Enron and WorldCom (today called MCI Inc.), that tricked obstruction of justice was increased to 20 years
investors and inflated stock prices. Spearheaded by Senator • The act increased the maximum penalties for mail and wire
Paul Sarbanes and Representative Michael Oxley, the Act fraud from five years of prison time to 20 years.
was signed into law by then-President George W. Bush on • The SOX significantly increased the fines for public
July 30, 2002. companies committing the same offense.
• As described in the introduction on corporate governance in • Investors benefited by having access to more reliable
subtopic 1, the SOX Act is primarily a corporate governance information and were able to have a sound basis for their
regulation. investment decisions

Important Provisions of SOX: Costs to Businesses

➢ Strengthening of external auditor’s independence • While the SOX Act benefited investors, compliance costs
• The external auditor of a corporate issuer is prohibited from increased for small businesses.
performing eight non-audit services, namely: bookkeeping, • According to a 2006 SEC report, smaller businesses with a
information system design and implementation, appraisal or market capitalization of less than $100 million faced
valuation services, actuarial services, internal audit, compliance costs averaging 2.55% of revenues, whereas
management functions or human resources, investment larger businesses only paid an average of 0.06% of revenue.
adviser and legal services unrelated to the audit
• The increased cost burden was mostly carried by new
• Corporate officers and directors are prohibited from companies that had recently gone public.
fraudulently misleading or coercing their external auditors in
the performance of their examination of the financial OECD Principles of Corporate Governance
statements
• The Organization for Economic Cooperation and
• Members of the audit team must wait for one year before Development (OECD) formulated the Principle of Corporate
accepting employment as CEO, CFO, or its equivalent in an Governance. This framework serves as a guide in the crafting
audit client of corporate governance systems for companies across
• Audit engagement partners must be rotated every five years various industries.
• The main areas of the OECD Principles are:
➢ Proactive and more independent audit committees 1. Ensuring the basis for an effective corporate
• All covered companies must have audit committees wherein governance framework
the majority is to be “independent” 2. The right of shareholders and key ownership functions
• Audit committee members may not accept any consulting, 3. The equitable treatment of shareholders
advisory, or other compensatory fees from the issuing 4. The role of stakeholders in corporate governance
company 5. Disclosure and transparency
• Audit committees are directly responsible for the 6. The responsibility of the board
appointment, compensation and oversight of the auditor’s
work Functions of the Board of Directors
• Disclosure as to the existence of a “financial expert” on the • The most important duty of the board of directors is
audit committee oversight. Oversight refers to the board’s in-depth review
 and scrutiny of the effectiveness of operations, finances, 1. Of an offense punishable by imprisonment for a period
and management actions. exceeding six (6) years.
• The BOD evaluates whether or not the profit earned by the 2. For violating the Corporation Code; and
business represents a sufficient return to shareholders. If 3. For violating Republic Act No. 8799, otherwise known as
not, the directors will then require management to formulate “The Securities Regulation Code”
actions and strategies for the improvement of profit during
the next period. b. Found administratively liable for any offense
• The directors assess whether a proposed capital involving fraudulent acts; and
expenditure project is viable. “Is the project viable?”. c. By a foreign court or equivalent foreign regulatory
• The board, through its audit committee, also addresses authority for acts, violations, or misconduct similar
potential fraud or irregularities that may affect the company to those enumerated in paragraphs (a) and (b)
and consequently the shareholders. above.

