New corporate governance codes usher in change for AIM and UK-listed companies
Published on 12th Feb 2024
What are the main updates and what do they mean for corporate governance in the UK?
The Quoted Companies Alliance (QCA) and Financial Reporting Council (FRC) have both recently published new editions of their corporate governance codes.
The QCA's Corporate Governance Code is the main corporate governance framework used by small and mid-sized publicly traded companies in the UK, including 93% of AIM companies. The FRC's UK Corporate Governance Code applies to all companies with a premium listing on the London Stock Exchange. This scope is likely to widen under proposed reforms to the UK's listing regime which will create a single listing category for commercial companies.
Both codes are produced independently from each other – and it is understood that it is a coincidence that both have been updated at the same time.
The new QCA code
As in previous editions, the QCA code is structured as 10 principles followed by expectations of how those principles should be applied.
The QCA was keen to address concerns that some companies are simply paying lip service to their code. As a result, it has fleshed out the application of the principles and some requirements to make them both more substantial, specific and measurable while recognising the need for flexibility given that it is applied by many small companies.
The new edition of the QCA code retains still has 10 principles, though they have been substantially moved around and each has been updated. The most significant structural change is that the two principles that previously dealt with governance structures and directors' skills have been merged to make room for a new principle on remuneration policies and structure.
In addition, the new concept of a company's "purpose" has been threaded into the code – and this purpose must now be explained in a company's strategic report. This is described as its "essential reason for being" and should go beyond a "simple description of products and corporate structures". So companies will have to think about this concept and report on it as distinct from their strategy and business model, which are more established concepts within the QCA code.
Environmental and social considerations
The QCA stresses in its materials that environmental, social and governance (ESG) considerations are crucial for small caps as they look to keep pace with investor expectations and reporting requirements. In theory, there is an opportunity for many small caps to expand their investor base by complying with the reporting requirements; previously, they had not been a viable option for some investors as a result of the lack of ESG disclosure provided. These considerations have been threaded throughout the new QCA Code.
- Principle 3 "Seek to understand and meet shareholder needs and expectations". Companies must now produce quantitative and qualitative reporting in their annual report of environmental and social matters to meet investor needs and expectations.
- Principle 4 "Take into account wider stakeholder interests, including social and environmental responsibilities, and their implications for long-term success." These matters now must be integrated into the company's strategy, risk management and business model (further guidance can be found in the "QCA Practical Guide to ESG". Annual reports must now describe the environmental and social issues identified as material to the purpose, strategy and business model and set out any key performance indicators used to track performance and forward-looking targets on environmental and social matters.
- Principle 5 "Embed effective risk management, internal controls and assurance activities, considering both opportunities and threats, throughout the organisation." Boards must consider all potential risks on a proportionate and material basis, including climate-change risk. The annual report must explain the company's climate-related governance and opportunities, its process for identifying, assessing and managing climate risk, and how these processes are integrated into its overall risk management
- Principle 7 "Maintain appropriate governance structures and ensure that individually and collectively the directors have the necessary up-to-date experience, skills and capabilities." There are specific skills now listed where expertise on the board should be available, including cybersecurity, emerging technologies, and sustainability and climate change.
- Principle 10 "Communicate how the company is governed and is performing by maintaining a dialogue with shareholders and other key stakeholders." The application requirements draw out sustainability as an area where corporate disclosures need to be appropriate to satisfy the reporting needs of investors.
Principle 6 – "establish and maintain the board as a well-functioning, balanced team led by the chair" – emphasises diversity, but the QCA reiterated that this is not an area where it felt a quotas-based approach was appropriate.
Boards now have to consider factors such as socio-economic backgrounds, nationality, educational attainment, gender, ethnicity and age. These should feed into decision-making processes and succession planning.
The language on diversity is couched in terms of companies needing to "reflect" and "assess" rather than take immediate or specific action – though there is reference to having "sufficiently wide-ranging and business relevant input".
