COMBINED ASSURANCE: STRENGTHENING GOVERNANCE AND BUSINESS REPORTING (2025-03-31)

March 31, 2025  222  222   

By Terrance M. Booysen (CGF Research Institute: CEO)

Recent years have seen further corporate governance failures that reinforce the urgency of improved oversight.  The Volkswagen emissions scandal exposed how the automaker manipulated emissions data to deceive regulators and consumers.  Wirecard, a German fintech giant, collapsed when auditors discovered €1.9 billion in cash was missing, highlighting widespread financial misreporting. The Adani Group, an Indian multinational conglomerate, faced allegations of stock manipulation and accounting fraud, shaking investor confidence and the organisation allegedly lost over $104 billion in value.  Earlier this month, PwC was fined £4.5 million (reportedly reduced to £2.9 million) for audit failures in the Wyelands Bank Plc case, exposing deficiencies in risk assessment and assurance processes.  Cases such as these underscore how governance failures remain a global concern, highlighting the need for stronger, integrated assurance mechanisms to protect stakeholders and financial stability.

Many corporate failures could have been prevented, or at least mitigated if effective governance controls, early warning systems, and transparent reporting structures had been in place.  Today, shareholders and key stakeholders demand greater assurance that leadership teams are not only competent, but also proactively managing risks and safeguarding the long-term sustainability of the organisation.

The shift toward accountability and transparency

Shareholders, often having experienced significant financial losses due to governance failures, have become more discerning.  They no longer accept vague assurances or rely solely on the intuition of business leaders. Instead, they expect comprehensive, evidence-based reporting on governance, strategy, and risk management.

The traditional reliance on the CEO’s or board’s statements is no longer sufficient.   A series of corporate scandals has demonstrated that some leaders have manipulated financial statements or prioritised short-term gains over long-term sustainability.  This has prompted regulatory bodies worldwide to call for more rigorous and independent assurance mechanisms.

The role of combined assurance in risk oversight

To meet these heightened expectations, many organisations have adopted integrated reporting that extends beyond financial performance to include environmental, social, and governance (ESG) considerations.  Leading governance codes, including those influenced by the King IV™ principles, emphasize the importance of Combined Assurance; a structured approach to providing stakeholders with confidence that governance and risk management processes are sound.

Combined Assurance entails multiple levels of oversight to ensure a holistic view of risk, including:

• Management assurance: Ensuring internal controls and operational risk management are effective.
• Internal assurance functions: Including internal audit, compliance, and risk management teams.
• External assurance providers: Engaging independent auditors and industry experts and regulators to verify governance processes.

The essence of Combined Assurance is to provide a structured, multi-layered approach to internal oversight, where different assurance providers work in a coordinated manner to assess and mitigate key risks.  This approach integrates independent verification where necessary, ensuring that risks are not only identified but also effectively managed, thereby strengthening stakeholder confidence in the organisation’s governance and control environment.

A collaborative approach to risk management

To be effective, risk governance must be embedded across the organisation rather than confined to isolated functions.  Boards and executive teams must work collaboratively, breaking down silos to ensure a coordinated approach to risk management.  This aligns with global governance best practices, which emphasize that risk oversight is a fundamental board responsibility.  Each year, leading CEOs and directors cite key governance challenges, including:

1. Understanding the strategic impact of risk.
2. Ensuring risk oversight remains a substantive agenda item at the board level.
3. Strengthening risk management frameworks and internal controls.
4. Overseeing enterprise risk management, covering financial, operational, strategic, compliance, and reputational risks.

Addressing these challenges requires a structured approach to assurance, where risk oversight is strengthened through a coordinated effort between management, internal audit, external auditors, and other assurance providers.  A robust Combined Assurance model, supported by a digitised governance framework, enhances real-time governance and risk monitoring, streamlines reporting, and ensures that assurance activities are aligned with strategic objectives. This enables boards to make informed decisions with confidence, reinforcing accountability and resilience in an increasingly complex business environment.

Legal and fiduciary implications

Beyond governance best practices, legal frameworks worldwide increasingly impose personal liability on directors and senior executives for governance failures. Corporate laws in various jurisdictions -- such as the UK Companies Act, the U.S. Sarbanes-Oxley Act, Australia’s Corporations Act and South Africa’s amended Companies Act -- demand higher levels of accountability.  The evolution of governance codes in markets like South Africa, the EU, and Asia further reinforces these expectations.

Given the expanding responsibilities of directors and senior executives, Combined Assurance is not merely a compliance requirement but a strategic necessity.  Directors and prescribed officers must ensure that risk management is not viewed in isolation but is integrated into the organisation’s broader governance and reporting structures.

The future of governance: A digital-first approach

The increasing complexity of governance requirements has made it clear that manual, fragmented reporting processes are no longer viable.  A digital governance framework, leveraging real-time data and analytics, is critical to achieving a unified and transparent risk management approach.

By adopting a technology-driven governance framework, boards and executive teams can ensure, amongst other:

• Real-time oversight of risk and compliance metrics.
• Streamlined governance reporting for internal and external assurance providers.
• A standardised approach to risk management across all key business units.

Conclusion: Combined Assurance as a strategic imperative

In today’s regulatory and business environment, Combined Assurance is not just a safeguard; it is a critical tool for effective governance and corporate longevity.  Directors and executives must embrace this approach, ensuring that risk management, accountability, and transparent reporting are fundamental to their leadership mandate.  The adoption of a structured Combined Assurance framework reinforces stakeholder confidence, strengthens corporate resilience, and positions organisations for sustainable growth in an increasingly complex global marketplace.

ENDS

Words: 1,005

For further information contact:

Terrance M. Booysen (CGF: Chief Executive Officer) - Cell: +27 (0)82 373 2249 / E-mail: tbooysen@cgf.co.za
Jené Palmer (CGF: Director)) - Cell: +27 (0)82 903 6757 / E-mail: jpalmer@cgf.co.za
CGF Research Institute (Pty) Ltd - Tel: +27 (0)11 476 8261 / Web: www.cgfresearch.co.za

 

Follow CGF on Twitter: @CGFResearch

Attached Files

• combined-assurance-cgf-20250331 97.72 KB