Introduction
On 22 January 2024, the Financial Reporting Council (FRC) published an updated UK Corporate Governance Code (2024 Code) which will, in due course, replace the current 2018 UK Corporate Governance Code (2018 Code).
Companies with a premium listing (whether UK or overseas incorporated) are required by the Financial Conduct Authority’s Listing Rules to make an annual “comply or explain” statement against the UK Corporate Governance Code, so listed companies (and others that have chosen to apply the UK Corporate Governance Code) will need to consider the key changes in the 2024 Code and ensure that they are in a position to meet its requirements when they become effective.
Effective date of 2024 Code changes
All changes, apart from those relating to Provision 29 concerning the risk management and internal control framework (see further below), will come into effect for accounting periods beginning on or after 1 January 2025. This means that premium listed companies with a financial year end of 31 December will need to start reporting against the 2024 Code in their annual report and accounts for the year ending 31 December 2025.
Given the new arrangements companies will have to put in place to be able to report against revised Provision 29, the effective date for reporting against that Provision is accounting periods beginning on or after 1 January 2026. Until then, Provision 29 of the 2018 Code will continue to apply.
Background
A consultation paper proposing revisions to the 2018 Code was published in May 2023 (Consultation). The Consultation followed the UK government's June 2022 response to the White Paper, “Restoring Trust in Audit and Corporate Governance”, which identified areas of the 2018 Code that could be strengthened, particularly around directors' responsibilities for internal control, risk, audit and corporate reporting. Further details of the Consultation are in our briefing Changes proposed to UK Corporate Governance Code - Potential implications for listed issuers.
However, when the government’s previously announced plan for primary legislation to modernise the regulation of audit, corporate reporting and governance was not included in the King’s Speech 2023, a Policy Statement issued by the FRC in November 2023 noted that, following engagement with stakeholders in relation to the Consultation, the FRC had decided to take forward only some of the original proposals in the Consultation and to stop development of the remainder.
As a result, more than half of the original Consultation proposals set out in the Consultation have not been incorporated in the 2024 Code. These include those relating to the role of audit committees on environmental and social governance, modifications to the 2018 Code provisions around diversity and over-boarding, and board committee chairs engaging with shareholders. A number of other proposals have also not been included as a result of the government’s decision in October 2023 to withdraw its Statutory Instrument relating to an audit and assurance policy, reporting on distributable profits and resilience statement requirements.
The FRC published guidance to accompany the 2024 Code on 29 January 2024. See Corporate Governance Code Guidance below.
Key changes in the 2024 Code
The 2024 Code continues to comprise 18 Principles and 41 Provisions set out in five sections, as in the 2018 Code, but some changes have been made to certain Principles and Provisions in all sections save Section 2 – Division of responsibilities which remains unchanged. The key changes in the other four sections are summarised below.
Section 1 – Board leadership and Code purpose: Key changes
- Principle A: To ensure the company can meet its objectives and measure performance against them, this revised Principle makes it clear that boards will need to have not just the necessary resources to do this, but also the necessary policies and practices.
- Principle C: This new Principle sets out the expectation that governance reporting should focus on board decisions and their outcomes to demonstrate the impact of the company’s governance practices. The Principle also states that where the board reports on departures from the provisions of the 2024 Code, it should provide a clear explanation. The updated Introduction to the 2024 Code notes that this reflects the fact that the 2024 Code (as the 2018 Code) is not a rigid set of rules, but offers important flexibility via the “comply or explain” approach to reporting against the Provisions in it. The FRC’s expectation is that this new Principle should help companies streamline and focus reporting on the 2024 Code and mean that unduly long explanations of policy can be avoided.
- Provision 2: A revision to this makes it clear that while boards must continue to assess and monitor culture, they must also assess and monitor how the desired culture has been embedded.
Section 3 – Composition, succession and evaluation: Key changes
- Principle J: This Principle has been revised to require appointments and succession plans to promote diversity, inclusion and equal opportunity. References to specific diversity characteristics are no longer included given diversity policies can be wide ranging.
- Principle L: This makes clear that as part of the annual board evaluation, the board’s performance should be considered alongside its composition, diversity and the effectiveness of its members in working together to achieve objectives.
- Provisions 21, 22 and 23: In each of these Provisions, reference is now made to a “board performance review” rather than to a “board evaluation”, reflecting the addition in Principle L above.
Section 4 – Audit, risk and internal control: Key changes
- Principle O: This has been amended to require the board to establish and maintain an effective risk management framework, as well as an internal control framework.
