Key steps to prepare for the fifth edition of the ASX Corporate Governance Principles and Recommendations

Recommendation 3.2

A listed entity should instil and continually reinforce a culture across the organisation of acting lawfully, ethically and responsibly, including by:

• having and disclosing a code of conduct for its directors, senior executives and employees;
• ensuring the board or a committee of the board is informed of any material breaches of the code of conduct; and
• disclosing (on a de-identified basis) the outcomes during the last reporting period of actions taken by the entity in response to material breaches of the code of conduct.

Commentary, impact and steps to prepare

This Recommendation has been broadened from the Fourth Edition equivalent, including a new Recommendation 3.2(c) and the commentary in the Consultation Draft (the Draft Commentary) has also been expanded.

The Fourth Edition requires disclosure of the entity's code of conduct. The Consultation Draft builds on this disclosure to also require that entities instil and reinforce a culture of acting lawfully, ethically and responsibly, which we expect most companies are already doing.

However, the material change to this Recommendation is the insertion of new Recommendation 3.2(c), which will require entities to disclose (on a de-identified basis) the outcomes of the actions taken by the entity in response to material breaches of the entity's code of conduct. The Draft Commentary suggests this will involve potentially disclosing whether changes to policies have occurred or whether training has been delivered to address the breach of the code of conduct.

The Draft Commentary provides further context on the role of the board in relation to overseeing corporate culture, reinforcing that a 'healthy organisation' should promote a 'speak-up culture', ensure the appropriate escalation of issues from management to the board occurs (including reporting material breaches of the code to the board and the remedial steps taken), ensure a culture which recognises the interests of internal and external stakeholders to create long-term sustainable value, and a risk culture which supports early reporting and timely remediation of risk with learning outcomes.

What does this mean?

First, companies will need to need to ensure the right amount of information is flowing through to the board about material breaches of the code of conduct and steps taken in response to those breaches.

Second, the requirement under new Recommendation 3.2(c) for public disclosure of the outcomes of actions taken in response to material breaches has the potential to increase:

• reputational risk, in context of the nature of the material breach in question (eg sexual harassment, corruption, fraud etc);
• scrutiny, in the event stakeholders are not satisfied with the actions taken to resolve the material breach; and
• regulatory investigation or enforcement risk (in circumstances where the material breach is not otherwise required to be reported to a regulator), where the content of the disclosure piques the regulator's interest (eg if on face value it is dissatisfied with the remedial outcome).

What can I do to prepare?

• Review your code of conduct to ensure it addresses the new Recommendations (ie that the code 'should support the lawful, ethical and responsible operations of the entity, in the best interests of the entity (including having regard to the interests of the entity's key stakeholders)') and any other suggestions made in the Draft Commentary that are relevant for your company.
• Review your remedial and grievance mechanisms and other processes to address material breaches of the code, given these steps may need to be disclosed publicly under Recommendation 3.2(c).
• Consider how breaches of the code, and the consequences imposed, are categorised (including clarity as to the meaning of 'material breaches') and reported up the chain, including to make sure information flows to the board are appropriate.
• Consider how to balance disclosure of outcomes of material breaches in light of other laws and regulations, such as privacy and confidentiality requirements and whistleblowing laws.

Recommendation 3.3

A listed entity should have regard to the interests of the entity’s key stakeholders, including having processes for the entity to engage with them and to report material issues to the board.

Commentary, impact and steps to prepare

This Recommendation is new.

While a director's duty is to act in the best interests of the company, new Recommendation 3.3 will require listed entities to also have regard to the interests of key stakeholders. This supports the view that it is in the long-term best interests of the company for the directors to consider the interests of key stakeholders.

The Draft Commentary notes that 'stakeholders' may include security holders, employees, customers, suppliers, Aboriginal and Torres Strait Islander peoples, local community, lawmakers and regulators, and organisations that represent the interests of stakeholders, such as unions, environmental groups or consumer groups. Key stakeholders for an entity will, of course, depend on the nature of the relevant entity.

The Draft Commentary suggests the listed entity should identify and regularly review the entity's key stakeholders, having regard to the entity's values, strategic objectives and risk appetite, including consideration of a stakeholder engagement program.

Interestingly, the Draft Commentary suggests the board's activities may include overseeing due diligence on the entity's stakeholder relationships, including human rights impacts (including by reference to the structures in the United Nations' Guiding Principles on Business and Human Rights (UNGPs)).

