The future of the independent auditor

Audit market dominated by the Big Four

A fundamental tenet of corporate governance is the need for independent, external audit of the financial records and the accounts presented by boards to their members. This applies to every corporate entity, but particularly to listed public companies. Consequently, the provision of reliable audit services is vital.

A recent report from the U.K.’s Financial Reporting Council[1] (FRC) showed that in 2019 the Big Four audit firms[2] continued to audit all of the FTSE 100 companies.  The Big Four also audited all but 10 of the FTSE 250 companies—the other 10 being audited by the two largest firms outside the Big Four[3]. Audit fee income for the Big Four firms increased by 6.9% from 2018 to 2019, compared to 1.7% from 2017 to 2018.

The FRC recently questioned the procedures of the Big Four, following the highly visible collapse of some of their major audit clients including DHS and Carillion.

Separation of audit from consultancy

The dramatic collapse of the energy company Enron (case 1.2 in the fourth edition of my textbook) resulted in its Finance Director being jailed for sophisticated financial maneuvering, and drew attention to the extent of non-audit consultancy work carried out by its auditor, Arthur Andersen. This fiasco and other problems led to the collapse of the global Andersen firm, and the reappearance of its consultancy arm as Accenture.

It also produced the Sarbanes-Oxley Act (2002), which forever enshrined the names of Senator Sarbanes and Congressman Oxley in the annals of corporate governance. This act imposed stringent and expensive regulation on the American audit profession at the Federal level.

According to the FRC report, the Big Four’s fees, for non-audit work for their UK audit clients, declined 20.8% in 2019. This probably reflects the cap imposed by the government on non-audit services for public interest entities. It may also be a response to the operational separation of audit work from consultancy and other non-audit work by accountancy forms, which the FRC has demanded by 2024.

The regulation of the UK accountancy profession

When I served on the Council of the Institute of Chartered Accountants[1] (1979 to 1983), the accountancy profession regulated itself. Committees of the Institute disciplined members and their firms for misdemeanours and breaking the rules. At the time, self-regulation of professions was considered appropriate. But, as the trade guilds of the Middle Ages had already shown, self-regulation can be self-serving.

Regulation of the accountancy profession has shifted towards oversight by independent bodies authorised by the state. The number of audit firms registered with the Recognised Supervisory Bodies (RSBs) is declining: 5,660 in 2017, 5,394 in 2018, and 5,127 at the end of 2019.

Given current global problems, the need for financial and strategic advice by organizations (both profit and not-for-profit) is likely to be dramatic. The challenge of how such consultancy services are overseen and regulated, world-wide, has yet to be met. Some will respond that the market will winnow the wheat from the chaff, others might find this flailing process too cumbersome.

Bob Tricker

November 2020

[1] The Institute of chartered accountants in England and Wales

[1] Financial Reporting Council, 16 October 2020.

[2]  As discussed in a recent blog (30 January 2020) the big four are: Deloitte (comprising Deloitte, Touche, and Tohmatsu); EY (resulting from the 1989 merger of Ernst and Whiney and Arthur Young);KPMG (Klynveld, Peat Marwick, Goerdeler (formed from Peat Marwick International – previously Peat, Marwick); PwC (Price Waterhouse and Coopers)

[3].The five largest second-tier UK audit firms are: Baker Tilly, BDO, Grant Thornton, Mazars, PKF (a grouping of independent firms),

The modern board meeting

My recent blog (30 July 2020), ‘New approaches to corporate governance communication’, brought the suggestion that more changes had occurred in board-level meetings than just the widespread use of virtual meetings, which I had discussed.

I must admit that in the fourth edition of my corporate governance textbook, I do parody the old-fashioned board meeting of the ‘country club’-style board, with its older, mainly Anglo-Saxon men meeting in their formal boardroom, with its pictures of past chairman on the walls; a room used only for the monthly board meeting and occasionally somewhere to put the auditors. The agenda for such board meetings seldom varied, starting with ‘apologies’ and ‘matters arising’ through to ‘any other business.’ The agenda, prepared by the company secretary and approved by the chairman, was sent to all directors shortly before the meeting, supported by a pack of printed board papers­—financial and other routine reports. Few companies with country-club boards have survived in today’s business climate. The traditional pack of board papers has been replaced by an electronic version. Software for such applications have been available for some years.[1] in these board rooms, it is quite normal for directors to have their laptops or tablets in front of them on the boardroom table. But the use of electronic communicating devices during board meetings goes much further today.

Multiple sources of information

As well as accessing the set of formal board papers, directors may use their devices to explore other sites relevant to the topic under discussion, obtaining, for example, economic, financial, or market data and charts, or ‘googling’ other websites.

In addition to the tablet or laptop, directors may also have their smart phones in front of them. Some chairs insist that such devices be turned off, or switched to silent, to avoid disruption. Directors can then communicate with the outside world, during the meeting, at the same time as participating in it. Directors in virtual meetings will also have access to communication devices, while they participate in the meeting.

Moreover, should the need arise for more information, an executive director might say, ‘I’ll have my staff produce that information in the next three or four minutes,’ rather than, ‘I’ll have a report ready for the next board meeting.’

Directors need multi-tasking skills

As a result, directors today need multi-tasking skills, able to listen and contribute to ongoing discussions, whilst reading from a screen and texting for data. This multi-tasking ability may well come more readily to younger board members: older members may not have acquired those skills.

Meetings with more fluid agendas

Standing agendas, which follow the same month-by month pattern, now seem to be a thing of the past. Meetings are more fluid, responsive to emerging issues, with directors raising matters of concern as the meeting progresses. While still receiving financial, marketing, personnel, and other progress reports, the chair might ask, ‘what must we cover in this meeting?’ This enables rapid responses to emerging situations. It also runs the risk of the board spending time ‘fire-fighting,’ rather than focusing on vital longer-term strategic matters.

Performance issues outweigh conformance

In conventional board meetings, a well-known danger is domination by short-term trouble-shooting matters, arising from the supervision of management. Discussion of strategic issues are postponed or, worse, overlooked. In other words, conformance and compliance issues crowd out strategic thinking and policy making. However, with multiple sources of information and more fluid agendas, that failing can be overcome. However, that also needs skilful leadership from the chair.

