公司治理前沿动态及国际趋势PPT课件

0 问题企业 案例分析 2005年8月 公司治理前沿动态及国际趋势 1 目录 法规环境适用的法规以及守则基本理论与执行风险管理与内部控制 美国澳大利亚英国新加坡香港欧盟委员会 那些国际化企业是怎样做的 2 适用的法规以及守则 公司治理守则 2003年7月 伦敦证券交易所证券上市规则 有关良好公司治理守则以及最佳行为推荐的基本法则澳大利亚证券交易所证券上市规则 公司治理守则2005修订版新加坡证券交易所证券上市规则 企业管治报告香港联合交易所有限公司证券上市规则 欧盟委员会 使公司法规和公司治理守则现代化的行动计划 萨班斯 奥克斯法案2002第302节与第404节纽约证券交易所公司治理上市规则 3 强制性要求 遵循或解释 推荐最佳行为守则 基本理论与执行 4 美国萨班斯 奥克斯法案第302节要求 首席执行官与首席财务官保证 在其年度财务报告或季度财务报告中反映与公司财务状况有关的所有重大因素以及经营成果其已就内部控制的有效性做出评估 并在其会计年度报告或季度报告中做出结论 其有责任建立以及维护内部控制体系 风险管理与内部控制 5 美国萨班斯 奥克斯法案第404节要求 年度财务报告应包括内部审计报告 该报告应陈述管理层建立 维护适当的内部控制体系的责任以及财务报告的流程 包含对内部控制有效性以及财务报告流程的评估 注册会计师事务所应就管理层的评估以报告的形式加以证实 风险管理与内部控制 6 纽约证券交易所公司治理上市规则303节A 07 c d 纽约证券交易所上市公司守则要求 审计委员会应具备书面的章程陈述 审计委员会的目的 有关审计委员会年度工作的评估审计委员会的职责与责任 A D 讨论与风险评估与风险管理有关的政策上市公司均应设立内部审计职能部门 风险管理与内部控制 7 风险管理与内部控制 澳大利亚证券交易所证券上市规则 4 10 3 有关良好公司治理守则以及最佳行为推荐的基本法则 基本法则No 7 要求 建立一套良好的风险监控 管理和内部控制体系该体系应包括 识别 评估 监控和管理风险告知投资者企业风险层面的重大改变 该体系应能增强风险识别 并利用风险机遇创造价值的企业环境 8 风险管理与内部控制 首席执行官与首席财务官应书面向全体董事声明 财务报告的真实性和完整性建立在风险监控 内部合规性和控制体系之上 而该体系遵循由全体董事采用的政策风险管理 内部合规性以及控制系统有效地运行 如果达不到上述要求 为什么 首席执行官与首席财务官应当做什么 董事或适当的董事会下属委员会应当做什么 建立风险监控与管理的政策 9 风险管理与内部控制 在年度报告中应披露什么 披露任何与既定的风险监控与管理的政策相违背的情景 应向公众披露什么 或者在公司网站上公布什么 关于企业风险管理政策 内部合规性和控制体系的描述 10 风险管理与内部控制 公司治理守则 要求 董事会应至少每年度均针对公司内部控制系统的有效性进行审核 并向股东报告其审核工作 审核工作应涉及所有的重要控制 包括财务 经营以及合规性控制和风险管理系统 11 风险管理与内部控制 伦敦证券交易所证券上市规则 要求 针对公司如何应用公司治理守则出具描述性的声明 提供解释说明以协助股东评价公司治理守则的应用 12 风险管理与内部控制 公司治理守则2005修订版 要求 审计委员会应确保至少每年度均针对公司内部控制 包括由管理层建立的财务 经营以及合规性控制和风险管理政策与系统 的有效性进行审核 该审核应由内部或外部审计师执行 董事会应就内部控制的适当性在年度报告中做出评价 13 风险管理与内部控制 新加坡证券交易所证券上市规则 要求 披露任何与守则方针相违背的情景 并在其年度报告中就该情景加以适当的解释说明 14 风险管理与内部控制 企业管治报告2005 香港联合交易所有限公司证券上市规则要求 董事应至少每年度均针对公司内部控制系统的有效性进行审核 并在企业管治报告中向股东报告其审核工作 该审核应涉及所有的重要控制 包括财务 经营以及合规性控制和风险管理系统 15 风险管理与内部控制 要求 上市公司应在其年度报告中包含一份描述性的声明 该声明应涵盖公司架构和实际经营状况 其至少应包括 a b f 风险管理系统的现状和类型该声明应登载在上市公司年度报告的显著位置作为欧盟委员会在短期内的首要事项 欧盟委员会 使公司法规和公司治理守则现代化的行动计划 16 BritishPetroleum BP Whatisrequired Sampleriskmanagementpractice UK TheBoardshould atleastannually conductareviewoftheeffectivenessofthegroup ssystemofinternalcontrol includingfinancial operationalandcompliancecontrolsandriskmanagement undertheCombinedCodeoftheCommitteeonCorporateGovernance Source CombinedCodeoftheCommitteeonCorporateGovernance 17 OnBP swebsite CorpGovSection Sampleriskmanagementpractice UK TheBoardstatedithasconductedthereviewanddisclosesthemeans i e reviewofvariousreportsfromexecutivemanagement toreviewtheinternalcontrolsystemandtheBoardconcludedthattheinformationitreceivedwassufficienttoenableittoreviewtheeffectivenessofthecompany ssystemofinternalcontrol Source BP swebsite corporategovernancesection 18 Sampleriskmanagementpractice UK Approachtoriskmanagement Businesspolicies coveringFinancialControl HSE Relationships EmployeesandEthicalConductsettheparameterswithinwhichriskismanaged Source BP swebsite businessstructure governancesection OnBP swebsite BusinessStructureSection 19 Sampleriskmanagementpractice UK Atgrouplevel businessrisksareassessedintermsofoperationalperformancereview planningprocesses technicalandethicalaspects Forexampleawiderangeoftechnicalandoperationalriskassessmentswerecarriedoutasapartoftheproposalsforthepipelineonthesecurityofthepipeline orassessingthepotentialforanoilspill Source BP swebsite businessstructure governancesection OnBP swebsite BusinessStructureSection 20 Sampleriskmanagementpractice UK ForassuranceattheBUlevel