Corporate Governance related Provision of the Revised Revised SEC Code of Corporate Governance for Publicly
Corporation Code Listed Companies: A “Comply or Explain” Approach
• Section 22 of Republic Act 11232 otherwise known as the • SEC memorandum Circular 19, Series of 2016 provides
Revised Corporation Code of the Philippines provides: guidelines on the Corporate Governance of Publicly Listed
• Unless otherwise provided in this Code, the board of Companies.
directors or trustees shall exercise the corporate powers, • The circular is officially Revised SEC Code of Corporate
conduct all business, and control all properties of the Governance for Publicly Listed Companies (Code). Publicly
corporation. listed companies, as the term implies, are companies whose
• The board of the following corporations vested with public shares of stock are traded on the Philippine Stock Exchange.
interest shall have independent directors constituting at • The code adopts a “comply or explain approach” rather than
least twenty percent (20%) of such board: the rules-based mechanism of the SOX act. A “comply or
a. Corporations whose securities (debt securities or explain” approach combines voluntary compliance with
equity securities) are registered with the SEC, mandatory disclosure.
corporations listed with an exchange or with assets • Proponents of the “comply or explain” approach believe that
of at least fifty million Pesos (50,000,000.00) and there is no “one-size-fits-all” kind of corporate governance
having two hundred (200) or more holders of for all companies because they differ in size, nature of
shares, each holding at least one hundred (100) operations, location, and operating environment among
shares of a class of its equity shares. other factors.
b. Banks, pawnshops, and corporations engaged in
money service business, pre-need, trust and • The code is broken into sixteen (16) principles of corporate
insurance companies, and other financial governance. Every “principle” has its recommendations
intermediaries; and regarding corporate governance practices.
c. Other corporations engaged in business vested 1. Principle 1 – Establishing a Competent Board
with public interest similar to the above, as may be a. Recommendation 1.1 – The Board should be
determined by the Commission. composed of directors with a collective working
• “Independent director” is a person who, apart from knowledge, experience, or expertise that is relevant
shareholdings and fees received from the corporation, is to the company’s industry/sector.
independent of management and free from any business or b. Recommendation 1.2 – The Board should be
other relationship that could reasonably be perceived to composed of a majority of non-executive directors
materially interfere with the exercise of independent who possess the necessary qualifications to
judgment in carrying out the responsibilities as a director effectively participate and help secure objectives,
independent judgment on corporate affairs and to
• Section 24 provides that after their election, the directors of substantiate proper checks and balances
a corporation must formally organize and elect: • An executive director is a director who has executive
a. A president, who must be a director responsibility for the day-to-day operations of a part or the
b. A treasurer, who must be a resident whole of the organization.
c. A corporate secretary, who must be a citizen and • The non-executive director has no executive responsibility
resident of the Philippines; and and does not perform any work related to the operations of
d. Such other offices as may be provided in the by- the corporation.
laws
e. If the corporation is vested with a public interest, c. Recommendation 1.6 – The Board should ensure
the board shall also elect a compliance officer. that it is assisted in its duties by a Compliance
f. The officers shall manage the corporation and Officer, who should have the rank of Senior Vice
perform such duties as may be provided in the by- President or an equivalent position with adequate
laws and/or as resolved by the board of directors. stature and authority in the corporation.
1. The compliance officer is tasked to oversee and monitor the
1. Section 26 provides for the disqualification of corporate company’s degree of adherence to applicable laws and
directors, trustees, or officers listed as follows: regulations.
2. Within five (5) years prior to the election or appointment as
such, the person was: 2. Principle 2 – Establishing Clear Roles and
a. Convicted by final judgment: Responsibilities of the Board
 a. Recommendation 2.2 - The Board should oversee a. Recommendation 12.2 – The company should have
the development of and approve the company’s in place an independent internal audit function
business objectives and strategy and monitor their that provides and independent and objective
implementation, to sustain the company’s long- assurance and consulting services designed to add
term viability and strength. value and improve the company’s operations
b. Recommendation 12.5 – In managing the
3. Principle 3 – Establishing Board Committees company’s risk management system, the company
a. Recommendation 3.2 – The Board should establish should have a Chief Risk Officer (CRO) who is the
an Audit Committee to enhance its oversight champion of enterprise risk management and has