- Provisions 25 and 26: These Provisions, which set out the main roles and responsibilities of the Audit Committee, as well as the matters it should report on, have been amended to reflect the requirements set out in the FRC’s Minimum Standard: Audit Committees and the External Audit, published in May 2023, and to avoid duplication with that Minimum Standard.
- Provision 29: This heavily amended Provision (which will not apply until financial years beginning on or after 1 January 2026) relates to the role of the board in its monitoring and effectiveness review of the company’s risk management and internal control framework. That monitoring and review should in future cover reporting controls, as well as financial, operational and compliance controls which are currently specified as part of the monitoring and review of all material controls. In addition, there is a new requirement for the board to provide the following in the annual report:
- a description of how the board has monitored and reviewed the effectiveness of the framework;
- a declaration of the effectiveness of the material controls as at the balance sheet date; and
- a description of any material controls which have not operated effectively as at the balance sheet date, the action taken, or proposed, to improve them and any action taken to address previously reported issues.
Section 5 – Remuneration: Key changes
- Provision 37: This Provision has been added to, with it being specified that directors’ contracts and/or other agreements or documents relating to directors’ remuneration should include malus and clawback provisions.
- Provision 38: This is a new Provision requiring the annual remuneration report to include a description of its malus and clawback provisions. This description should include the following:
- the circumstances in which malus and clawback provisions could be used;
- a description of the period for malus and clawback and why that period is best suited to the organisation; and
- whether the malus and clawback provisions were used in the last reporting period and, if so, a clear explanation should be provided in the annual report.
Corporate Governance Code Guidance
The Corporate Governance Code Guidance (Guidance) has been published to accompany the 2024 Code. The Guidance provides advice, further details and best practice examples to assist those using the 2024 Code, which includes links to relevant sections in the Guidance.
Format of the Guidance
The Guidance, which is not prescriptive or mandatory and does not form part of the 2024 Code, brings together and adds to relevant content from previous publications such as the FRC’s 2014 Guidance on Risk Management, Internal Control and Related Financial and Business Reporting, its 2016 Guidance on Audit Committees and its 2018 Guidance on Board Effectiveness. It also includes links to other useful guidance, reports and publications on particular topics (from the FRC and elsewhere).
As a result, the guidance around the 2024 Code is now in one place, in a digitally accessible document which includes links to relevant sections of the 2024 Code and to other relevant publications. The Guidance is to be kept up to date and the FRC will publish notifications as and when significant changes are made to it. It is split into sections which are aligned with the 2024 Code, but also includes an Executive Summary and a new section covering good practice for the successful management of board committees.
Points to note in relation to the different sections include the following:
Executive Summary
This explains that the main purpose of the Guidance is to stimulate boards’ thinking on how they can carry out their role in governing their company effectively, but it is not to be used as a tick-box list of actions to be followed in all situations. Boards are reminded that they must determine the governance arrangements that are most appropriate to their company’s circumstances and where they cannot or choose not to comply with a 2024 Code Provision, then a cogent explanation should be provided.
Board Leadership and Company Purpose - Section 1 of the 2024 Code
Covering board decision-making, culture and engagement with shareholders and stakeholders, this section of the Guidance is broken down into a number of sub-headings, including Purpose, Strategy and Culture, with questions for board to consider included in many of those sub-sections.
Since new Principle C in the 2024 Code sets out the expectation that governance reporting should focus on board decisions and their outcomes to demonstrate the impact of the company’s governance practices, this section of the Guidance includes an “Outcomes” sub-section. This sets out questions for boards to consider in relation to company objectives, decisions taken to achieve those objectives, actions (taken and to be taken) in relation to the objectives and the impact of those actions on stakeholders and the company.
The theme of outcomes-based reporting is also picked up in other areas, including in relation to engagement with stakeholders where companies are urged to consider how they have addressed different stages in the engagement cycle, including engagement with suppliers.
Division of responsibilities – Section 2 of the 2024 Code
This section covers different board roles as well as board papers and the role of the company secretary in bringing information together. In addition, it includes a new section, “Good Practice Guidance for the Successful Management of Board Committees”. This looks at the role of board committees generally and then at the role of each of the nomination, audit and remuneration committees. It also considers the role of both a risk committee and a sustainability committee (and includes questions for each of those committees to consider), noting that while the 2024 Code does not require these to be established, other regulations/rules may require particular companies to have such committees in place.
Composition, Succession and Evaluation – Section 3 of the 2024 Code
This section of the Guidance covers matters such as succession planning, board performance reviews, outcomes of board performance reviews and external board performance reviews.
