Future Students, Alumni & Visitors





Archive for the ‘Uncategorized’ Category

Trends and Key Issues in Governance for 2023

  1. Attention turns to non-profit governance.

Hockey Canada’s governance was inferior (see independent report, here, and Dr. Leblanc’s media commentary, here and here) but not anomalous. Non-profits (sporting, educational and health care institutions, charities and associations) are often inferior when it comes to CEO succession; culture and conduct oversight; financial, governance and executive pay transparency; cyber-security; in camera sessions; gifts and other forms of self-dealing; term limits; size limits; insiders on committees; director competencies; auditor independence; financial literacy; risk governance; and not retaining independent advice. When a few or more of these shoddy governance practices occur, the board works for management and is a dormant risk.

The excuses for poor NFP governance are many-fold, but mainly is because there are no mandatory governance requirements for the not-for-profit sector. This gives management opportunity manage the board and the drift is too much of an uphill battle to counteract. Look for fresh regulation for the entire non-profit sector in 2023 or 2024, analogous to NP 58-201 (for-profit listed companies). There are significant public expenditures on non-profits, and poor governance wastes funding through self-dealing, mismanagement and impairment of stakeholder confidence.

  1. The emperor wears no clothes.

The for-profit sector is not immune from governance infirmity either. Institutional investors such as Ontario Teachers lost $120M million dollars of teachers’ retirement money on FTX. Another firm invested $150M in a bankrupt crypto investment. Dr Leblanc called for greater regulation of crypto governance and institutional investors to protect investors and retirees (see media interview, here). There still is a tendency to be enamored by misunderstood tech and young inexperienced individuals and fraudsters. Elizabeth Holmes was sentenced to eleven years in prison in 2022, and the ceremonial hand-picked board never ensured validated of the Edison machine. FTX had no independent board and a shocking lack of internal controls (see the independent report here). Boards are present to protect investors and other stakeholders and to ensure proper books, records and controls. Boards need to say “no” if or when they do not understand or cannot assure proper governance. Like Warren Buffet said about technology, here: Do not invest if you do not understand the predictability of the economics of the business.

  1. Regulators set their sights on director competency.

Regulators are focusing on cyber-security and climate expertise and financial literacy. Management should not adjust these competencies, or unduly influence the director competency matrix. If a board has any director on the audit committee who is not financially literate, this is a risk. “Expertise” normally requires 10,000 hours. It is implausible for a director to become an expert whilst on the board. This means that regulatory expertise requirements must involve director renewal and replacement. For the matrix to work, there should be independent validation of director competencies, and the competencies and attributes should be tied to a register, onboarding, and professional development. Many matrixes are manipulations to ensure that the desired director is selected or that under-performers are insulated. The universal proxy cards in late 2023 will give investors greater ability to replace directors who lack the independence and relevant competencies and attributes.

  1. Boards get serious about ethics, culture and reputation.

Fraud and misconduct have increased during the pandemic. Many boards have long argued when ethical misconduct surfaces, “we missed it,” “it was a rogue employee,” or “soft” controls are difficult to implement. The reality is that there are a host of best practices and hard controls that regulators advise and good boards employ to ensure board oversight over ethics, culture and reputation, including: communicated, remedied, anti-retaliatory, anonymous whistle-blowing or safe report procedures; independent investigations; special committee of the board for CEO conduct investigation, other material reputation matters; anti-grooming policy; monitored no gift code, DEI policy, claw-back trigger, just cause, malus clause and sign off procedure; culture, wellness, spot and mystery shopper audits and reporting; exit interview data; integrity and reference checks; mandatory training and education on fair treatment, anti-discrimination and harassment, and unconscious bias; risk, ethics and behavioural gateways embedded in incentive pay for risk-takers and senior management; resume, education and employment verification; criminal record, judicial matter, sanction, offshore leak and vulnerable sector checks; and email and text analytics.

  1. Boards approve playbooks over crises.

Here are crises boards experienced in 2022: encryption and exfiltration, and demand by threat actors for bitcoin payment; assassination of directors by an active shooter; CEO misconduct (all forms); leaks of workplace toxicity to the media; workplace fatalities; adverse brand effects of key employee termination; material loss of services or products; regulatory investigations; and weather-related disasters.

Significant unplanned events are not the realm of only day-to-day management. Crisis is part of risk governance, and internal controls exist prior to a crisis. If the controls are defective, this is the board’s fault for want of oversight. The crisis will be worse. Boards have an active role prior to the crisis, to approve crisis planning; and during the crisis, to oversee management’s response.