There is also an additional requirement to refer to diversity characteristics (though notably not statistics) in the annual report as part of the discussion on the mix of experience, skills and capabilities on the board.
However, the QCA stopped short of mandatory disclosures on workforce diversity given the number of very small companies on AIM and their view that a one-size-fits-all approach is not necessarily right for their purposes.
The emphasis on the workforce has been heightened in Principle 4. The QCA has emphasised the need to address specific concerns around the impact of a disengaged workforce on value and shareholder returns, as well as general investor attention on staff churn and retention rates.
Application provision (d) requires "particular attention" to be paid to the workforce and requires whistleblowing processes or similar to be in place, including arrangements for action to be taken when necessary. The language here is clear: companies should be doing this rather than simply considering whether putting something in place would be appropriate. Small companies without whistleblowing processes will need to put these in place to comply.
The importance of independence on the board has been reiterated in Principle 6 to "establish and maintain the board as a well-functioning, balanced team led by the chair".
The independent non-executive directors (NEDs) should comprise at least half of the board (this was previously in the guidance to the 2018 code, but more weight is being given to it by bringing it within the principle itself)
The application needs to clarify that the chair can count as part of the independent part of the board (provided they were independent on appointment and continue to be), although there was some confusion around this point in the 2018 Code.
Also, main committees – audit and remuneration – should have a majority of independent NEDs and should ideally be fully independent. The fact that generally independent NEDs should not participate in performance-related remuneration schemes or have a significant interest in share schemes has been brought forward from the guidance to the application of the principle itself. If this is not followed, shareholders need to be consulted first, and this must be disclosed in the annual report.
The QCA still does not give metrics for what might constitute independence but it does say that the board needs to be sensitive to both real and perceived risks to independence. That said, there is a long list of non-exhaustive factors which should be considered, including length of tenure and size of shareholding.
New remuneration principle
This is a new principle altogether (Principle 9), though it is not new material as it almost entirely echoes the remuneration committee guidance published by the QCA.
The main points of this new principle are that the remuneration policy should be aligned with the company's purpose, strategy and culture, and the policy should promote long-term shareholder value and promote the right behaviours and decisions.
The annual remuneration report should be put to an advisory shareholder vote, and larger companies may wish to put their remuneration policies to a binding shareholder vote.
There is also an annual report disclosure requirement to explain how the remuneration structure and practice supports the company's purpose, business model, strategy and culture.
Shareholder communication and engagement
There is greater emphasis in Principle 3 on "proactive engagement" with shareholders on governance, and individual responsibility is given to the chair (or a senior independent director) to lead this.
There is a new suggestion that companies with a controlling shareholder (for example, 30% or more) should "consider" protecting minority shareholders with a relationship agreement or similar: the use of "consider" leaves this up to the company's discretion based on its specific circumstances.
There is also an additional requirement in Principle 10 to ensure that disclosures satisfy the reporting needs of investors on matters, including sustainability (emphasising the need for companies to give investors what they need in terms of disclosure to be able to invest).
Audit and assurance
There is a new emphasis in Principle 5 on ensuring that appropriate assurance activities are undertaken as part of overall risk management (either internally or, where appropriate, externally). This may be obliquely referring to greenwashing concerns (which the FRC has also identified) so companies may need to do more to ensure the integrity of their ESG reporting, including seeking external assurance.
There is also new emphasis on the need for the audit committee to ensure auditor independence, and they must explain in the annual report how this has been monitored and formally considered.
Board performance reviews are now mandated to be carried out annually, and it has been clarified that a periodic external review should be undertaken by an independent third party.
The QCA has tried to make companies comply by requiring a description on the website of the board performance review process and cycle – which is a new requirement – and the disclosure requirements are very specific, including the criteria used for evaluation, how review procedures have changed since prior years, and how often external reviews take place.
The UK Corporate Governance Code
By contrast to the significant updates to the QCA Corporate Governance Code, the FRC signalled in November 2023 that it was intending to drop many of the changes that it had proposed to the UK Corporate Governance Code (CGC) earlier in the year.
