The Office of the Superintendent of Financial Institutions (OSFI) has released a draft revised Corporate Governance Guideline (Draft CGG) for public consultation. The Draft CGG articulates OSFI's expectations with respect to the corporate governance of federally-regulated financial institutions (FRFIs).
In many respects, the proposed changes represent an evolution of, and improvement on, the current version of OSFI's Corporate Governance Guideline (Current CGG). The Draft CGG takes a more principles-based and outcome-based approach, and more clearly delineates between the roles of the Board and senior management.
However, it is important to recognize that the Draft CGG is not merely a refinement of the Current CGG; the Draft CGG reflects an increasing emphasis on the importance of the role and responsibilities of the board of directors, and the significant duties that go with them. This is articulated in the Draft CGG in a variety of ways that, taken together, give increased weight to the many responsibilities and duties of directors. As a result, the Draft CGG requires a director to not only have increasing financial industry and risk management competence, the two essential areas of competency the board must have, but also to (a) approve and oversee strategy, risk management, oversight, board and senior management functions themselves, and audit plans, and (b) not just discuss (as under the Current CGG) but to challenge, advise and guide senior management on operational and business policies, business performance and effectiveness of risk management.
A related change in the Draft CGG is a shift towards a more principles-based approach. The Current CGG is prescriptive on many points, having approximately 108 rules which federally regulated financial institutions (FRFIs) had to address in a detailed way to demonstrate compliance to OSFI. The Draft CGG takes a less prescriptive and more outcomes-based approach, while still making many of the same points made in the Current CGG. This is an improvement in that it allows for more flexibility, and does not encourage as much of a "check the box" approach. However, putting the onus on boards of directors to determine how they are going to achieve the applicable governance outcomes means that the responsibilities of the board are even more profound.
As it would be an invidious task and not a purposeful one to compare and contrast the Draft CGG and the Current CGG, it is better to note that the most important changes made in the Draft CGG are that it is more organized, focused and complete on what the board has to do. Given the true weight of the task, board members will have to know more, read more, prepare more for meetings, and follow financial industry and risk management developments on an ongoing basis more than ever before, and therefore spend notably more time to be a director of a FRFI and be engaged in the culture, risk management, business and operations of the FRFI.
One other comment that OSFI has made is that other guidelines that contain Board expectations will be revised. The idea is that the Draft CGG will be the sole repository of OSFI's expectations of Boards.
Key Elements of the Draft CGG
The board should understand the decisions, plans and policies being undertaken by senior management and their potential impact on the FRFI. This requires meaningful attention and application of a director's talents and time.
As in the Current CGG, the heads of the Oversight Functions should have sufficient stature and authority within the organization and be independent from operational management. The heads of the Oversight Functions should have unfettered access and direct reporting to the board and appropriate committee. This is similar to what is the case now but bears emphasis given the even greater focus placed on risk management.
The Draft CGG comments on governance of FRFIs that are part of a larger corporate group. Such FRFIs may be subject to or adopt certain policies of the parent that govern strategy, risk oversight and controls. It is made clear that the subsidiary Board is responsible for being satisfied that these are appropriate for the FRFI's business plan, strategy and risk appetite, and comply with Canadian regulatory requirements.
Under Board Effectiveness, in reference to the composition of the board, the CGG states that it should bring a balance of diversity, expertise, skills, experience, competencies and perspectives, taking into consideration the FRFI's strategy, risk profile, culture and overall operations. Two new words are mentioned more than once: "diversity" and "culture".
Board independence is addressed significantly as a key issue of Board Effectiveness and in particular, the separation of the Chair and the CEO position. The international trend on this point is clearly in this direction.
The Risk Appetite Framework is a very important area in the draft CGG. It is said that it should be well understood throughout the organization and embedded within the culture of the FRFI. Annex B to the draft CGG deals solely with Risk Appetite Framework; it is similar to the existing Annex B to the existing CGG.
The Board Risk Committee is given important focus and it is stated again that all members should be non-executives of the FRFI. Again, the key competencies of financial industry and risk management should be well-represented on the Committee.
The Chief Risk Officer (CRO) role gets significant attention. The CRO and Risk Management function should not be directly involved in revenue generation or in the performance of any business line or product. Footnote 13 to the Draft CGG says that for small less complex FRFIs, the CRO role can be held by another executive.
Audit plans should be risk-based and address all the relevant activities over a measurable cycle. The work of internal and external auditors should be coordinated.
The public consultation period on the Draft CGG ends on December 22, 2017 and OSFI expects to issue the final version of the new Guideline in Spring, 2018.