capability over the company’s financial reporting, adequate authority, stature, resources and support
internal control systems, internal and external to fulfill his/her responsibilities subject to a
audit processes, and compliance with applicable company’s size, risk profile and complexity of
laws and regulations operations.
b. Recommendation 3.4 – Subject to a corporation’s
size, risk profile, and complexity of operations, the 13. Principle 13 – Promoting Shareholder Rights
Board should establish a separate Board Risk 14. Principle 14 – Respecting Shareholder Rights and
Oversight Committee (BROC) that should be Redress of Violations of those Rights
responsible for the oversight of a company’s 15. Principle 15 – Encouraging Employees’ Participation
Enterprise Risk Management a. Recommendation 15.3 - The Board should
establish a suitable framework for whistle-blowing
4. Principle 4 – Fostering Board Commitment that allows employees to freely communicate their
a. Recommendation 4.2 – The non-executive concerns about illegal or unethical practices.
directors of the Board should concurrently serve as 16. Principle 16 – Encouraging Sustainability and Social
directors to a maximum of five publicly listed Responsibility
companies to ensure that they have sufficient time
to fully prepare for meetings, challenge Governance of Related Party Transactions
management’s proposals/views, and oversee the • Related party transactions are transfers of resources,
long-term strategy of the company. services, or obligations between the company and a related
party (e.g., subsidiary, key management personnel such as
5. Principle 5 – Reinforcing Board Independence CEO or CFO).
a. Recommendation 5.1 – The Board should have at • A subsidiary is a company that is being controlled by its
least three independent directors or such number parent company.
as to constitute at least one-third of the members • For instance, XYZ Company is one of the subsidiaries of ABC
of the Board, whichever is higher. Corporation. Therefore, any business transactions between
XYZ Company and ABC Corporation a Related Party
6. Principle 6 – Assessing Board Performance Transaction (RPT) Parent Company Subsidiary Company
a. Recommendation 6.1 – The Board should conduct Control
an annual self-assessment of its performance,
including the performance of the Chairman, Governance of Related Party Transactions
individual members, and committees. • Measures to govern RPTs include ensuring the following:
• Ensuring that transactions between related parties are at
7. Principle 7 – Strengthening Board Ethics arm’s-length basis, market, or reasonable price.
a. Recommendation 7.1 – The Board should adopt a • Determination of the purpose of the RPT’s
Code of Business Conduct and Ethics, which • Effective oversight of RPT by the board and/or related party
would provide standards for professional and transactions review committee
ethical behavior as well as articulate acceptable
• Internal limits for individual and aggregate exposures
and unacceptable conduct and practices in
• Restitution of losses and other remedies for abusive RPTs
internal and external dealings
• Full reporting and complete financial disclosures of RPTs
8. Principle 8 – Enhancing Company Disclosures
Governance of Executive Compensations
a. Recommendation 8.1 – The Board should establish
corporate disclosure policies and procedures to • Usually the salaries, bonuses, and other benefits of
ensure a comprehensive, accurate, reliable, and corporate executives are the highest in any company. This is
timely report to shareholders and other because of the relatively important skills needed and the
stakeholders that gives a fair and complete picture sheer difficulty of performing managerial tasks.
of a company’s financial condition, results, and • Many businesses use sales or profit achieved by the
business operations. company as a basis for determining management incentives
and bonuses. This is to motivate managers to perform their
9. Principle 9 – Strengthening the External Auditor’s jobs properly to achieve a high amount of sales or profit.
Independent and Improving Audit Quality • Section 29. Compensation from Directors and Trustees.
10. Principle 10 – Increasing Focus on Non-financial and
Sustainability Reporting M2S1: APPLYING ETHICS IN BUSINESS
11. Principle 11 – Promoting Access to Relevant Information
12. Principle 12 – Strengthening the Internal Control and Introduction
Risk Management System “It takes two years to build a reputation and five minutes to ruin
it. If you think about that, you’ll do things differently.” – Warren corporate culture that drives people in the company to do
Buffet things legally and ethically.
• Many of the high-profile corporate collapses during the • It can be said that without business ethics, the stakeholders
turbulent 2000s in the United States highlighted the lack of of the company will be negatively affected because their
ethics on the part of corporate executives. interests and concerns will not be met.
• Greed, dishonesty, self-dealing actions, and the like became
like financial “time bomb” that eventually resulted in the
demise of many business entities.
• When the dust settles, stakeholders such as investors,
creditors, employees, and society are at the losing end.