Boards in 2022 and 23 are reviewing and approving crisis protocols. This includes media training and the board’s prerogative to establish a special committee if the crisis is material and requires longer-term oversight and root cause remedy, e.g., independent investigation. See here, where Dr Leblanc talks about such a playbook in light of the Rogers outage and Suncor fatalities. Dr. Leblanc will be giving a keynote address on risk and crisis governance on January 24th and a module for CEOs and Chairs on media relations on February 2nd (slides can be provided upon request).

  1. Post-COVID focus is on non-financial.

Investors and regulators continue their emphasis on non-financial strategic value drivers. This is because most of the value of a company is non-financial. And COVID-19 has shown that non-financial can kill. In Canada, codifying the Supreme Court, federal regulation changed as the pandemic began to enable boards to consider the impacts of decisions on the long-term, on the environment, and to consider stakeholder interests, including those of shareholders, employees, creditors and consumers, with no primacy towards any stakeholder. Institutional investors want transparency over the full value chain, and this means activists may and are attacking any portion of this chain. When a board approves the strategic plan without all value drivers and key performance indicators to measure their achievement, they are exposed themselves to regulatory, plaintiff, or investor scrutiny. Good boards are focusing now on the complete value chain, including stakeholders and non-financial drivers of value.

  1. Changing risks require boards to act.

Boards have been operating under stable risk conditions in the aughts and teens. As risks change rapidly, boards need to keep up and insist that the controls, limitations and assurance are present and remedied. There is still immaturity and complacency by many boards in not exercising their duty of care and insisting on curing of defective controls of new, material non-financial or emerging risks. Risks include crisis, culture, interest rates, inflation, geo-political impact on the business model, safety, resiliency, redundancy, retention and ransomware. Risk-adjusted compensation, including risk-taker pay and claw-backs, are also immature, with boards not reacting to changing conditions in real time. Boards are also complacent and slow in receiving independent assurance and instructing investment in technology to monitor changing risks more continuously.

A board speaks with one voice, so all directors should keep up with science, facts and accurate information from validated sources as part of duty of care.

  1. Chair and director recruitment professionalizes.

Boards in 2022 began, slowly, not tolerating top heavy entrenchment or inferior director recruitment. There has been an uptick in explicit policies on recruitment and appointment criteria; disclosing and managing conflicts of interest and pre-existing relationships; containing management funneling; full and diverse talent pool outreach; resumes to match desired competencies; attributes and proper interviews; background checks; even-handed, transparent and inclusive application; chair and director term limits; robust mandatory onboarding; off-boarding under-performing directors; and linking re-appointment to peer review. These practices will continue for effective boards.

  1. Agile governance is becoming the norm.

Boards are not going back to exclusively in person board or annual meetings. Hybrid and virtual meetings offer flexibility and convenience. Investment in technology in boardrooms occurred in 2022 to enable this. Blended meetings are also shorter, more flexible, and enable less warm up time. Other agile trends include (i) strategic, shorter, responsive, deliberative and forward-looking agendas; (ii) tighter pre-reads, with greater narratives, layering and consents/appendices; (iii) emphasis on prework and preparation, with presentation time limited and discussion time enhanced; (iv) on-camera and virtual technology standardization in boardrooms and remotely; (v) removing some non-financial risks from the audit committee; (vi) more board-management inception partnering on strategy; (vii) director recruitment less anchored to geography; (viii) flexibility, emphasis on availability, and “micro” or issue meetings; and (ix) chair-director check-in calls.

  1. The best cyber defense is a cyber offence.

There is an aggressiveness here that is beginning to emerge, so a company is less of a target. This includes robust ransomware policies; zero trust deployment; user, network, third party and WFH controls; penetration, back-up and restoration testing; ethical in-house hackers; prompt and effective control curing; a playbook for when the attack happens; advance discussion of payment; encryption and exfiltration tech first-responders and negotiators on the ready; most important, robust continuous testing using NIST, OSFI and Five Eyes; cyber-security expertise on the board; and a full IOF (independent oversight function) bench to provide assurance to the relevant board committee overseeing ransomware; and impenetrability assurance reporting to the full board. As digitization occurs, including companies using AI, AVR, blockchain, cloud/edge, drones, IoT/Metaverse and RPA, the risks and controls are in parity, or the technology cannot be deployed.

Board of Directors Checklist for 2022

The following are what effective Boards of Directors will be focusing on in 2022.