New challenges and opportunities for the board chair

More fluid, responsive meetings raise new challenges for the chair. They also create more opportunities for leadership. As a meeting progresses, the chair must decide whether to allow or postpone discussion on issues as they arise. No longer sticking doggedly to the agenda, the chair must determine the best use of board time.

In the modern board meeting, the chair needs to ask:

  • Am I spending board time effectively?
  • Is the balance between performance and conformance issues appropriate?
  • Should more time or specific meetings be allocated to discuss longer-term strategic issues?
  • Do we need to review board policies?
  • Do I give every director, including the outside directors, the opportunity to raise matters for discussion before or during meetings?
  • are all board members able to multi-task in the way now needed? If not, what should be done about it?
  • In recent board meetings, what have we not addressed that we should have covered?
  • Does the board need to meet so often or so formally?

In the modern board meeting, directors have access to various devices to obtain information. Consequently, they need multi-tasking skills. Agendas have become more fluid, as issues emerge and are discussed. Strategic and policy matters need no longer be dominated by short-term issues, with the emphasis on performance not conformance and compliance. But these developments present new challenges and opportunities to the board chair.

Bob Tricker

September 2020

[1] for example see,, htps://

New approaches to corporate governance communication

At the height of the coronavirus pandemic, it was hard to imagine that any good could come from it. Yet history suggests otherwise: the horrors of the Second World War promoted the development of penicillin, modern air traffic control, and atomic energy. During the pandemic, many companies discovered new opportunities for interacting with management, their board members, and the shareholders. It now seems unlikely that most organizations will return fully to their previous patterns of communication.
With the cessation of international air travel, lockdown in most economically advanced countries, and people working from home, conventional meetings were replaced with their virtual counterpart, using electronic communication and video-conferencing software such as Microsoft Teams, Skype, or Zoom. Conferences and meetings, large and small, went online. The webinar replaced the seminar.
People and organizations seem to have adopted this new approach to communication with alacrity. However, virtual meetings can raise some interesting corporate governance issues. Consider the range of meetings in any corporate entity that could raise corporate governance issues:

  •  formal meetings of the governing body
  •  meetings of board committees
  • ad hoc meetings between directors
  • meetings of non-executive directors
  • meetings between directors, the CEO, and executive management
  • formal shareholder meetings
  • ad hoc shareholder communications
  • management meetings

Virtual interactions eliminate participants’ travel time, enabling better use of their time, as well as reducing costs. Virtual meetings can also improve board effectiveness. But these meetings have a different cultural dimension from face-to-face interaction.

The culture of virtual meetings

Virtual meetings are subtly different from conventional face-to-face meetings. They involve different communication processes. In physical meetings, the chair can look round at the faces, observe body language, and sense the ‘feel’ of the meeting, making it easier to wield authority.
The chair can maintain control by calling on people to speak, taking the lead, and insisting that comments are made ‘through the chair.’ Similarly, participants can see everyone in the room and act accordingly.
In virtual meetings, it is not so straightforward. Participants may be located anywhere in the world. Each is likely to be facing a split screen, which might be showing a whole gallery of those taking part, with the person speaking highlighted, or a close-up of the speaker filling the screen. Alternatively, the screen may show a chart, a bullet-point list, or some pictures, rather than the meeting participants.
The tone of the meeting can vary from that of a lecture with occasional questions, to a formal business meeting working through an agenda, or to just an ad hoc discussion between friends. Just like a face-to-face meeting, the number of participants affects the type of interaction: beyond about eight people, it becomes difficult to facilitate a discussion that involves everyone present.
Implicitly, the control of a virtual meeting is in the hands of the person who convened the meeting, sometimes called the ‘facilitator’ or ‘host.’ This may, or may not, be the formal chair of that group. If appropriate procedures for running the meeting are not established and followed, opportunities for ‘game-playing’ can arise. If it is not clear who is running the meeting, who may speak and when, who can summarize¬—in essence, who is in charge—some game-playing is inevitable. Although the ‘host’ does have the facility to ‘mute’ a participant considered out of order.
Virtual meetings have become an important component of corporate governance communication. Just like face-to-face meetings, successful virtual meetings need careful planning and skilful leadership, as well as responsive participants. Running virtual meetings requires new skills that can be learned.

Planning virtual meetings

Virtual meetings are easy to set up, yet they are more difficult to run professionally. Among the things that need to be considered are:

  • What is the purpose of the meeting? Is the topic clear? Is there an agenda?
  • Who will be invited to this virtual meeting? Do they all have access to the internet and the virtual conferencing facility we shall use? Do we have an email address or smart phone number to send the link or code for this meeting?
  • Will there be a lead speaker?
  • When is the most appropriate date and time to hold the meeting?
  • How long will the meeting run? If over, say, half an hour, are planned breaks necessary?
  •  Who is to be the facilitator, host, or chair for the meeting? Do they have the confidence and experience to do this well?
  • How is the virtual meeting to be announced and promoted, and how will invitations be extended? Is this notice adequate?
  • Are charts or other materials to be presented? if so, is the necessary equipment available and tested? Who will operate it?
  • Are the proceedings to be recorded? Who is to have subsequent access to this link? Will any other minutes or summary be made—if so by whom? Strict adherence to privacy and data protection rules must be observed.
  • How will success of the visual meeting be measured?
  • Depending on which communication platform is used, will there be a participant-number or time-based cost? Whose budget will be charged?

Running virtual meetings

Unless the meeting is to be an ad hoc, informal discussion between a few people, a moderator (facilitator, host, chair) will be needed. This is a specialized and demanding task, requiring personality, experience, and, possibly, training.
A protocol for running the virtual meeting is vital. The moderator should explain these at the start of the meeting. They should cover:

  • the agenda or the focus, and the purpose of the meeting, with anticipated outcomes
  • the planned structure and length of the meeting
  • the protocol for participation:
    o is this to be a lecture or talk, followed by questions?
    o are participants expected to contribute during the meeting?
    o if so, how should they indicate their wish to contribute?
    o if decisions are to be taken, how will choices be registered?
  • will there be subsequent access to the recording of the meeting?
  • will there be a summary or minutes?

