The final brick in the wall

For better or for worse, Nigel Turnbull’s name will always be associated with corporate governance and risk control.
For him, the immediate aftermath of the Turnbull report was a burden rather than a benefit. “I call myself the infamous Turnbull,” he says. “I was unemployable for 12 months after the report. The initial reaction of most people was not that positive.”
Turnbull, a trained accountant, is now a consultant with the Risk Advisory Group. He has also sat on a number of boards in his time.
The Turnbull report is the culmination of corporate governance reforms that were instigated 10 years ago, in the aftermath of the Barings crisis. Led initially by Sir Adrian Cadbury in 1998, the Hampel Committee’s combined code on corporate governance came into effect.
One of the requirements of the combined code is that companies must maintain a sound system of internal control to safeguard shareholders’ investment and company assets. The Turnbull report aims to act as a framework to assist companies in implementing this part of the code.
The guidance provides a risk-based approach to establishing the system of internal control. Compliance with the code and the Turnbull guidance is now obligatory for all companies listed on the London Stock Exchange. A statement of full compliance has to be included in all annual reports for the year ending 23 December 2000.
It is also beginning to be adopted in other sectors.
This year, a report on accountability in government suggested that the Government should pick it up and Turnbull says there are signs the Europeans may adopt it.
The official title of the report is ‘Internal Control: Guidance for Directors on the Combined Code’, but it will go down in corporate history as the ‘Turnbull report’.
Turnbull is sanguine about this. “It was Cadbury, then it became Hampel, so it was bound to end up as Turnbull,” he says. “But in a sense we did quite well. We actually managed to get the whole way through the first exposure draft before my name started to sneak in.”
Turnbull still seems surprised he was involved at all in the guidance. He says that when he was approached by Graham Ward, president of the Institute of Chartered Accountants, to chair the working group, his knowledge of the intricacies of the combined code was limited.
“Graham Ward rang me up out of the blue,” Turnbull says. “He said, ‘You know that Hampel did not actually deal with guidance on internal control.’ I said, ‘It didn’t?’ Or ‘What is that?’.”
Turnbull says, initially, he was brought in to ensure that the professionals did not take over. “If they had left the chartered accountants to draft the report, you wonder how on earth businesses would have complied,” he says. “So on that basis and given a reasonable opportunity to select tactful people who would take a pragmatic view, I agreed to do it.”
Despite the number of column inches given to Turnbull, the report runs to just 15 pages. This compares with the US and Canadian equivalents on risk control, which run to a couple of hundred pages.
Turnbull candidly admits that he has read neither of the reports. “It did not seem to be a very good idea to get bogged down in what other people had done. I wanted to start with a clean sheet,” he says. “The Americans like to codify – my view is that it is best to try to leave things to people’s imaginations to get the best out of it.”
In the initial aftermath of the report, the response to the compliance requirements was not that positive. Claims that it would bog business down in the time and expense of yet more administration, or that it was likely to make little difference in practice, were levelled against him.
Turnbull found his name associated with every criticism of corporate governance. “The report is terribly misused,” he says. “I keep on seeing it misquoted. Anything people want to have a go about, they say under Turnbull you would not be able to do this. I regret to say that people quote it rather more often than they read it.”
One criticism that has been levelled is that is easy to comply by including one paragraph in the final accounts – a paper exercise without buying into the process.
Turnbull says this issue was raised, among others, by one of the big five accountants, when the initial draft of the report was released. But he says it misses the point.
The aim of the report, he says, is to introduce a mechanism for directors to address the issue of risk. It was not his aim to deal with every why and wherefore.
Provision is made for auditors to check that the procedures are, in fact, in place, but Turnbull says shareholder pressure is likely to be the major incentive to compliance. He says that when the guidance came out, one of the shareholders’ groups was particularly vocal on the fact that they will be taking the boards to task on this.
“It will be very interesting to see whether shareholders start getting nasty with boards that do not appear to be trying to comply,” he says.
“If something goes wrong, the institutional shareholders will come down on them like a ton of bricks.”
While he is a great advocate of risk management, Turnbull is sympathetic to the pressures on businesses. He takes a realistic view of the importance risk management may play – particularly in smaller companies that are starting up.
As a director of an Aim company, he says the biggest risk the day it floated was whether or not it could raise capital. “There are a lot of things that you would call good management practice, but if you do not have capital to get started it is a
little daunting to launch a major risk
exercise because your gut feeling is that you know exactly where the risk lies.”
But he genuinely believes that companies that follow the guidance will benefit. He has implemented it in his role as non-executive chairman of Lasmo.
“We had some interesting conversations on our 10 key risks in a way that the board would not necessarily get around to if you did not have it written down that you were going to talk about it,” he says. “It is a question of getting risk on the agenda.”
Despite being an accountant, Turnbull does not subscribe to the view that risk control is best managed by the finance director or audit committee. He says lawyers are equally suited to the role of risk manager. To him, the skills of a lawyer are equally valid to the business as an accountant.
“If I was invited to pinpoint someone within the corporation who should have overall responsibility for the risk management process I think that it sits just as well with the in-house lawyer and company secretary as with the finance director.
“An in-house lawyer could easily take control of it because it is not meant to be merely a numerical exercise,” he says. “When you are dealing with operational issues, one or two may be financial, but eight out of 10 are not. In fact, in some ways I think it might be preferable.”
Turnbull admits that for UK in-house lawyers it may be a struggle to persuade the business of the importance of compliance if they are not sitting on the board. “One of the biggest challenges is finding a way into the board,” he says. “Actually being able to put these things on the agenda.”
Although in the US it is common for the in-house adviser to sit on the board, in the UK it is still a rarity, particularly in the larger groups.
Turnbull says that after 30 years in business, he thinks part of the problem lies in the attitude and culture of lawyers. “In the same way accountants can get bogged down in accountancy instruments, lawyers have a tendency to get bogged down in the law. The problem is you do not get a chance to take an overview and participate in the business.”
He goes one step further by saying that there is no reason why the finance directors of the future should not be lawyers. “There are a lot of precedents as to why lawyers are every bit as good as accountants in the CEO or FD role. You do not need to be a technician – what people are looking for in finance directors is something vastly different from someone who knows their way around accountancy practices.”
What does Turnbull hope the guidance will achieve five years down the line?
“The only gratification I get from the process is the fact that something that started off as an exercise in corporate governance is turning into what I think is one of the most effective management tools for running a business,” he says. “If this still stands up in five years’ time and is considered by MBA students as something we have achieved, we will have done well.”
He says, in retrospect, there is nothing he would have done differently, although one aspect the committee looked at was the issue of risk reporting.
While the Turnbull report requires the board to report compliance, it does not require it to list the risks that have been identified.
“I do not know if that will evolve, but it is something that we consciously decided was a step too far at that moment in time. There would have been an outcry if we had insisted on that since everyone would have said, hang on a minute, we do not want to tell our competitors what our problems are.”
Aside from his name, Turnbull says he now stands back from the report. “I do not speak about it a great deal,” he says. “You cannot do that. The report has come out and people have to live with what it says. It is not Nigel Turnbull’s current view of what it might have said.”
He does not pretend that the guidance set out in the report is pioneering in any way – his motive, he says, was simply to encapsulate best practice. “Everyone now refers to Turnbull and anyone would think that we were brilliant in coming up with this formula,” he says.
“In fact, we were not the least bit brilliant. We tried to be businesslike and set out the best practice that already existed.”