  1. Revised Strategic Plan and KPIs

The pandemic has recut most plans, and management should be coming forward with shorter term plans that can be overseen by the board. Strategy is not “out the window” or “put on hold” during the pandemic. Good boards, especially during disruption, will ensure management brings forward a staged plan, with board input, that reflects changing circumstances. Values, purpose, vision, mission, business model, value drivers, key performance indicators, and risks, should all be reviewed, in writing, and approved by the board. It is difficult for the board to re-assert itself if it lets go of strategy. Boards should be moving from crisis to strategy and performance oversight under disruption.

  1. Digitization of the Business Model

Boards should be thinking up and out, and never be in denial. I am seeing almost 50% of business models now comprising digital and data. Every organization has a business model wether management makes it explicit for the board or not. WFH has accelerated digitization, and boards should understand AI, IoT, blockchain and automation’s impact on the company’s business model. Boards that are very good will link the business model to directors’ skills.

  1. Revised Risk Appetite Framework and Control Assurance

Steady state risks have been replaced with supply reliability, inflation, succession, labor costs and retention, data integrity, economic, employee safety, social expectations, climate, digitization and regulation. As the risks change, the duty of care follows, with good boards having lines of sight to internal controls and assurance that the controls are working, as a prudent director under similar circumstances. Boards that wait, or do not act when risks change (including climate, discussed next), are at risk and may become a litigation or investor target.

  1. A Path To Net Zero

If a board delays action on the company’s path to net zero GHG emissions for want of more regulation and certainty, activist investors and plaintiffs’ attorneys may target (i) the company for not disclosing true climate risks; (ii) directors for breaching their duty of care by not acting as a prudent director would act under similar circumstances; and (iii) directors for not adequately considering the long-term interests of the environment under recent legal changes. Short-term steady progress to net zero carbon emissions, that is performance and industry benchmarked, using standard setters, and is accurately disclosed, will be on good boards’ agendas in 2022.

  1. Data Security, Including Backup and Restoration

When exfiltration and encryption have occurred, and threat actors demand a ransom be paid in crypto currency on the dark web, the company faces significant liability. NIST- and Five Eyes-benchmarked internal controls to protect the perimeter and crown jewels, with regular back up and restoration testing, avoids becoming a target and limits liability. Weak WFH cyber-hygiene and human error are addressed by good boards. A ransomware policy should be reviewed and approved by the board in 2022 if not already done.

  1. Retention and Succession Risks

Omicron variant illness (or worse if unvaccinated) and isolation is real, within key functions and sectors of at-risk employees. CEOs are unexpectedly resigning because of exhaustion. The HR committee should be reviewing contingency plans for key officer illness and emergency plans for the CEO because of health, resignation or otherwise. A similar succession plan should be reviewed by the board for key board leadership roles. Having an evergreen list and high potential talent on the internal bench should be reviewed by the committee and brought forward to the board for a full discussion in early 2022.

  1. Employee Well-Being and Safety

Loneliness, anxiety, depression, substance abuse and radicalization are going up under COVID-19 and remote work. Vaccine mandates, WFH policies and practices, and safety and wellness risk are not the prerogative of management and immune from board oversight. Good boards are exercising their duty of care and fiduciary duty to review all the foregoing, ensuring consistency with COVID regulations. Wellness outreach, CEO mindset, science updates, exit interviews, culture surveys and internal controls over an airborne virus are now standard reporting in leading boardrooms.

  1. Robust, Accurate and Disclosed ESG

Has the board approved which items within E, S and G will be the focus of management? Were the items strategic, peer and industry benchmarked? When the items were approved, were the performance measurements approved also, and independently audited against third party standards? Will performance by the company against the standards be full, true and plain? In 2022, boards should prepare for significant investor demands of all the above. Assume also that any self-interest, cherry-picking or sugar-coating, by management without board scrutiny, will be detected and acted upon by investors. Assume also that any competitive arguments against deep ESG disclosure will fall on deaf ears of both investors and regulators.

  1. Financial Oversight and Stress-Testing

As Omicron rages, has the board requested stress-tested financial statements under prolonged adverse conditions? Director duties receive enhanced scrutiny under financial distress, and boards are obligated to act even when management does not. Boards should pay particular attention to loan covenants, fair treatment of creditors, aggressive accounting, contractual obligations, impairments, deferrals, related party transactions, compliance with conditions of receiving government aid, insurance obligations, management forecasts and disclosure obligations.