Minutes of virtual meetings

The organizer can use the virtual conferencing software to record proceedings, to replace conventional written minutes. Participants, as well as those who didn’t attend the meeting, could be given a link to this record. However, some organizers prefer to have a summary or minutes, particularly when decisions have been taken. Such a written record can also record those present and the existence of any necessary quorum. For official company meetings, the company secretary should ensure that recording and note-taking is in place.
A link to the recording of the meeting indicates, of course, what people really said, how the discussion progressed, and what conclusions were actually reached; not just what a minute-writer subsequently remembers.

Participating in virtual meetings

The virtual medium can prove challenging. Participants may appear on-screen in close-up. Every smile, frown, grimace, enthusiastic nod or shake of the head may be caught. Emotions may be more visible than in close-up. Of course, just as in normal meetings, some participants will show more convincing presentation skills in a virtual meeting.
It seems likely that, in the future, speakers in important meetings, such as the AGMs of major companies, will have specific training in television presentation skills. In the future, this may be as important as the skill that goes into the design of a published annual report.
Close-ups also show the background behind the participant; consequently, experienced participants ensure that their background projects their image¬—an office, a library, or perhaps an armchair—and does not make them appear as though they have horns on their head, as happened in an Oxford webinar recently.

Regulating virtual meetings


Technical problems during an important virtual meeting, such as a formal shareholders’ meeting, would be unfortunate and could result in adverse media comment and reputational loss. The robustness of the hardware, software, and power supplies involved need to be considered, with stand-by, backup facilities, relevant to the significance of the meeting.


The security of the entire communication network for a virtual meeting needs to be considered, in relation to the importance of that meeting. Potential challenges include:

  • a breakdown in the service providing the meeting
  • a blackout in the centre hosting the meeting
  • a loss of communication anywhere in the networks connecting the meeting to its participants
  • unintentional interference in the network
  • malicious interference in the network, including eavesdropping for fraud, manipulation, or commercial espionage, blocking communications, inserting undesirable content


Many corporate governance meetings involve sensitive discussions and confidential information. In a face-to-face meeting, everyone can see who is there. Those present trust the others to adopt appropriate levels of secrecy. But in a virtual meeting, no one knows who might be behind a participant but out of camera shot. Trust, the essential foundation of corporate governance, then becomes even more vital.
Similarly, communications on corporate governance issues, including emails and their attachments, memos, letters, and telephone calls, can contain information that needs to be protected.
Consequently, every corporate entity should consider the levels of confidentiality that need to be associated with their corporate governance communications. For small organizations, this may be simple; for others it is an important task that can be overlooked. The following list suggests some different levels of confidentiality:


1. Open – corporate information intentionally in the public domain (e.g. press releases, corporate governance reports filed with government agencies, corporate advertising)
2. Members only – information intended for the members of that organization (e.g. shareholder announcements in a listed company intended for existing members and the stock market, reports to members in a cooperative society)
3. Private and personal – communication to named persons only (minutes of the last meeting sent to each participant)
4. Restricted – information and participation by named persons only with low levels of security (e.g. discussions about customer complaints)
5. Confidential – information for and participation by named persons with reasonable levels of security (e.g. meetings of the governing body of a corporate entity)
6. Secret – information and participation by named persons with security clearance (e.g. approval of the final accounts of a public, listed company prior to publication)
7. Top-secret – information and participation by named persons with top level security (e.g. discussions about responses to a major lawsuit)
8. Top-secret secure – face-to-face exchange between named persons, held in a secure location, with no records written or electronic allowed (e.g. discussions about a proposed hostile takeover bid)

Some organizations seem to give little thought to levels of security. Others take security matters to levels adopted by government security agencies, including sweeping rooms for listening devices or building intruder-soundproof meeting rooms. Every organization should consider whether their current levels of information confidentiality reflect the potential risks.
These categories above are not enshrined in law, but might help organizations review their current practices. They were derived from my experience, many years ago, as an officer in the Royal Navy.

Legal aspects of virtual meetings

Laws and regulations surrounding the governance of corporate entities, in most advanced jurisdictions, now provide for the disclosure of legally required reports to members and regulators to be made electronically. Similarly, as long as permitted by the entity’s legal constitution, electronic voting by members is allowed. Prior to the coronavirus, this was in addition to holding an actual meeting. Following Covid-19, however, some jurisdictions allowed the entire process to be held online.
Given the likely extension of virtual meetings and electronic reporting, further legislation may be needed covering, for example, the legal standing of virtual meetings, electronic records of such meetings, and the viability of decisions taken, to ensure equity and compliance.

Game playing in virtual meetings

Leadership emerges in every meeting, sometimes explicitly through an appointed chair, sometimes implicitly through the personality or position of a dominant participant. In the textbook, I describe some ‘games that directors play’ – a light-hearted, but realistic, look at ways used to manipulate situations to exert power. Just as people seek to influence, orchestrate, or dominate face-to-face meetings, they can do the same in virtual meetings, although the virtual medium provides them with new opportunities. Consider a few of them:

  • Taking over the argument
    Unless the facilitator is alert, it is not difficult to take a discussion in a new direction. One ploy is to agree with a previous speaker, but add a new idea, even though it has nothing to do with what the previous speaker was saying. (‘I totally agree with the finance director’s assessment of cash flow, but we do need to consider our policy on the cap on dividends…’) In this way, the subject and the focus of the meeting can be switched.
    Questioning the minutes of a previous meeting or referring to a recording of that meeting can also be used to reintroduce topics that were discussed previously and finalised.
  • Challenging the agenda
    This attempt to influence the meeting might suggest that an item on the agenda is less important than the alternative now proposed. The ultimate in this game is to offer a new agenda for the meeting.
  • Taking over the meeting
    If the facilitation is weak, attempts to dominate the meeting might involve questioning the meeting protocol, the role of the facilitator, or the time allowed for participants to speak, suggesting alternatives.
  • Calling your own meeting
    The ultimate challenge to an existing virtual meeting is to call another meeting with the same, or similar, membership. Anyone with access to the ZOOM app can call a meeting and invite participants to join.