Ethics in General
• The term “ethics” is derived from the Greek word “ethos”,
which pertains to values, norms, and beliefs that determine
how people behave in everyday life.
• At its most basic level, ethics is concerned with how we act
and interact with other people. Do we act with integrity? Are
we straightforward and honest? These questions deal with
personal ethics.
• Ethics are belief systems and actions that guide people on
how to live their lives as they relate to other people around
them. It deals with truthfulness, justice, moral duties, and
obligations.
• It deals with truthfulness, justice, moral duties, and
obligations. It includes what is “good” to others and avoiding
what is not good.

• Understanding what is “right” and “wrong” can come from

different sources such as:
o Religion or spiritual beliefs
o Influence on family and friends
o Ethnic background
o Social upbringing
o Media (e.g., internet, TV, radio); and
o Personal role models
• Personal ethics does not only deal with doing what is “right”.
It also includes addressing conflicts in everyday situations.

Corporate Social Responsibility

• Corporate social responsibility (CSR) is concerned with the
responsibilities and obligations of businesses to people,
communities, and the society around them.
• Fulfilling one’s corporate social responsibility comes in
many forms:
o Businesses provide jobs to people living in communities
around them
o Businesses must pay the appropriate salary or wage
rates to their employees
o Businesses are mandated by the government to pay the
right amount of taxes
o Many businesses give to charities and conduct
philanthropic activities voluntarily

Definition and Nature of Business Ethics

• Business Ethics is the application of ethical principles and
standards in a business environment
• It is a broad discipline that attempts to address improper
attitudes and actions that could be detrimental to the
company. These improper actions necessarily include
fraudulent acts on the part of corporate officers and
employees
• However, business ethics is not confined to the prevention
of fraud and other irregularities. It seeks to achieve a
Difference Between Illegal Acts and Unethical Acts 3. Ethical principles adapted by the company
• Some acts are not prohibited by laws and government 4. List of instances of unethical acts
regulations. These acts are not illegal per se. However, not 5. Process for identifying the threats or risks or unethical
all acts that are legal are automatically ethical. acts
• For instance, no law in the private sector prohibits a 6. Process of determining whether the threats are
corporate officer from having a business transaction with significant
his/her employing company 7. Resolving ethical conflicts
• Conflict of interest arises when an officer or employee of the 8. Reporting of ethical issues and concerns
employing organization takes advantage of his/her position 9. Sanctions for violations of the code of ethical conduct
to improperly obtain an unjust advantage over the interest of 10. Approval of the code of ethical conduct
the employing organization.
• Conflict of interest must be avoided because they can result • The following specific unethical behaviors and unethical
in abuses. actions are also reflected and prohibited in the code of
ethical conduct:
Communication of the Code of Ethical Conduct 1. Divulging confidential information and trade
• Before implementing the company’s code of conduct, it secrets
must be communicated first to all people in the organization 2. Personal use of company vehicles and equipment
as well as to vendors, customers, and other interested 3. Unauthorized commissions and consulting fees
stakeholders. 4. Conflicts of interests and outside the business of
• The manner of communicating the ethical codes is ordinarily officers and employees
done through the following modes: 5. Reimbursement of personal expenses
1. Employee orientation program 6. Prohibition on bribery
2. Posting on the company website
3. Newsletter and publication Resolution of Ethical Issues in the Field of Accounting
4. Bulletins • If a behavior or an act is expressly prohibited in the
5. Official Memoranda; and company’s code of ethical conduct; then, it is outright
6. Employee Manual unethical. However, some situations are not always clear
whether they will be allowed or not. In these instances, the
resolution of an ethical issue will not be easy.
• Nonetheless, the following steps may serve as guides in the
resolutions of ethical issues:
1. Identify the facts
2. Identify the ethical issue
3. Analyze the alternative course of action
▪ Option A – If no adjustment or
reclassification is made
▪ Option B – If an adjustment or
reclassification is made
4. Make a decision.

M3S1: INTRODUCTION TO RISK: WHAT CAN GO WRONG?

Introduction
• Risks are inherent in every business. No profit will be earned
without taking a certain degree of risk. It can be said that
“doing business” is indeed a risk-taking activity.
Nevertheless, risks must be properly managed and be kept
within manageable levels.
• Too many high levels of risks can result in operational
bottlenecks, financial losses, poor corporate reputation, and
worst of all, closure of the business.
• Risk can simply be described as “things that can go wrong”.
In the sphere of managing risk, it is not right to say, “Let’s just
cross the bridge when we get there.”