  1. Saying Thank You

The last two years have been truly extraordinary. Board chairs tell me that an important item on their board’s agenda now is leading by example and saying, “thank you.” Saying thank you, authentically, to directors, to management, and to employees (and especially health care, educational and customer-facing) for their extraordinary sacrifice in the face of ongoing adversity. This gratitude should be communicated to all employees and key suppliers by senior management, for retention and goodwill purposes. See a very good example of this, here.

Dr Richard Leblanc is the Editor of The Handbook of Board Governance, published by Wiley in 2020.

Canada’s Corporate Governance Guidelines Are Out of Date, Part 2

Following up from last week’s blog, I argued that Canada’s corporate governance guidelines were out of date because of: 1. Lack of principles and practices; 2. Lack of focus on risk management; 3. Lack of independence of mind; 4. Lack of industry expertise; and 5. Lack of shareholder engagement, here are reasons 6-10 that our Guidelines need an update:

6. Lack of shareholder engagement: The words “investor” and “shareholder” are mentioned once each, in a perfunctory manner, within the 2005 Guideline. Shareholders own the company and regulators and investors are explicitly providing context now: for investor input on director selection; for engagement and dialogue between investors and directors; and for the use of technology in shareholder communication and annual meetings. The foregoing are all absent from the Guidelines. Canada has still not adopted “say on pay,” which has also been a catalyst for shareholder engagement. The US, UK, Australia, Germany, France and other European countries either have say-on-pay or are moving rapidly in this direction. Canada is a laggard.

7. Lack of focus on strategy and value creation. “Strategy” is mentioned only once within the entire Guidelines, and that is that the board should approve a strategic planning process, and approve, at least annually, a strategic plan. It is hardly surprising that many boards short-change strategy at the expense of compliance. This requirement of once a year essentially marginalizes a board in its strategic role. When I interview top directors who add value strategically, the strategic oversight and involvement by boards are much more focused and engaged. There are strategic best practices here that would enhance the performance and value creation that a proper board can make. Regulators drafting this guidance should have experience creating listed company value.

8. Lack of focus on sustainability: The word “environment” or “sustainability” is not mentioned at all in the 2005 Guidelines, a noticeable omission. Australia’s emphasis on economic, environmental and social sustainability risks, within its Corporate Governance Principles and Recommendations, is second to none, as is South Africa’s focus on “integrated sustainability reporting” within King III. This omission is especially noticeable given investor focus on the environmental, social and corporate responsibility. The lack of environmental stewardship and response to climate change is also a broader issue. Canada is also a laggard here.

9. Lack of compensation guidance: The regulatory movement from short-term, quantitative, financial metrics, to risk-adjusted, long-term, qualitative, non-financial metrics for executives is absent from the Guidelines, as is guidance on non-executive remuneration. Investors, regulators and good boards are focusing on leading performance metrics that reflect the entire business model and value chain (most of which is non-financial), and that are longer-term in nature.

10. Lack of focus on the chair of the board: Lastly, but far from least, the position of the board chair has undergone a metamorphosis since 2005. There is no guidance at all offered on the role, responsibility and attributes of an independent chair, within the Guideline. Other codes offer extensive guidance on skill-sets and responsibilities that and on which the chair should possess and execute. Without this regulatory guidance, a chair (and committee chairs) can be bullied or unduly influenced by dominating reporting management such that they are rendered ineffective, albeit formally independent. More guidance is needed. Chair position descriptions should not be drafted by management lawyers or management-retained lawyers.

Conclusion

Does Canada improperly have a false sense of governance superiority? Perhaps so. But in this rapidly changing field, if you rest, you are left behind. Nine years is sufficient rest.

There are arguments (i) by industry and advisors to management that corporate governance in Canada is not broken so does not need to be fixed; and (ii) by regulators who complain of scarce resources and how difficult it is with fragmented securities commissions and the diversity of Canadian companies. I have never been persuaded by these arguments.

To address the second argument, what is required is leadership and political will. Premier Kathleen Wynne’s and the OSC’s Maureen Jenson’s emphasis on gender diversity have resulted in nine jurisdictions collaborating and endorsing recent changes to the disclosure of gender diversity, term limits, and measureable objectives, for example. To address the variety of Canadian companies, South Africa’s King III Code applies to all types of companies (public, private, state and non-profits). The issue is one of drafting.