Company secretaries may need to establish protocols, rules, and reporting requirements for convening, running, and reporting virtual meetings, and to monitor compliance.

Implications of virtual meetings for the chair

The chair of the governing body of every corporate entity has a vital role, not only to chair meetings, but to be its leader, creating its culture, and setting its moral compass. In a virtual meeting, the chair could see this role undermined by the meeting facilitator. But such new challenges also bring new opportunities for leadership. Skilled leaders use virtual meetings to unite their colleagues, advance their vision for the future for the enterprise, and enhance their authority.

Interaction between directors and management

Virtual meetings can enable non-executive directors to interact with the chief executive or other members of senior management. Properly handled, this can increase the information available to outside directors, improving their knowledge of the organisation, and thus their contribution to the board.
However, there are potential dangers: outside directors might interfere in management, trying to micro-manage executive decisions, thus usurping the legitimate responsibilities of the chief executive officer. All interactions between outside directors and management should be consistent with the culture of that organisation and accepted by the CEO.

Interaction with shareholders

Many listed companies are already using the internet to inform their shareholders and improve shareholder relations. Virtual meetings provide an opportunity to build on this experience. In addition to providing shareholders with access to formal shareholder meetings, ad hoc meetings could provide information on significant corporate changes, strategic decisions, or product and market developments. Statements by, or interviews with, the board chair, the CEO, or senior executives can be used, supported by appropriate video content.
But this can be a two-edged sword: ad hoc shareholder meetings may improve shareholder relations and stock market standing, but insider-dealing rules insist that all shareholders have access to the same material at the same time. This may not be easy in virtual meetings, if shareholders have the opportunity to interact, unless all shareholders can be present.


Meetings of members, governing bodies, board committees, and between directors and management are unlikely ever to be quite the same again. Virtual meetings are here to stay. So it is vital that they are well managed, appropriately controlled, and used to advance professional corporate governance. The resultant improvement of communication between all those involved in the governance process will be beneficial, whist reinforcing power where it rightly belongs.


Bob Tricker, July 2020

Spotlight on independent auditors

In January 2020, the UK FRC (Financial Reporting Council) updated its International Standard on Auditing (UK) 200 [1], which covers the overall objectives of the independent auditor and the conduct of an audit in accordance with international standards on auditing (UK).

Independent audit is a fundamental tenet of corporate governance policy and practice for companies in almost all countries. In the United States, it is enshrined in law (Sarbanes and Oxley Act, 2002).  In the United Kingdom and most Commonwealth countries, independent audit is required by companies acts and corporate governance codes. In Roman law countries, it is also required by company law.  Although, in some jurisdictions, private company shareholders acting together can opt out of mandatory independent audit. Corporate entities, other than limited-liability companies, are also typically required to have an independent audit by their constitutions or incorporating legislation.

The profession of independent auditors dates from the 19th century. The English Institute of Chartered Accountants was founded in 1880: the Scottish Institute predated it in 1854. The American Institute of Certified Public Accountants were founded in 1887.  An early mention of the outside auditor can be found in the audit committee report of the London-based Great Western Railway Company dated 22 February 1872: ‘Mr. Deloitte, [2] a name now enshrined in the great names of the audit profession, ‘attended the meeting.’

Today, the independent audits of almost all companies listed on the world’s stock exchanges are carried out by just four international accountancy firms. The outcome of amalgamations between firms over the years, they are now known by initials recognised globally like BA or KFC:


(the result of a merger between Ernst and Whiney and Arthur Young in 1989 became Ernst and Young)


(Klynveld, Peat Marwick, Goerdeler was formed from Peat Marwick International – previously Peat, Marwick, Mitchell – and Klynveld Main Goerdeler)


(Price Waterhouse and Coopers)

The only firm still known by its founder’s name is Deloitte, which grew from the activities of Mr. Deloitte, previously mentioned and now comprises Deloitte, Touche, and Tohmatsu.


These firms are typically referred to as ‘the big four’. There used to be the ‘big five’ until Arthur Anderson collapsed, following the debacle of the Enron Corporation in the United States. (See cases of Enron and Arthur Anderson [1]).  Fundamental criticisms of this situation include the lack of competition, threat of market domination, the over-familiarity of audit personnel with the client’s financial staff, and the exploitation of the position of auditor to sell non-audit services such as consultancy. Regulators have attempted to overcome some of these challenges by requiring the clear separation of consulting services from audit, routine changing of the audit partner responsible for a client and requiring a periodic change of audit firm. Suggestions are also occasionally heard about other ways to open the global audit market to wider competition.

Some recent audit failures have drawn attention to the work of the big four. In India, both Deloitte and KPMG were suspended from audit work by the government, following alleged unsatisfactory audit work. In Britain, all big four firms were found to have done unsatisfactory work at the failed Carillion company, a major government contractor. In Malaysia, Deloitte was investigated about alleged frauds in a state-development fund. In South Africa, KPMG lost clients after allegations about its work for the influential Gupta family.

Nevertheless, the ‘big four’ continue to play a vital role in corporate governance worldwide.  Their websites[2] provide links to useful information on the subject.  As I have previously suggested to both tutors and students, the Internet can provide access to insights and updates on corporate governance, if it is used carefully.


Bob Tricker

January 2020



[2] Tricker, R.I (1978) The Independent Director – a study of the non-executive director and the audit committee, Tolley. London

[3] Tricker, Bob (edition 4, 2019), Corporate Governance – Principles, Policies, and Practices, Oxford University Press

[4] Deloitte  EY  KPMG    PWC


Update to Tricker Corporate Governance 4e

In some copies of the fourth edition of Bob Tricker’s Corporate Governance – Principles, Policies, and Practices, Figure 2.1 is incomplete.

This diagram shows the complete text.

Figure 2.1 CG4E FINAL



The Corporate Governance of Huawei

When the Huawei case was written last year, for the fourth edition of Corporate Governance – Principles, Polices, and Practices, we did not anticipate the headlines that the company was about to attract. The original case was short, setting the scene for some interesting questions about corporate governance in China.