theLeadershipteamgenerateandupdateariskmatrixquarterlyandensurethatactionsarebeingprogressed Source BP swebsite businessstructure governancesection OnBP swebsite BusinessStructureSection 21 Sampleriskmanagementpractice UK IntheFinancialandbusinessoperatingreviewsectionoftheannualreport BPidentifiedfinancialrisksrelatingtomarketrisk creditriskandliquidityriskMarketriskresultsfromchangesincurrencyexchangerates interestratesoroil naturalgasandpowerprices Source BP sannualreport financialandbusinessoperatingreviewsection InBP sAnnualReport 22 Sampleriskmanagementpractice UK Marketrisksaremanagedusingarangeofderivatives suchasfutures options swapsandforwardcontracts Allderivativeactivitiesarecarriedoutbyspecialistteamswithappropriateskills experienceandsupervision subjecttoclosemonitoringandcontrol Source BP sannualreport financialandbusinessoperatingreviewsection InBP sAnnualReport 23 Sampleriskmanagementpractice UK Creditriskistheexposuretolossfromnon performancebyacounterparty Creditrisksaremanagedthroughcreditapprovals limits useofnettingarrangements monitoringproceduresandindependentcreditchecks Source BP sannualreport financialandbusinessoperatingreviewsection InBP sAnnualReport Liquidityriskistheriskthatsuitablesourcesoffundingforthegroupmaynotbeavailable Riskmanagedthroughnegotiatingvariousundrawncreditfacilitywithfinancialinstitutions 24 Sampleriskmanagementpractice US NYSElistingruleoncorporategovernancerequiresAuditCommitteetodiscusspoliciesregardingriskassessmentandriskmanagement ThisresponsibilityisincludedinMicrosoft sAuditCommitteeCharterandChecklist Microsoft Whatisrequired Source NYSElistingrule303A7 c iii D Microsoft sAuditCommitteeCharteronitswebsite 25 Sampleriskmanagementpractice US ProvidesSecurityRiskManagementGuideaimsmainlyforITsystemsecurityrisks Someoftheriskmanagementguidelinesarealsousefulforgeneralbusinessoperations 6stepsframeworkforrespondingtoriskevent ProtectLife Contain Assess DetermineCause RepairandReview OnMicrosoft swebsite Source Microsoft sSecurityRiskManagementGuideonitswebsite 26 Sampleriskmanagementpractice US ProtectLife ensuringpeople ssafetyisalwaysthefirstpriority Containthedamage limitadditionaldamage Usejudgementtodetermineifoperationsshouldbesuspendedorcontinuedforthesituation Assessthedamage tobeperformedrightafterthesituationiscontained Implementcontingencyplansothatnormaloperationsandproductivitycancontinue Source Microsoft sSecurityRiskManagementGuideonitswebsite OnMicrosoft swebsite 27 Sampleriskmanagementpractice US Determinethecauseofdamage developactionplanstoreactshouldsimilarriskeventhappenagainRepairthedamage restorenormalbusinessoperationsasquicklyaspossible Thebusinesscontinuityplanshouldcovertherestorationstrategy Reviewresponseandupdatepolicies reviewtheriskmanagementprocessanddeterminewhatwereexecutedsuccessfullyandwhatmistakesweremade Source Microsoft sSecurityRiskManagementGuideonitswebsite OnMicrosoft swebsite 28 Sampleriskmanagementpractice US Anotherapproachtoriskmanagementisproactiveapproach similartotakingvaccinationStepsinvolveidentifybusinessassets determinewhatdamageariskeventcouldcausetotheorganization identifytheorganizationvulnerabilitiesanddeterminehowtominimizetheriskbyimplementingappropriatecontrols Source Microsoft sSecurityRiskManagementGuideonitswebsite OnMicrosoft swebsite 29 Sampleriskmanagementpractice US Theproactiveapproachcanbeachievedthroughaquantitativeriskassessmentorqualitativeriskassessment