• Risk can also be described as an event that can adversely

The Company’s Code of Ethical Conduct affect the operating profit, cash flow, capital, and even the
• There are no hard or fast rules in formulating a company’s reputation of a company.
code of ethical conduct. The ethical code must be tailored, • An example of a risk is credit risk, the possibility that
and fitted to the company’s nature of business, industry, customers of the company may not be able to pay on the
size, products, services, and other factors. due date.
• Nonetheless, the following are the major contents of the • Another example is operational risk, the possibility of a
code of ethical conduct: disruption in the operations of the business due to machine
1. Company profile breakdown, natural calamities, and other causes.
2. Objectives of the code of ethical conduct
• Governance  Risk Management  Internal Control Types of Risk
• Managing risks is central to good corporate governance. In a • Risks can be categorized into two broad groups: financial
well-governed company, risk managers must properly risks and non-financial risks.
control and manage the various risks affecting the business. • Financial Risks is the likelihood that the company might
On the other hand, corporate boards and risk committees incur financial loss, or suffer a decline in profit, capital,
must actively perform their oversight functions pertaining to investment, or cash flows, on account of the occurrence of
risk. events or transactions.
• Internal auditors must evaluate the risk management • Specific risks included under the financial risk category are
process to determine its effectiveness over time. credit risk, liquidity risk, and market risks. Market risks can
be further subdivided into interest rate risk, foreign currency
Definition and Nature of Risk risk and price risk.
• The Committee of Sponsoring Organizations of the Treadway
Commission (COSO) defines risk as “the possibility that an Types of Risk
event will occur and adversely affect the achievement of 1. Credit risk – The risk that a counter-party such a customer or
enterprise objectives.” a borrower might fail to pay its account on the due date. For
• Based on the definition, the risk is the likelihood that an instance, there is a possibility that a borrower of a bank will
event will occur. Such an event can prevent the company be unable to pay his/her loan on the maturity date. Credit
from achieving its business objectives. risk is present in all activities where there is an expectation
• These objectives may include, for instance, achieving a of a returns or repayment
specific amount of revenue or profit, manufacturing the 2. Liquidity risk – The risk that the business will be unable to
required quantity of products, safeguarding corporate meet its financial obligations as they fall due because of
assets, and ensuring compliance with applicable laws and insufficient cash, inability to liquidate assets or obtain
regulations among others. adequate funding given a short period of time.
3. Market risk – Is the risk of volatility in the market brought
about by factors of interest rate, foreign currency an market
prices.
a. Interest rate risk – Is the potential decline in
earnings and capital arising from changers in
interest rates in the market
b. Foreign currency risk – The risk that fluctuations in
exchange rates could affect the profit
of the business.
c. Price risk – The risk that changes in specific prices
(stock price, price of other investments) could
affect the profit or cash flow of the business.

• Business risk is the possibility that the business may not be

able to generate sufficient revenue or an increase in
production and increased operating cost might occur.
• Non-financial risk do not have an immediate direct financial
impact to the business. However. Their consequences may
be serious and can later affect the financial well- being of
the business if not properly mitigated. The following are
some examples:
o Operational risk – Is the risk that business
operations will be disrupted due to inadequate
or failed systems, processes, people, breaches in
internal controls or other unforeseen
catastrophes.
o Legal or compliance risk – The risk that the
company might fail to comply with applicable laws
and regulations such as tax laws, labor laws,
corporation laws, anti-money laundering law and
environmental laws.
o Health and safety risk – The risk that unforeseen
events could result to injuries, illnesses or even
loss of lives.
o Environmental risk – The risk that the company may
fail to control or minimizes factory wastes,
emissions, and other pollutants arising from its
business activities

• Strategic risk – The risk of selecting an inappropriate

corporate strategy or the failure of implementing ab
appropriate one.
• Reputation risk – The risk that reputation or image of the of the aims of the risk management process, to keep risk
company will be damaged due to reasons such as improper within the company’s risk appetite.
acts pf corporate officers, poor financial performance and
bad news about the company.