Case study 6.3 The Huawei Group

Huawei was founded in 1987 by Ren Zhengfei, a former electronics engineer in the People’s Liberation Army (PLA). During the 1980s and ’90s, the Chinese government saw the need to modernize telecommunications thought the country. Telephone exchange equipment needed electronics. Some companies in the industry negotiated joint ventures to link with foreign companies that had the technology: but they proved reluctant to divulge the latest technology. Ren took a different approach: his company obtained foreign hardware with its software, and then reverse engineered it to discover its secrets and replicate them.

In 1994, Huawei agreed to build a telecommunication system for the PLA; a relatively small project but crucial in political connections. Ren Zhengfei met Premier Jiang Zemin and convinced him that electronic switching-equipment technology was related to national security and that a nation that did not have its own switching equipment was like one that lacked its own military. Jiang agreed. In 1996, the government decided to support domestic telecommunications manufacturers and restrict access to foreign investors. The Huawei Group thrived and became a leading force in China’s creation of ‘smart cities’, bypassing the personal computer experience of Western nations and adopting smart phone technology as the basis for internet transactions and communication. Huawei became the largest manufacturer of telecommunications equipment in the world, overtaking the US-based Ericsson in 2012.[1]

Huawei was also expanding outside mainland China. In 1997, it signed a contract with Hong Kong’s Hutchinson Whampoa to provide a fixed-line network. In 1999, it opened an R&D centre in Bangalore, India, and in 2001 it opened four R&D centres in the USA. By 2005, Huawei’s international contracts exceeded domestic sales.

Huawei refers to itself as a private company and calls itself a ‘collective’, being owned by its employees. The nature of that ownership and the government’s continuing relationship with the company remain unclear.


Subsequent developments

Huawei is installing its technology in countries around the world. But concerns have been raised about the security of such systems, which could include software to obtain information and might prove a security risk. The fear was that since every Chinese company was subject to the Chinese judiciary system, which is not independent of the state, companies could be given orders by government officials.

In the United States, President Trump issued an order prohibiting Huawei from selling its systems in America. He subsequently prohibited US companies from supplying Huawei with electronic components. However, the British Prime Minister, Teresa May, approved the use of Huawei technology in the UK’s 5g network, having been advised that Britain had the counter-intelligence capability to meet any subversive interference in telecommunications.

In another issue of international interest, Huawei’s Deputy Chair and Finance Director, Meng Wanzhou, was arrested in Canada on a United States extradition warrant, which alleged that Huawei had broken various US laws. Meng is the daughter of Huawei founder Ren Zhengfei.

In an interview with CNN, Ren Zhengfei, speaking in Putonghua,[2] defended his company’s record, claiming that the United States boycott was because Huawei was now the largest telecommunications company in the world and its technology had outstripped American rivals. He claimed that Huawei was independent of the Chinese Government and made decisions on a commercial basis. Asked about his daughter, still under arrest in Canada, he said, that she was under house arrest and studying for her PhD. He claimed that the Canadian arrest was unlawful.



Viewing corporate governance as the way power is exercised over corporate entities, the Huawei case emphasizes the significance of the cultural context. Huawei is subject to Chinese company law and must provide information to relevant government authorities, in the same way that companies in the West must meet similar obligations. However, Chinese law and its law courts are not independent of the state but exist to ‘serve the people,’ which typically means the interests of the governing authorities, ultimately the Politburo of the Communist Party of China.

Nevertheless, although China is a one-party state, its economy is market-based, producing prodigious economic growth over the past twenty years. This has enabled the building of a major rail and motorway system; the creation of large new ‘smart cities based on information technology; and the launch of a ‘belt and road’ strategy to link China with trading partners throughout the Middle East and Europe.

Contrary to classical Communist doctrine, China permits the creation of corporate entities, recognizes private property, and has two highly successful stock exchanges (three if you include Hong Kong). A few Chinese companies are quoted in New York. Moreover, China now has an affluent, car-owning middle class.

Despite being the world’s largest telecommunications company, Huawei is privately owned. So it is not required publicly to disclose its ownership, which remains obscure. The company describes itself as a ‘collective;’ suggesting that employees own shares, although there is no evidence that they have any shareholder rights. The probability is that ownership is in the hands of the founder, his family and friends, senior executives, and possibly government agencies which have provided funding, including the People’s Liberation Army. In a recent interview, Ren said that the company had a management succession plan, which recognizes the need to provide for succession beyond the founder.

To appreciate the corporate governance of large private companies in China, the cultural context[3] is fundamental. It is different from the West. Since opening its economy to market forces, China has published a Companies Act, liaised with Western advisers on corporate governance, and produced a governance regime which reflects some aspects of Western approaches but includes aspects that are uniquely Chinese. Corporate governance with Chinese characteristics reflects the way business is done in China. Responsibility for decisions is often unclear, so is subsequent accountability. Personal relationships are very important. No one should lose face, even though everyone knows the situation. Control by the authorities is exercised less by clear mandated instruction, more by influence exercised quietly ‘through the window.’ The lack of clear job descriptions, with little written down, can be anathema to Westerners. Yet the incredible growth of the Chinese economy suggests that it works.

The Chinese Government recognized, when they launched the market-driven reforms, that corporate governance was vital. But unlike the West, where corporate governance tends to be seen as the means of regulating companies and controlling unacceptable behaviour, the Chinese see corporate governance as a means to economic growth and long-term success.


[1]   race/#6821666a8aa5

[2] Putonghua is the official language of China, a version of classical Mandarin. The Chinese have many different dialects. In Hong Kong, for example, Cantonese is spoken, which is virtually unintelligible to Mandarin speakers; although written script is common to all.

[3] To delve more deeply into the cultural context see Tricker, Bob and Gregg L ,(2019), Understanding Corporate Governance in China, Hong Kong University Press, Hong Kong

Pay Ratios


Interest by the media, the public, and shareholders in the pay of CEOs has never been higher, and governments have increasingly taken notice of this in recent years. It is perceived as inequitable and often unjustifiable as to why there should be such large discrepancies between the pay of CEOs and of the employees in their companies. Recent legislation in some countries, and proposed legislation in others, has sought to address this concern by ensuring that companies disclose the ratio of CEO pay and the median employee’s pay in their company.