Quantitativeriskassessmentinvolvesmeasuringrisks ortheconsequenceofrisks bynumericvaluesuchaswhatitwouldcosttoreplaceasset costsoflostproductivity brandreputationorotherdirectandindirectbusinessvalues Source Microsoft sSecurityRiskManagementGuideonitswebsite OnMicrosoft swebsite 30 Sampleriskmanagementpractice US Probabilityofeachriskoccurringisestimated Thepotentiallosscouldthenbecalculatedbasedontheriskvalueandprobabilityofrisk Safeguards controlsandactionsaredevelopedaccordingly Qualitativeriskassessmentinvolvesprioritizationofrisksbasedontheirrelativesignificance Therisksareidentifiedthroughquestionnairesorworkshopsbythebusinessunitowners Controlsarethendevelopedbasedontheriskprioritization Source Microsoft sSecurityRiskManagementGuideonitswebsite OnMicrosoft swebsite 31 InChinaLightandPower sAnnualReport Sampleriskmanagementpractice HK Reportingoncorporategovernancepracticesisrequired CLPdisclosedriskmanagementframeworkinthe Howdowemanagerisk sectionintheannualreport Source HongLongListingRuleAppendix23 CLP sannualreport howdowemanagerisk section 32 Sampleriskmanagementpractice HK CLPdefinedrisksintothreecategories operationalrisk financialriskandmarketrisk Operationalrisk mitigateprolongedshutdownofpowerplantbyconductingHazardandOperabilitystudyandinstallbackupsystemsforcriticalprocesscontrol Source CLP sannualreport howdowemanagerisk section InChinaLightandPower sAnnualReport 33 Sampleriskmanagementpractice HK Marketrisk mitigaterelianceonHongKongelectricitybusinessriskbyexpandingintoPRCandAsiaPacificRegion mitigatecompetitionriskfromgassuppliersbymaintainingqualityandreliableservice Financialrisk mitigatecashflowriskbymonitoringcapitalrequirementandmitigatepensionobligationbytransferringdefinedbenefitplanstodefinedcontributionplans Source CLP sannualreport howdowemanagerisk section InChinaLightandPower sAnnualReport 34 InLi Fung sAnnualReport Sampleriskmanagementpractice HK RiskmanagementframeworkdisclosedintheannualreportundertheCorporateGovernancesection SetupRiskManagementCommittee compriseoftheChairman PresidentandCOO CFO sameperson toreviewtheGroup sriskmanagementandinternalcontrolsystemsandmakerelevantrecommendationstotheBoard Source Li Fung sannualreport corporategovernancesection 35 Sampleriskmanagementpractice HK Establishanoperationsupportgroup underthesupervisionoftheGroup sCOO tocentralizethefunctionandcontrolexercisedoverglobaltreasuryactivities financialandmanagementreporting andhumanresourcesfunctionsandcomputersystems Source Li Fung sannualreport corporategovernancesection InLi Fung sAnnualReport 36 Samplepractice Singapore SingteldiscloseditsriskmanagementframeworkintheCorporateGovernancereportandfinancialriskmanagementisdisclosedintheoperatingandfinancialreviewsectionoftheannualreport Singtel sAuditCommitteedeclaredthatitisoftheopinionthatthereareadequateinternalcontrolsintheGroup Source Singtel sannualreport corporategovernancesection InSingtel sAnnualReport 37 Samplepractice Singapore Framework policiesandproceduresareestablishedforriskmanagement ReviewconductedbySingtel sInternalAuditControlSelf AssessmentsconductedbyBUBenchmarkingagainstkeyriskindicators suchaslossreporting exceptionsreportingandmanagementreviews Maintainingastrongcontrolenvironment Source Singtel sannualreport corporategovernancesection InSingtel sAnnualReport 38 