Conflict of interest has been topical in the recent history with the debacle of “state capture” involving audit firms and the likes, and not forgetting landmarks events such as Steinhoff, Old Mutual (Moyo debacle) etc. raising questions on the effectiveness of the governance structures existing within Corporate and Public Sector.
Are they even there? Do they have the knowledge/skills or even have the necessary authority to effect the necessary change or are they fit & proper?
In the past year, Board and Sub-committee members have increased their level of awareness and scrutiny to management reports and the levels of assurance that can be drawn from it.
Similarly, professional bodies such as SAICA and IIA have come under scrutiny on whether;
- they can actually “bite” when a member has acted in a questionable manner;
- whether there is a process to be followed in these eventualities and;
- has the process stood the test of time or;
- has a proven record of adding value to the organisation over time.
Many organisations have policies in place on conflict of interest that will address one of the following issues:
- that conflicts of interest must be disclosed at the earliest point of detection. Generally, they’ll be a register where all the necessary information is recorded, nature and monetary value.
- that the concerned individual should not be involved in the decision-making process concerning the conflict.
The definition of conflict of interest relates to the existence of a conflict (clash) between private interests and official responsibilities of a person in a position of trust including family members and in external organisations, businesses and practices.
These policies have been placed under serious scrutiny on their adequacy in preventing/managing conflicts of interest.
So, the issue in many instances including the fall of entities such as Enron, is that there’s an existing relationship between the conflicted parties and it “waters-down” the policies in place.
The culture of stakeholder management exists in a business where events like golf days are held to strengthen business relationships. These often set a different tone to that of conflict of interest as they create a relationship of trust amongst stakeholders which underpin many important decisions in the business.
It can be argued that the existence of conflicts of interest is the genesis of the problem. Prevention is always better than cure.
Professional bodies likewise, have reviewed their code of conducts and reverted to members to sign on an annual basis. Understandably so, the reputational risk on them is immense because the question remains that “is a professional membership a carrot or stick (or both) relationship?
Is the benefit of professional membership balanced with the behavioural requirements? The systemic risk cannot be ignored.
These recent events as seen in media reports have raised the questions that we`ve never had to deal with before simply because there were no delinquents or even if they there were there, they were few and far between or didn’t hold any reputational risk whatsoever.
It is normal business practice that senior positions are mostly based on networking relationships formed in and outside of the business environment. Some can be traced as far back as primary school and therefore run very deep. They also provide a comfortable level of trust, an important element in business dealings.
At this level of management, the character of an individual outweighs their competencies. Where the conflict concerns a person in a position of power, then the assurance providers come under extreme pressure not forgetting the impact on their careers. This is where the lines of assurance, be it Audit or Risk, are side-lined one way or the other.
The COSO framework of 2017 stressed that not only do risk professionals need to review the implementation of strategies but should be involved in its formulation and evaluate its appropriateness in light of the vision & mission of the entity.
It is very easy to get side-tracked by a brilliant strategy, but does it speak to the heart of the entity?
And so the same principle should apply here. The risk of conflicting interests should not only be acknowledged but fully dissected by the risk professionals, the implications and depth thereof. Only then can the appropriate response be formulated. Business relationships exist purely for business and not for personal gain.
Where a conflict arises, the introspection point for the decision-makers is primarily if that situation should exist in the first place.
Secondly, is the exclusion of the conflicted member in the decision-making process translate to the fact that their referent power, influence, existing relationships becomes absent in the minds of the decision-makers?
Can we, therefore, really argue that they do not influence the decision? What happens with the outcome of the decision and the impact on the existing relationship?
Lindiwe Magobholi is an IRMSA Risk Intelligence Committee Member.