US Companies

In 2015 the SEC adopted amendments to Section 953(b) of the Dodd-Frank Wall Street Reform and Consumer Protection Act, and Item 402(u) of Regulation S-K, on pay ratio disclosure such that companies have to provide details of the relationship of the annual total compensation of their employees and the annual total compensation of their Chief Executive Officer (CEO), i.e. the ratio of the CEO pay to the median of the annual total compensation of all employees. This applies to companies’ for their first fiscal year beginning on or after 1st January 2017.

Honeywell International, a large multinational corporation, was the first major U.S. public company to disclose its ratio of CEO pay to that of the median employee with a pay ratio of 333:1.

The American Federation of Labor and Congress of Industrial Organizations (AFL-CIO) highlights that in the S&P 500, Mattel had the highest ratio of CEO pay to median worker pay with a ratio of 4987:1. They reported a higher ratio still in the Russell 3000 where Weight Watchers International had a pay ratio of 5908:1. More detail is available at:

UK Companies

In the UK, listed companies with more than 250 UK employees will legally be required to annually publish and justify the pay difference between chief executives and their staff for the first time. The regulations governing pay ratios will, subject to Parliamentary approval, come into effect from 1 January 2019 with companies reporting their pay ratios in 2020.

The disclosure of pay ratios is part of a move to hold larger companies more accountable for CEO pay and will provide helpful insights into the difference between CEO pay and average employee pay in different sectors and in individual larger companies in the UK.



Japan is a country whose CEOs have traditionally earned less than their global peers and where the ratio of CEO pay to that of the average employee has been lower than in countries such as the US. Part of this is attributable to the culture of Japan where very high pay ratios between CEO pay and average employee pay would not be viewed favourably.

It will be interesting to see what the impact of the disclosure of pay ratios in the US and other countries will be in the coming years.  Already shareholder revolts over executive pay during 2018 are growing and high pay ratios of CEO pay to the average employee’s pay could increase shareholders’ dissent on this issue.


Chris Mallin

June 2018


Succession Planning

Why is succession planning important?

Succession planning is seen as crucial to ensuring that a successor is in place to carry on the work of key individuals in a business should they leave the company in either a planned manner (e.g. retirement, job move, generational succession, or ownership changes) or an unplanned manner (e.g. fatal accident, unplanned removal from post). Sometimes the immediate successor is seen as a safe pair of hands, ready and waiting to carry on the work pending the appointment of another individual, whilst at other times there has been more time to search for a successor.

Investors are keen to know that a succession plan is in place for key directors to help ensure the ongoing smooth running of the business, its strategy going forward, and to maintain a steady steer at the helm, thus retaining investor and market confidence. The successor may also be appointed for their new ideas on strategy, whether that is to take the business forward into new spheres or to concentrate more on a few core sectors which may be more appropriate for the company at that time.


Corporate Governance Codes

Corporate governance codes mention succession planning in different degrees of detail.  Looking at a few of these, the UK, Japan, and Italy, illustrates this.

The UK

The current UK Corporate Governance Code (2016) mentions succession planning in the context of the role of non-executive directors, they ‘have a prime role in appointing and, where necessary, removing executive directors, and in succession planning,’ (A.4, Non-executive Directors, Supporting principle, UK Corporate Governance Code 2016, Financial Reporting Council); and in the context of Appointments to the Board ‘The board should satisfy itself that plans are in place for orderly succession for appointments to  the  board  and to  senior  management,  so  as  to  maintain  an  appropriate  balance  of skills and experience within the company and on the board and to ensure progressive refreshing of the board (B2 Appointments to the Board, Supporting principle, UK Corporate Governance Code 2016, Financial Reporting Council)

However the proposed revisions to the UK Corporate Governance Code (2017) cover succession planning in more detail.  Section 3 is headed ‘Composition, succession and evaluation’, and its Principle J states ‘Appointments to the board should be subject to a  formal, rigorous and transparent  procedure, and an  effective succession  plan  should  be in  place for board and senior management. Both appointments and succession plans should be based on merit and objective criteria, and promote diversity of gender, social and ethnic backgrounds, cognitive and personal strengths.’ Provision 17 states that ‘The board should  establish a nomination committee that should lead the process for appointments, ensure plans are in place for orderly succession to both the board and senior management positions, and oversee the development of a diverse pipeline for succession.  A majority of   members of the committee should be independent non-executive directors, with a minimum membership of three. The chair of the board should not chair the committee when it is dealing with the appointment of their successor,’ (December 2017, Proposed Revisions to the UK Corporate Governance Code Appendix A – Revised UK Corporate Governance Code)


Japan’s Corporate Governance Code (2015) states that ‘Based on the company objectives (business  principles, etc.) and specific business  strategies, the board should engage in the  appropriate oversight of succession planning for the CEO and other top executives,’ (4.1.3, Japan Corporate Governance Code, Seeking Sustainable Corporate Growth and Increased Corporate Value  over the Mid- to Long-Term (2015), Tokyo Stock Exchange)


Italy’s Corporate Governance Code (2015) refers to the fact that ‘The Board of Directors shall evaluate whether to adopt a plan for the succession of executive directors. In the event of adoption of such a plan, the issuer shall disclose it in the Corporate Governance Report. The review on the preparation  of  the  above  mentioned  plan  shall  be  carried  out  by  the nomination committee or by another committee established within the Board of Directors in charge of this task.  Should the issuer adopt a succession plan, the Corporate Governance Report shall disclose whether specific  mechanisms are set forth in the succession plan  in  case  of  early  replacement, the corporate bodies and the persons in charge of the preparation of the plan as well as the manners and timing of its review.  As far  as the succession  procedures  are  concerned, the Committee believes that these procedures shall clearly define their scope, instruments and timing, providing both for the involvement of the Board of Directors and for a clear allocation of tasks, also with regard to the preliminary stage of the procedure,’ Appointment of directors, 5.C.2. Corporate Governance Code (2015)

Also in Italy in 2017, the Corporate Governance Principles for Unlisted Family-Controlled Companies were issued. Article 9 relates to Planning and Succession Plans going into some detail. On this issue, there are two Principles: 9.P.1. ‘Being  aware  of  the  differences  that  the  company  size  and  ownership  structure  involve,  it  seems appropriate for the members and the Board of Directors to ensure the continuity of corporate governance and  management  of  the  company  by  defining  precise  regulations  for  effectively  addressing  generational transitions or ownership changes.’ Also 9.P.2. ‘For  the  purposes  of  administration  of  the  company,  succession  plans  must  be  appropriately established  in  advance,  taking into  account  the  specific  conditions  of  the  company,  the  Group  and possibly the currently controlling family.’