The first part of the section focuses on the need for the right skillsets and breadth of perspectives on the board, as well as the importance of diversity and inclusion on both the board and in the executive pipeline. It includes links to examples of diversity initiatives for companies to consider.
Audit, Risk and Internal Control – Section 4 of the 2024 Code
This is the longest section of the Guidance, and it is split into a number of sub-sections covering these principal areas:
- Audit – The FRC notes that the guidance in this sub-section should be read alongside the 2024 Code and the FRC’s Minimum Standard for audit committees, the Audit Committees and the External Audit: Minimum Standard, which was published in May 2023. The guidance includes recommendations about the audit committee’s relationship with the board, with the executive management and with internal and external auditors and sets out different questions for the audit committee to consider in each area.
- Risk Management – In this sub-section the Guidance aims to bring together elements of good practice for risk management and to prompt boards to consider how to discharge their responsibilities, including when determining and maintaining their emerging and principal risks. However, it does not set out in detail the procedures or framework a company could use to design, implement and operate its risk management and internal control framework as the FRC notes that risk appetite will differ from company to company and from sector to sector.
- Internal Controls – This sub-section relates to, among other things, new Provision 29 of the 2024 Code (see above). While the Guidance does not set out a risk management and internal control framework companies should follow, or define a material control (as this will depend on the nature of the principal risks a company faces), it does provide guidance on monitoring risk management and internal controls (at company and board level), on determining “material controls”, and at assurance via internal audit and external service providers to help the board satisfy itself that the framework is operating effectively. It also considers how boards should deal with improvements identified and board reporting in the annual report (on the effectiveness of the risk management and internal control framework, on the company’s principal risks and on the procedures in place to identify and manage emerging risks). The Guidance also looks at the declaration the board needs to make on the effectiveness of the framework and on the viability statement companies continue to be required to include in the annual report. In the context of risk management, there is also some guidance on cyber security for boards.
Remuneration – Section 5 of the 2024 Code
This section of the Guidance focuses on the role of the remuneration committee and it looks at workforce remuneration, non-executive directors’ remuneration and the remuneration policy in particular, including the use of discretion and malus and clawback provisions.
Comment
The first 2024 Code compliant governance reports will be published in the first quarter of 2026. However, the most significant changes in the 2024 Code are those set out in Section 4, particularly in relation to a company’s internal controls in Provision 29, and declarations relating to those internal controls will not be published until the first quarter of 2027, given that they are not required until annual reports for financial years ending 31 December 2026 and after are published.
In the meantime, as the FRC makes clear in its announcement accompanying publication of the 2024 Code, existing expectations relating to internal controls remain, so there is a continued need for boards to monitor their company’s risk management and internal control framework. They need to review its effectiveness at least annually and their monitoring and review needs to cover all material controls. As part of this, boards need to decide exactly what their own material internal controls are, the appropriate level of maturity of those internal controls for the business, and what levels of assurance the board requires in relation to the effectiveness of those controls.
However, the 2024 Code will also require boards to explain how they have conducted the necessary monitoring and review exercise, and their conclusions, through a declaration in the annual report. This new requirement reinforces directors’ accountability for their company’s risk management and internal control framework and increases focus on the need for that framework to remain effective.
The FRC believes the declaration should be a tool that drives clearer and higher quality reporting in this area. As well as determining what the material controls are in the context of their company and its business and strategy, boards will need to be transparent about those that have not operated effectively, while also providing information about the steps taken and to be taken to address issues and improve matters. They will also need to make their own judgment as to any assurances they want to seek.
Since it will take companies time to develop their approaches in this area, they will welcome the fact that they have an extra year before they need to make the required declaration. This will also give them time to consider the advice, best practice examples and suggested questions in this area set out in the Guidance.
Companies will also welcome the publication of the Guidance more generally. Having previously had to consider different sets of FRC guidance published at different times, a single condensed and digitally accessible guidance document that covers all aspects of the 2024 Code and links through to it (as well as to relevant FRC and other publications) should be helpful to boards and their committees.
The updated Introduction to the 2024 Code continues to stress the value of the flexibility afforded by the “comply or explain” approach to reporting against its Provisions. The FRC wants boards, investors and advisers to actively support that flexibility since it is strongly of the view that a cogent explanation for a departure from a Code Provision represents better governance than a default approach of box ticking compliance with a Provision that does not suit the company’s business. However, the FRC recognises that not all investors and stakeholders are of the same view and so it proposes to look at ways of addressing this through a thorough review of the UK Stewardship Code in 2024.