EDITORIAL: THE FUTURE CHAIR

The most recent UK Corporate Governance Code introduced a new provision, which comes into effect on 1 January 2026, which increases the expectations on boards with regard to internal controls and risk management.

Specifically, Provisions 29 of the new Code states that:

‘The board should monitor the company’s risk management and internal control framework and, at least annually, carry out a review of its effectiveness. The monitoring and review should cover all material controls, including financial, operational, reporting and compliance controls. The board should provide in the annual report:

• A description of how the board has monitored and reviewed the effectiveness of the framework;

• A declaration of effectiveness of the material controls as at the balance sheet date; and

• A description of any material controls which have not operated effectively as at the balance sheet date, the action taken, or proposed, to improve them and any action taken to address previously reported issues.’

Risk and internal control should be a key area of concern for all directors and with this in mind, you might be interested to read one of this month’s highlighted reports, Internal Audit Hot Topics – the Internal Audit Agenda for 2024 from BDO.

The report highlights 14 topics which should be considered by boards including artificial intelligence, data privacy, digital transformation, supply chain and commercial risk, cyber risk, ESG, geopolitical risk and people, amongst others. Each section provides a useful introduction to the issues involved and provides food for thought to help directors decide for themselves what are the key issues for their businesses.

There is a particularly useful section covering the need to focus on the effective management of cash and working capital, which is vital to all businesses regardless of size.