Five application criteria are then listed which provide guidance on the process to be followed including the timeliness of establishing the process and having it ready in good time. Corporate Governance Principles for Unlisted Family-Controlled Companies 2017


Examples of succession issues in practice

For many family firms – large and small – succession planning is a real issue when either the next generation doesn’t want to take on the mantle of the founder, or there is no obvious successor.  Leo Lewis in his article ‘New prescription’ about Takeuchi Optical, a Japanese glasses manufacturer, highlights that ‘thousands of family-owned businesses in Japan face uncertain futures due to a lack of heirs,’  (Financial Times, 5th April 2018, page 9). Whilst Japan has a rapidly ageing society, similarly, other countries also face succession planning issues.

In South Korea, for example, Lee Jae-yong, vice-Chairman of Samsung Electronics and grandson of the group’s founder, was arrested in February 2017 on charges relating to bribery and corruption connected to a nationwide political scandal. Lee Jae-yong was convicted and sentenced to five years in prison on corruption charges. However in February 2018, he was freed on appeal with his original sentence being halved and suspended for four years. In April 2018, Samsung Electronics announced that it would split the roles of CEO and Chair but there will continue to be three co-CEOs with ultimate power still residing with Lee Jae-yong as vice-chairman. However Elliott Management, the activist institutional hedge fund, is seeking a change in the company’s corporate governance to limit the power of the family successor in waiting, Lee Jae-yong.

Chris Mallin

April 2018

Yum China: A Case Study

The scale of the operations of Yum China Holdings is striking and the structure of the he board interesting.  But the vital questions are:

  1. Why did Yum China announce its Chairmen and CEO succession plans well in advance?
  2. Should all listed companies be required to declare their Chairmen and CEO succession plans?


Yum China Holdings

Kentucky-based Yum Brands Inc., owners of KRC (Kentucky Fried Chicken, Taco-Bell. and Pizza Hut brands), opened its first restaurant in China in 1987.   By the time their Chinese operations were spun off, on 31 October 2016 to Yum China Holdings Inc., it had become China’s largest restaurant chain.  Yum China owned the franchise for Pizza Hut in China with more than 1,500 restaurants in over 400 cities; and the franchise for KFC, with over 5,000 outlets in nearly 1,000 towns and cities.  Taco Bell operations were also starting.

Primavera Capital Group, a China-based global investment firm, made a strategic investment in Yum China and the company was then listed on the New York Stock Exchange (YUMC) in November 2016.  Yum China Holdings Inc. is registered in Louisville Kentucky with headquarters in Shanghai.


Yum China strategy

The company outlines its view of its potential on its website:

‘Our brands are integrated into popular culture and consumers’ daily lives.

We are dedicated to serving our customers’ evolving needs by enhancing the in-store experience, improving mobile connectivity, introducing innovative new products, and constantly delivering value.  We also remain focused on driving shareholder value by growing sales and profits across our portfolio of brands through increased brand relevance, new store development and enhanced unit economics.  With a rapidly growing consumer class and increasing urbanization, Yum China is well positioned for long-term growth’.


The board of directors of Yum China Holdings[1]

The board has nine members, seven of them independent according to the company.


Fred Hu is chairman and founder of Primavera Capital Group, a China-based global investment firm (“Dr. Hu has served as chairman of Primavera since its inception in 2010.  Prior to Primavera, Dr. Hu served in various roles at Goldman Sachs.)

Peter A. Bassi served as president then chairman of Yum! International Restaurants.  Prior to this, Mr. Bassi spent 25 years in a wide range of financial and general management positions at PepsiCo, Inc., Pepsi-Cola International, Pizza Hut (U.S. and International), Frito-Lay and Taco Bell.


Christian L. Campbell is currently owner of Christian L. Campbell Consulting LLC, specializing in global corporate governance and compliance.  Mr. Campbell previously served as senior vice-president, general counsel and secretary of Yum Brands from its formation in 1997 until his retirement in February 2016.


Ed Chan Yiu-Cheong is currently a vice-chairman of Charoen Pokphand Group Company Limited and has been an executive director and vice-chairman of CP Lotus Corporation since April 2012.  Mr. Chan was regional director of North Asia of the Dairy Farm Group.


Edouard Ettedgui currently serves as the non-executive chairman of Alliance Française, Hong Kong.  Mr. Ettedgui also currently serves as a non-executive director of Mandarin Oriental International Limited, the company for which he was the group chief executive.  Prior to that, Mr. Ettedgui was the chief financial officer for Dairy Farm International Holdings.


Louis T. Hsieh currently serves as a senior adviser to the chief executive officer and as a director of New Oriental Education & Technology Group.

Jonathan S. Linen is a member of the board of directors of Yum! Brands, a position he has held since 2005, and of Modern Bank, N.A.  Mr. Linen is advisor to the chairman of American Express Company after serving as the vice-chairman of American Express Company.  Mr. Linen also served on the board of The Intercontinental Hotels Group.


Micky Pant is the chief executive officer of Yum China.  Mr. Pant has served as chief executive officer of Yum! Restaurants China since August 2015.  Over the past decade, Mr. Pant has held a number of leadership positions at Yum! Brands, including chief executive officer of the KFC Division, chief executive officer of Yum! Restaurants International and president of Global Branding for Yum! Brands and President of Taco Bell International.


Zili Shao has served as co-chairman of King & Wood Mallesons – China.  Mr. Shao held various positions with JPMorgan Chase & Co., including chairman and chief executive officer of JPMorgan China, vice-chairman of JPMorgan Asia Pacific and chairman of JPMorgan Chase Bank (China) Company Limited.