➢ The two important risks are related to the work of

professional accountants are financial reporting risk and
fraud risk:
o Financial Reporting Risk is the possibility that the
financial statements of the company will be
incorrect due to errors, lapses, or failure to apply
accounting standards such as the International
Financial Reporting Standards (IFRS)
o Unreliable financial statements could result to
erroneous financial analysis affecting the business
decision s of investors and creditors.

• Fraud Risk on the other hand, is the risk arising from

deceptive and intentional acts that result to loss of company
assets, resources and reputation.

Definition and Nature of Risk Management

• As previously discussed. Many risks affect a business. If
these risks are not properly managed, it will be “game over”
because the business objectives of the company will be
achieved.
• A formal risk management process, therefore, becomes
imperative in order to address and manage risks.
• Enterprise risk management is a process, effected by an
entity’s board of directors, management and other
personnel, applied in strategy setting and across the
enterprise, designed to identify potential events that may 3. Asses the risks. Any risk has two dimension (1) the probability
affect the entity, and manage risk to be within its risk that something can go wrong and (2) the negative consequence
appetite, to provide reasonable assurance regarding the or impact if that event occurs.
achievement of entity objectives. • Hence, the identified risks should be assessed in terms of (1)
likelihood of occurrence and (2) impact.
Risk Management as a Process • “Likelihood” pertains to the probability that the event will
• Risk management is not an isolated activity within the occur. In other words, “likelihood” means the chance of
company. It is composed of a set of interrelated occurrence. “Likelihood” is often classified into “high”,
components that operate in an integrated manner in order to “moderate” or “low”.
address the various risks affecting the company. • “Impact” refers to the significance or magnitude of the
negative effect of the risk to the company. The “impact” of a
Roles in the Risk Management Process risk is also classified into “high”, “moderate”, or “low.
1. Board of directors - conduct an oversight of the • Analyzing risks in terms of likelihood and impact is known
effectiveness of the company’s risk management process. risk assessment
Risk oversight pertains to the periodic review and monitoring
of the process being used by management in addressing and 4. Respond to the assessed risks. Management will select the
controlling risks. appropriate risk response depending on the result of the risk
2. Management – implements specific risk mitigation and management which can be “high”, “moderate” or “low”. Possible
control procedures in managing the various types of risks responses to assessed risks are listed as follows:
affecting the company. Management also identifies and • Accept – Tolerating or accepting the risk is permissible only if
assesses risks prior to selecting the appropriate risk it is of minor effect to the business or if its likelihood is
response. “remote” such that it is not worth the money or effort to do
3. Internal auditors – conduct examination of the risk anything about it.
management process for the purpose of determining its • Reduce – Risks that are likely to happen or those that are
effectiveness over time. expected to have a significant impact to the business cannot
4. Other personnel – implement specific tasks and duties be simply accepted.
pertaining to the processes within their departments. • Share – In some situations, the appropriate response might
be to share or transfer the risks to some other entity such as
Risk Appetite an insurance company.
• Risk appetite is the level of risk that the company can accept • Avoid - Avoiding a risk may be the right response when
in pursuit of its objectives. management thinks that mere reducing it is not enough.
• As previously mentioned, operating a business naturally
involves the taking of risks. However, these risks must be
kept to within acceptable or manageable levels. This is one
6. Monitor the risk management process. The risk management
process must be continuously monitored to determine if it
remains to be effective and efficient over time. Management and
corporate boards cannot make the erroneous assumption that an
effective risk management process will simply remain to be
effective.

Risk Management Frameworks

• Strategies for managing risks can only operate wee if they
are based on an appropriate framework for managing risks.
COSO Enterprise Risk Management and ISO 31000-Risk
Management are the two leading risk management
frameworks today.
• ISO 31000-Risk Management is a series of risk management
standards formulated by the International Organization for
Standardization. ISO 31000 provides a set if principles and
guidelines for the design, implementation and evaluation of
the risk management process for companies across
different industries.
• The International Organization for Standardization is an
independent, non-government organization that develops
voluntary international standards and is comprised of 165
member countries as of 2020. It was founded in 1947.