Report summary
- The Combined Code of the Committee on Corporate Governance is published.
- Principle D.2 of the code states that the board should maintain a sound system of internal control to safeguard shareholders’ investment and the
company’s assets.
- Provision D.2.1 states that directors should conduct an annual review of the system and report to shareholders that they have done so.
- 1998: Working party is set up by the Institute of Chartered Accountants and London Stock Exchange to provide guidance to listed companies on how to comply with the code.
- September 1999: Turnbull report is published.
- All companies with year-ends after 23 December 2000 are required to include in their annual report a statement that confirms that the directors have complied with the requirements of the Turnbull guidance.
- As a minimum, the board must confirm that:
- there is an on-going process for identifying, evaluating and managing the significant risk faced by the company;
- it has been in place for a year under review and up to date of approval of the annual report and accounts;
- it is regularly reviewed by the board and accords with the guidance in the Turnbull document.
- The disclosures should include an acknowledgement that the board is responsible for the system of internal control and reviewing its effectiveness.
- The board should also summarise the process it has applied to reviewing the effectiveness of the system of internal control.

Thank you for sharing!

You Might Like

Jones Day Adds Banking Partner Duo in Australia

Allen & Overy Hires Technology Duo to Bolster Asia Pacific Offering

Withers Gathers Class Action Suit Against Cord Blood Bank in Singapore

KWM, Allen & Overy and Allens Advise on $2.2B Financing Package

Featured Firms

More From ALM