UK Corporate Governance Code Preparedness: Challenges, Timelines, and Action Items
With the upcoming reforms to the UK Corporate Governance Code set to take effect on 1 January 2025, organisations are racing to prepare.
Organisations are placing a strong focus on readiness, with 88% of professionals indicating that aligning with the new reforms is a top priority for 2024 according to an AuditBoard and Ascend2 Research survey of 265 audit, risk, and internal controls professionals.
The findings highlight how audit leaders and executives are planning for these changes and shed light on both the challenges and strategic opportunities that these reforms present for businesses.
Read on to learn what survey respondents said about top challenges, when they expect to conform, and how much they expect their workload to increase — and download the full report, UK Corporate Governance: Turning Compliance into a Strategic Advantage.
Compliance Is a High Priority Across Industries
The importance of the Corporate Governance Code reform is widely recognised across all industries. Nearly nine in ten (88%) professionals surveyed feel that conformance with the reform is a high priority for their organisation in 2024. Sectors like technology, industrial, and financial, where regulatory scrutiny is particularly intense, are even more likely to feel this urgency, with 94% of industrial and technology professionals and 87% of finance professionals recognising the reform as a high priority.
Early planning and implementation are essential to achieving compliance and unlocking the associated benefits by the 2025 deadline. This aligns with the principles of effective risk management, which advocate for early risk identification and mitigation strategies to avoid last-minute compliance pressures.
TAKE ACTION: These industry-specific variations necessitate tailored strategies aligned with each sector’s risk profile. Adopting a sector-specific approach enables organisations to manage the complexities of governance reform more effectively. The FRC’s decision to retain the “comply or explain” principle highlights the need for flexible, tailored compliance strategies within a connected risk framework.
Leadership Alignment Is Critical
Interestingly, executives prioritise the reform significantly more than management professionals. The disconnect between executive priorities and management perceptions could hinder effective implementation and highlights the need for more robust communication and integrated alignment across teams, which promotes unified risk management across an organisation.
Ensuring synchronisation of all organisational levels is crucial for successful conformance with governance reforms. The FRC’s revisions, which stress the board’s role in overseeing internal controls, further emphasise the importance of top-down alignment to meet governance objectives. Best practices underscore the importance of leadership in fostering a culture of risk awareness and driving the alignment necessary for effective governance.
Executive Perspective: 94% of executives feel conformance is a high priority for their organisation this year, compared to 81% of those in management roles. While the repercussions of failing to adhere to these new reforms may not be as severe as the legal consequences of the Sarbanes-Oxley (SOX) Act, executives are still directly accountable to shareholders, regulators, and the broader market. This group may be more acutely aware of risks associated with non-compliance, including reputational damage, market consequences, scrutiny from institutional investors, and exposure to broader regulatory or legal risks.
Expected Timelines to Conform With the Corporate Governance Code
While 40% of organisations already comply with the Corporate Governance Code reform, another 41% expect to comply by the end of 2024, and 18% expect to conform in 2025 or 2026.
Timelines for conformance vary by industry, with some sectors expecting to meet the 2024 deadline, while others, particularly in the public sector, foresee delays until 2025 or 2026. This reflects differing levels of regulatory pressure and organisational readiness.
Organisations already compliant with the SOX Act are better positioned for conformance with the UK Corporate Governance Code reforms due to their established risk management frameworks. The survey found that 84% of respondents whose organisations were already compliant with U.S. SOX said their organisations were already conforming or expecting to conform in 2024 to the UK Corporate Governance Code reforms, as compared with 65% of all others.
TAKE ACTION: Leveraging these frameworks can facilitate timely compliance and ensure that internal controls remain robust. The FRC’s focus on internal controls and the 2026 requirement for board declarations further underscore the importance of an integrated approach encompassing all risk management aspects.
Challenges With Conformance Efforts
Lack of alignment on priorities across teams is the most commonly reported challenge among professionals regarding conformance with new governance code reforms, and by a wide margin. Resource constraints and the inability to obtain stakeholder buy-in are also key challenges.
These challenges indicated that organisational silos could significantly hinder effective governance, highlighting the need for a coordinated risk management approach. Breaking down silos by ensuring that risk management activities are integrated across the organisation can foster alignment and improve resource efficiency. The FRC’s decision to maintain flexibility in the Code, particularly regarding the board’s discretion in defining material controls, further emphasises the importance of internal alignment to meet governance expectations.
TAKE ACTION: The FRC’s revisions, which extend specific deadlines, allow organisations to strengthen their risk management frameworks and close any gaps in readiness. Coordinating risk management efforts across all functions ensures each department is aligned with the organisation’s governance strategy.
Implementing a comprehensive approach that includes non-financial risks, such as ESG factors, within the governance framework can also help mitigate these disparities in confidence. The FRC’s emphasis on board oversight of non-financial controls reinforces the need for organisations to integrate all risk areas into a cohesive management strategy.
Anticipated Impact on Workload
Nine out of ten (89%) professionals expect an increased workload due to the new governance code reforms. Increased workloads can strain resources, driving organisations to prioritise resource optimisation and workload management. Those already in conformance report the most significant burden.
TAKE ACTION: Assessing organisational resources needed to achieve transformation.
A lack of alignment and staffing resources (49% and 32%, respectively) are significant challenges as organisations work to conform with the new governance code reforms. These steps address these challenges by ensuring adequate resources are allocated and responsibilities are clearly defined.
- Evaluate Current Resource Allocation: Conduct a comprehensive assessment of current resources, including internal audit, risk, compliance, and infosectechnology teams, to determine whether they have the capacity and expertise to manage the required controls transformation. Consider hiring additional personnel or engaging external consultants if necessary.
- Establish Dedicated Controls Teams: Given the significant transformation required, especially for large organisations, setting up dedicated control teams separate from internal audit functions may be necessary. These teams would be responsible for designing, implementing, testing, and reporting on controls.
Turn UK Corporate Governance Code Compliance Into a Competitive Advantage
By aligning leadership, investing in risk and controls technology, and planning strategically, organisations can turn compliance with the UK Corporate Governance Code reform into a competitive advantage. For a deeper dive into how companies are navigating these changes and preparing for success, download the report, UK Corporate Governance: Turning Compliance into a Strategic Advantage.
Jason Sechrist is the Director of Compliance Solutions at AuditBoard, where he works with CIOs, CISOs, and IT compliance teams to help automate the administrative tasks of governance, risk, and compliance activities. He previously was the Global Head of Internal Audit and IT Compliance at Rackspace Managed Cloud Company, and started his GRC career with PwC in Silicon Valley. Connect with Jason on LinkedIn.
Adam Rajah is an Implementation Manager at AuditBoard who helps clients implement AuditBoard at their organisations. Previously a Manager at EY UK, Adam has significant experience in controls implementations and SOX testing. Connect with Adam on LinkedIn.
Chris is a Certified Internal Auditor and currently works as a Product Solutions Manager (EMEA) at AuditBoard. Prior to joining AuditBoard, Chris spent 8 years working in risk, internal audit, and internal controls roles within the eCommerce, retail, and manufacturing industries. Connect with Chris on LinkedIn.