Yum China announces its Chairman and CEO succession plans

On 5th October 2017, Yum China announced that its Chief Executive Officer, Mr. Micky Pant, would become Vice-Chairman of the board and Senior Advisor to the company on 1st March 2018.  Ms. Joey Wat, who currently serves as President and Chief Operating Officer, would succeed Mr. Pant as Chief Executive Officer.


The company explained that Mr. Pant had served as CEO and a member of the Board of Yum China since its spin-off from Yum! Brands, Inc. and, prior to that, he served as CEO of Yum! Restaurants (China), when it was a division of Yum Brands Inc.

“We are exceptionally grateful to Micky for leading the Company through its spin-off and building a solid foundation as an independent company,” said Dr. Fred Hu, Chairman of the Board of Yum China Holdings.  “We thank Micky for his many significant contributions and are pleased that he will be Vice-Chairman of the Board and will also continue to serve the Company as its Senior Advisor in order to ensure a seamless transition to Joey.”

“Joey is an extraordinarily talented executive and the ideal leader to become our next CEO,” Dr. Hu continued.  “Joey has a strong track record of achieving results, and with her unique ability to translate vision and strategy into future world-class operations, I have no doubt that the Yum China business will continue to grow under her strong leadership.

Ms. Wat spent seven years in management consulting, including time with McKinsey & Company’s Hong Kong office.  From 2004 to 2014, she served in both management and strategy positions in the Hong Kong-based Hutchison Whampoa group, including time as Managing Director of their UK company, which operates the pharmacy chain Superdrug.  Ms. Wat joined Yum China in September 2014, first as President of KFC China and then as Chief Executive Officer of KFC China in August 2015.  She has been the President and Chief Operating Officer of Yum China since February 2017 and was appointed as a member of the Board in July 2017.


Source: Tricker, Bob and Gregg Li, Understanding Corporate Governance in China, Hong Kong University Press [forthcoming]


[1] Yum China press release.


Cyber Security: A Question of Risk

Cyber security has been in the headlines recently with high profile incidences of hacking of various organisations’ IT systems and their supposedly secure data.

The ‘UK Corporate Governance Code (2016)’ discusses risk management and internal control stating ‘ The directors should confirm in the annual report that they have carried out a robust assessment  of  the  principal  risks  facing  the  company, including  those that would threaten  its  business  model,  future  performance,  solvency  or  liquidity.  The directors should describe those risks and explain how they are being managed or mitigated’, para C.2.1.

The UK’s Financial Reporting Council (FRC) placed cyber security firmly on the agenda for companies’ risk management strategies when, in October 2016, they wrote to audit committee chairs and finance directors, commenting “we encourage companies to consider a broad range of factors when determining the principal risks and uncertainties facing the business, for example cyber security and climate change”.

The Federation of European Risk Management Associations (FERMA) and the European Confederation of Institutes of Internal Auditing (ECIIA) published a joint report ‘At the Junction of Corporate Governance & Cyber Security (2017).’  The report recommends that the fundamentals of a cyber risk management framework should be based on the OECD  principles contained in ‘OECD  Recommendation – Digital Security Risk Management for Economic and Social Prosperity (2015)’ and the ‘Three  Lines  of  Defence’  model  promoted  in the joint FERMA-ECIIA publication ‘Audit and Risk Committees – News from EU Legislation and Best Practices (2014)’.

The FERM-ECIIA (2017) report’s conclusions include: beyond IT, cyber-security is also becoming a matter of corporate governance, and the right governance framework is crucial to an efficient management of cyber risks; organisations should create a “Cyber Risk Governance Group”, reporting to the Risk Committee and chaired by the Risk Manager, to determine with other functions the cyber risk exposure, expressed financially, and establish the possible mitigation plans. The Group should cooperate with Internal Auditors to avoid silos; Internal Auditors review the controls implemented and give an independent assurance to the Audit Committee about the cyber risk, the efficiency of the controls and the mitigation plans; the Risk Committees and the Audit Committees must collaborate to present a common view to the Board about cyber risk management.

Cyber security in large FTSE companies

In February 2017, Deloitte published its ‘Cyber Reporting Survey (2017)’ which is available here.  It provides useful insights into the cyber reporting practices of the UK’s FTSE 100 companies. The outcomes of their review of FTSE 100 annual report disclosures include that 87% companies disclose cyber as a principal risk; the value destruction capability of cyber risk is very high, ranging from remediation demands to huge reputation damage; detailed disclosure highlights the risks to shareholders and the better disclosures are company specific, year specific and provide sufficient detail to give meaningful information to investors and other stakeholders; boards and board committees are increasingly educating themselves about the cyber threat and challenging management on how they are dealing with the risk; companies should take credit for what they are doing, including describing who has executive  responsibility, board level responsibilities, the policy framework, internal controls, and disaster recovery plans. The Deloitte’s Cyber Reporting Survey also points out that the UK does not have a specific cyber security disclosure framework but that the USA may provide helpful guidance on such disclosure as the Securities and Exchange Commission (SEC) issued disclosure guidance as far back as 2011.

In July 2017, HM Government published their ‘FTSE 350 Cyber Governance Health Check Report 2017’. The Government has undertaken a regular survey of the UK’s top 350 companies since 2013, to understand how they are managing their cyber risks. Overall 105 companies responded to the 2017 Health Check survey with the majority being the Chair of their company’s audit committee. Cyber risk is now seen as a top, or group-level risk, among the majority of Boards (54%) when compared with all the risks faced by their company. Only 13% of respondents now say cyber risk is viewed as a low, or an operational-level risk for their Boards. Whilst 31% of boards receive comprehensive and informative management information on cyber risks, 68% say they have not received any training to deal with a cyber incident.

Concluding thoughts

The reports discussed above indicate a common theme that cyber security is of increasing importance, that cyber risk is recognized as a major risk facing companies, and that managing that risk is part of a robust corporate governance structure.  There is still a consensus to be reached on whether the risk committee, the audit committee, or a cyber risk governance group is the most appropriate to manage this risk and how they might work together to do so. However it seems clear that in the near future more attention will have to be paid to training in cyber security issues and the appointment of qualified individuals with relevant knowledge of this area to corporate boards/board committees.

Chris Mallin

November 2017