To address the first argument, namely the arguments by industry, regulators should be conscious of undue influence by reporting management and service providers, whose internal power, business model, or commercial interests may be disrupted by governance rejuvenation. The primary consideration for policy renewal should be evidence-based policy and international consistency with best practices. Regulators should also guard against potential conflicts of interest and regulatory capture, by themselves, including those individuals within regulators who intend to return to private industry, or who have other close association with regulated companies. Regulators should also guard against those provincial regulators who oppose reform on the basis of extraneous and non-relevant considerations, such as a desire to maintain turf.

Richard Leblanc is an Associate Professor, Law, Governance & Ethics, at York University. He can be reached at rleblanc@yorku.ca.

 

Canada’s Corporate Governance Guidelines Are Out of Date

In my teaching, research and consulting, I no longer use “NP-58201 Corporate Governance Guidelines,” June 17, 2005 (“Guidelines”), that apply to publicly traded companies in Canada, as an example of exemplary corporate governance. I regard them as stale and dated. I cannot think of another developed country that has not updated its governance guidelines in almost 10 years. There have been more changes to governance since the financial crisis of 2008 than in a generation. And we are only about half way through all of them. Canadian regulators – including all provinces and territories – need to keep up, and step up.

Here are the deficiencies to the Guidelines as I see them:

1. Lack of principles and practices: Our Guidelines are four pages long. The UK’s new Code (September 2014) is thirty-six pages. Australia’s Principles and Recommendations (March 2014) are forty-four. South Africa’s “King III” (2009) is sixty-six pages, to pick only three examples. Quantity is not necessarily quality, but by having such succinct guidelines, the opportunity to set out (i) best practices that (ii) achieve the objective of principles is gone. It is comply or explain against a perfunctory unitary guideline, which can be – and is – gamed by reporting management. There should be more robust guidance, where the regulator explains various ways good governance can occur, from which listed companies can pick and choose according to their circumstances.

2. Lack of focus on risk management: Take risk for example. The Canadian Guidelines simply state that the board should identify principal risks and ensure appropriate systems are in place to manage these risks. I have no idea what this actually means, nor may directors. Risk management oversight now involves an explicit risk appetite framework, internal controls to mitigate, technology, limitations, and assurance provided directly to the board and committees by independent risk, compliance, and internal audit functions. None of these practices, which are very much addressed by other regulators, appear in the 2005 Guidelines. Consequently, many public companies have immature risk management, especially in addressing non-financial risks such as cyber security, operations, terrorism and reputation. Regulatory inaction has an effect. Even a forward-thinking director may be blocked by intransigent management to devote greater resources to mitigating risk because of inadequate regulation.

3. Lack of independence of mind: In Canada, a board can subjectively believe a director to be independent, but this belief need not be independently validated, nor tied to any objective or reasonable standard. Nowhere else can a conflict of interest lack a perceptual foundation. As a result, directors tell me how colleagues are compromised by an office, perks, vacations, gifts, jobs for friends, social relatedness, relations to major shareholders, excessive pay, excessive tenure, interlocks, and other forms of capture. If a director or chair is captured, they are owned by management and totally ineffective. If there is a difference between regulatory independence and the independence of mind of directors, the fault lies with the regulation. Regulators should implement an objective standard of director independence, not a subjective one.

4. Lack of industry expertise: It was admitted in open forum that the original 1994 committee did little research. Sufficient industry expertise on boards is glaringly absent from the Guidelines, and consequently in many boardrooms. We are suffering from an independence legacy, perpetuated by entrenched directors, and unsupported by academic research. For example, in Australia, two academics claim has cost their country’s decline in shareholder value between 30 and 50 billion Australian dollars (“Does “Board Independence” Destroy Corporate Value,” by Peter L. Swan and David Forsberg).

Fraud, meltdowns and underperformance such as Nortel, RIM and CP all had a paucity of industry experts on their boards, including, most recently, Tesco in the UK. JP Morgan at the time of the risk management failure did not have a single independent director with banking experience. Prior to Bill Ackman’s involvement in CP, not a single independent director had rail experience. I recently assessed a similar board and not a single director had the necessary industry experience. The Guidelines should require relevant industry expertise on boards. I recommended this to OSFI when I was retained by them to examine their earlier guidelines, and this is now the law for all federally regulated financial institutions, along with risk expertise being present on boards.