Sampleriskmanagementpractice Australia WestpacsetupaRiskManagementCommitteetoreviewandapprovalriskmanagementpolicyandframework WestpacdisclosestheriskmanagementapproachandCEOandCFOperiodicallyprovidetheriskmanagementeffectivenessstatementinthecorporategovernancesectionoftheannualreport InWestpac sAnnualReport Source Westpac sannualreport corporategovernancesection 39 Sampleriskmanagementpractice Australia Theriskmanagementframeworkisdisclosedinmoredetailsinitswebsite TheframeworkreflectsWestpac scorevalues vision coreobjectivesandstrategy Risksarecategorisedinto creditrisk marketriskandoperationalrisk Source Westpac sRiskManagementPrinciplesreport InWestpac sAnnualReport 40 Sampleriskmanagementpractice Australia Creditriskismanagedbyprogramapproachwhichassesshighvolumehomogenouscreditriskonastatisticalbasisaccordingtopredeterminedobjectivecriteriaortransactionapproachwhichinvolvedetailedanalysisonacasebycasebasis Marketriskismanagedbytradingbookwhichinvolvestrading distribution underwritingandinvestmentactivitiesorbankingbookwhichinvolvesliquidityandcapitalmanagementactivities InWestpac sRMPrinciplesReport Source Westpac sRiskManagementPrinciplesreport 41 Sampleriskmanagementpractice Australia Operationalriskismanagedthroughcontinuousselfassessment monitoringandcontrollingactivitiesperformedbyalllevelsofstaff Source Westpac sRiskManagementPrinciplesreport InWestpac sRMPrinciplesReport 42 Londonbombattacks Contingencyandbusinesscontinuityplansinvolveuseofbackupsites advancedandsecuredelectroniccommunicationsystemstocontinuebusinessactivities Thefinancialmarketsoperationwasnotdisruptedbythebombattacks Source FinancialTimes RiskmanagementinAction London 43 Back upSlides 44 AccountabilityandAudit FinancialReporting Requirement ManagementhavetoprovideexplanationandinformationtotheboardforapprovalassessmentDirectorhavetoacknowledgeresponsibilityforpreparingtheaccountsAstatementbytheauditorabouttheirreportingresponsibilitiesUncertaintiesshouldbeclearlysetoutintheCorporateGovernanceReport Recommendation Haveastructuretoindependentlyverifyandsafeguardtheintegrityofthecompany sfinancialreporting Requirethechiefexecutiveofficertostateinwritingtotheboardthatthecompany sfinancialreportspresentatrueandfairviewTheboardshouldestablishanauditcommittee 45 Requirement DirectorshavetoexplaintheirresponsibilityforpreparingtheaccountsStatementbytheauditorsabouttheirreportingresponsibilitiesThebusinessisagoingconcern withsupportingassumptionsorqualifications AccountabilityandAudit FinancialReporting Requirement TheBoardhavetoprovidetheshareholderswithabalancedandunderstandableassessmentofthecompany sperformance positionandprospectsonaquarterlybasis Themanagementhavetoprovidetheboardwiththeabove 46 AccountabilityandAudit InternalControls 内部审计部门的設立 Timing 匯報形式 声明者 1PartofAnnualreporting 1Atleastannually 1Atleastannually 1Atleastannually 2Internalcontrolreport 2企業管治報告 2PartofAnnualreport 3AttestedbyAuditors 3Reviewed commentedbyDirectors 2Reviewed commentedbyDirectors 3Reviewed commentedbyinternalorexternalauditors 4InternalAuditrequired 4InternalAuditrequired 3InternalAuditnotexplicitlyrequired 4並無内部审计部门設立需求 47 Londonbombattacks RiskmanagementinAction London Afterlearningfrom911incident Financialinstitutionsgetbetterpreparedandadoptedtheircontingencyandbusinesscontinuityplanstocontinuetheiroperationdespitetheshutdownofandhenceparalysed