The new 2024 version of the UKCGC, the most substantive change is a strengthening of the requirements about the monitoring and review of the company's risk management and internal control framework. Provision 29 of the current 2018 edition of the UKCGC already requires boards to monitor the company's risk management and internal control systems and, at least annually, carry out a review of their effectiveness and report on that review in the annual report.
Provision 29 in the 2024 version also states that the board should provide in the annual report a description of how the board has monitored and reviewed the effectiveness of the framework and a declaration of effectiveness of the material controls as at the balance sheet date. A description should also be provided of any material controls that have not operated effectively as at the balance sheet date, the action taken, or proposed, to improve them and any action taken to address previously reported issues
Additional UKCGC 2024 changes
- New Principle C. Governance reporting should focus on board decisions and their outcomes in the context of the company’s strategy and objectives. Where the board reports on departures from the code’s provisions, it should provide a clear explanation.
- Amended Provision 2. Boards should not only assess and monitor culture but also how the desired culture has been embedded.
- Amended Principle J. Diversity, inclusion and equal opportunity is promoted but without referencing specific groups. The list of diversity characteristics has been removed to indicate that diversity policies can be wide ranging.
- Amended Provision 23. Companies may have additional initiatives in place alongside their diversity and inclusion policy.
- Amended Principle O. The board is responsible not only for establishing but also for maintaining the effectiveness of the risk management and internal control framework.
- Amended Provision 25 and Provision 26. These changes reflect the minimum standard on audit committees and the external audit and the duplicative language has been removed.
- Amended Provision 29. This covers annual reporting on the monitoring and review of the company's risk management and internal control framework.
- Amended Provision 37. Directors’ contracts and other agreements or documents that cover director remuneration should include malus and clawback.
- New Provision 38. Companies will need to include in the annual report a description of their malus and clawback provisions, including the circumstances in which these could be used, a description of the period for malus and clawback and why the selected period is best suits to the organisation; and whether the provisions were used in the last reporting period. If so, a clear explanation of the reason should be provided in the annual report.
The FRC has also published guidance on the UKCGC, which prompts boards on matters to consider when determining and maintaining their emerging and principal risks. The guidance does not set out specific procedures to follow and acknowledges that risk appetite will differ not only on a company basis but also on a sectoral basis.
Specifically, on the new declaration of effectiveness of material controls, the guidance does not set out a framework that companies should follow or define a material control; this will be dependent on the nature of the principal risks. The guidance states that it is not the FRC’s role or intention to prescribe or dictate what a material control is for a company. Boards will need to determine the actions necessary to give them the information they require to make the declaration. The declaration relates to the internal controls and not the framework as a whole.
When will the new codes apply?
The QCA recommends that companies apply the new edition for accounting periods commencing on or after 1 April 2024 (so the first disclosures will be made in 2025). The QCA expects the first year to act as a transition period, so companies will have flexibility to build the capacity they need to apply its principles. During the transition period companies can focus more on using "explanations" on updated areas of the code to smooth the transition.
The new 2024 edition of the UKCGC will apply to financial years beginning on or after 1 January 2025. The only exception is new requirements to report annually on the effectiveness of risk management and internal controls (Provision 29) which will apply to financial years beginning on or after 1 January 2026.
Osborne Clarke comment
The QCA reiterated that, for the most part, this is just an iterative update as opposed to a wholesale change, though there are clearly some significant new inclusions such as ESG and remuneration. There is also more detail in the application provisions and there are significantly more substantial and specific disclosure requirements. Companies that apply the QCA code will, therefore, need to prepare for the transition to the new edition.
By contrast, the FRC did not take forward many of its original proposals such as those relating to the role of audit committees on environmental and social governance and modifications to existing code provisions around diversity, over-boarding and committee chairs engaging with shareholders. The 2024 edition of the UK Corporate Governance Code is, therefore, not significantly different from the 2018 edition.
This insight was written with the assistance of Tom Petrides, trainee solicitor.