5. Lack of financial literacy and internal audit: There is no requirement to be financially literate to sit, initially, on an audit committee of a Canadian public company. This presumes someone can acquire financial literacy as opposed to having it to begin with. There is also no requirement to have an internal audit function for a Canadian public company. This should also change so audit committee members hit the ground running, and there should be a comply or explain approach to internal audit. In many compliance failures, there is a defective or non-existent internal audit function, with a weak audit committee lacking recent and relevant expertise. Regulators are now moving towards “independent coordinated assurance,” which means that reporting to, and functional oversight by, the board and committees are fulfilled by internal and external personnel who are independent of senior and operating management, including, most importantly, an effective and independent internal audit function.

Join me next week where I will talk about 6-10, including: lack of shareholder engagement; lack of focus on strategy and value creation; lack of focus on sustainability; lack of compensation guidance; and lack of focus on the chair of the board.

Combatting Political Corruption in Canada

There are now two RCMP investigations of potential breach of trust and bribery allegations of a sitting politician involving Senator Mike Duffy and the Prime Minster’s former chief of staff, Nigel Wright.

Senator Pamela Wallin is accused of having taxpayers, at least partially, fund her travel to private events, speeches and board meetings. (Why are Senators even permitted to serve on boards?)

In Quebec, the Montreal mayor who replaced the former mayor has also been charged with multiple corruption counts this past week. SNC Lavalin, a Quebec company, has been charged with bribery and is banned from World Bank contracts for ten years. Arthur Porter, former director of Air Canada, McGill University Health Centre CEO, and member of Canada’s Security Intelligence Review Committee, is fighting extradition from Panama to face bribery charges. The Quebec-based sponsorship scandal is well known, and former Quebec-based Prime Minister Brian Mulroney was reputed to have received cash payments in envelopes.

See “‘Pristine Canada Mired in Scandal After Montreal Arrest.”  Two journalists yesterday called the incumbent Prime Minister incompetent and tone deaf to address it.

The Charbonneau Commission in Quebec has heard from 80 witnesses involving allegations of price fixing, collusion, cash payments to win business, influence peddling, threats and extortion. Current and former politicians have been arrested, offices have been raided, and there are likely more arrests to come.

Quebecers are understandably outraged. Potholes in Montreal are well known, and asphalt suppliers evidently colluded to inflate prices by 80% and reduce the asphalt quality. I see this when I visit Montreal. It is a feeling. It starts right with the taxis refusing to take credit cards and wanting cash only. You get a sense of deep cultural and historic embeddedness in the way business is done. A royal commission inquiry was called by the Quebec prime minister, Louis Gouin, in 1909. It lasted 115 days, had 914 witnesses and 548 pieces of evidence were presented. In the words of an executive via private email, “it took about 100 years to go from 25% to 3%, which may mean another 15 years to clean the rest.”

Canadians have been bombarded over the last few months with stunning lack of ethics, internal controls, and even the most rudimentary governance and accountability practices in government. The Senate had to issue new rules on basic concepts such as producing receipts for taxis and providing a specific purpose for travel when claiming expenses. The Senate used to proceed on the “honor” system. Imagine for a moment if an executive claimed travel on “the honor system.”

See a few examples from the new rules:

“3. Require a Senator to provide a specific purpose for travel when claiming expenses.”

“5. Require taxi receipts be provided when claiming taxi expenses.”

The Senate, in 2013, actually had to instruct Senators to provide receipts!

And the Senate, in 2013, actually had to request an independent auditor to audit its financial expenses. Imagine if a public company did not have an auditor?

And the bar for extracting a politician is not malfeasance or misfeasance, like it is in a company for an executive, but actual criminal charges and even prison. In other words, unless a politician actually goes to prison, he or she may not have to resign, or even answer allegations, and there are no other mechanisms, such as compelled public testimony or recall.

Imagine if a CEO said to a board of directors that this was the condition of succession or replacement – prison.

Anti-corruption is not rocket science. There are proven methods to corrupt and bribe. What is needed is a complete rehaul, including codes, controls, audits, assurance and reporting (including whistle-blowing).

The foregoing takes time, energy and money. The advantage I am seeing is that a judicial inquiry is afoot and there are arrests. This, I have not seen before. These are positive steps, but the recommendations from the judicial commission must be far reaching, deep and enforced. Corruption can be counteracted, but the judicial report should be rigorous, and there should be built-in time frames and personal/office accountability for implementing the recommendations, with penalties for non-implementation, reporting and follow up. This is how you do it.

In other words, government (at all levels) has to not only lead by example, but should impose the same huge overlay of regulation (and cost) that it imposes on public companies, on itself. Then, and only then, will it have the credibility, transparency and best practice accountability that the private sector now has.