What can I do to prepare?

• Identify your key 'stakeholders'.
• Review your stakeholder engagement regime (if you don't have one, consider if a regime would be appropriate).
• Consider what uplift (if any) is required to governance processes to ensure the board is informed of key stakeholder matters, including (if appropriate) reporting due diligence findings to the board in line with the structure of the UNGPs.

Recommendation 2.2

A listed entity should:

1. have and disclose a board skills matrix setting out the mix of skills the board currently has and is looking to achieve in its membership; and
2. disclose its process for how it assesses that the relevant skills and experience are held by its directors.

Commentary, impact and steps to prepare

Recommendation 2.2(a) has been broadened, and a new Recommendation 2.2(b) inserted.

The Fourth Edition currently requires entities to disclose a board skills matrix that sets out the mix of skills the board currently has or is looking to achieve in its membership. However, Recommendation 2.2(a) of the Consultation Draft now proposes that entities will need to have and disclose a skills matrix of the board's current skills and those it is looking to achieve.

The Consultation Draft also proposes a new Recommendation 2.2(b) that an entity disclose its process for assessing the skills and experience held by its directors. The Draft Commentary provides that better practice is to include information on the skills of individual directors (rather than reporting that the board as a whole possesses a particular skill), and to explain specific skills and the criteria for directors to be deemed to possess those skills.¹

What does this mean?

As mentioned in our earlier Insight on board skills matrices and current trends among the ASX50, the last few years have seen an increase in the level of disclosure of board skills (including an increase in disclosure regarding assessment processes). The proposed changes in the Consultation Draft will further this trend.

With increased disclosure comes the potential for increased scrutiny from stakeholders (including investors and shareholders) in the event they identify an apparent skill and/or experience gap. On the other hand, disclosure of objective evaluation processes may assist entities to respond to shareholder activists who target the re-election of directors based on perceived skill gaps or activist campaigns that seek to have an independent director elected to the board to fill a perceived skill gap.

What can I do to prepare?

• Review your existing board skills matrix to ensure:
  • the skills disclosed align with the skills and experience needed in context of your business and strategy; and
  • there is a clear delineation between skills the board currently has versus skills it is looking to add to its membership.
• Consider your existing criteria for directors to be deemed to possess a skill, and how you evaluate your director against those criteria. 
• Consider if any uplift is required to your director evaluation process (which could include engaging an independent third-party adviser or undertaking an external third party review or application of external research).

Recommendation 2.3

The board of a listed entity should:

1. have and disclose a measurable objective and timeframe for achieving gender diversity in the composition of its board;
2. disclose the entity's progress in achieving the measurable objective in the reporting period; and
3. if it is considering any other relevant diversity characteristics for its board membership, disclose those diversity characteristics.

Commentary, impact and steps to prepare

Recommendations 2.3(a) and (b) replace and build on existing Recommendation 1.5. Recommendation 2.3(c) is new.

The Fourth Edition provided that the measurable objective for achieving gender diversity in the composition of the board of an entity in the S&P/ASX 300 Index should be to have not less than 30% of its directors of each gender. In contrast, in the Consultation Draft, gender diversity is defined for those entities in the S&P/ASX 300 Index as a board with at least 40% women / at least 40% men / up to 20% any gender. This reflects the 40:40:20 gender target already used by many Australian listed entities.

Recommendation 2.3(a) also now requires the disclosure of a timeframe for achieving gender diversity on the board. Entities may already have set timelines for internal reporting purposes, but disclosure will now be required.

Recommendation 2.3(a) is new, and will require an entity to disclose any other diversity characteristics (beyond gender) it is considering for its board membership (if any). The Draft Commentary references diversity characteristics such as age, race, backgrounds and personal characteristics. The Draft Commentary suggests integrating gender diversity considerations into the succession planning process for boards, with the recommended measurable objective for gender diversity including a minimum percentage of female directors.

What can I do to prepare?

• Think about your current board composition and succession planning in light of these new metrics—develop a set of clear and measurable objectives for achieving gender diversity on the board, together with a plan for achieving those objectives within the intended timeframe.
• Develop a transparent reporting process that discloses the entity's progress in achieving gender diversity objectives during each reporting period.
• If the board is considering any other diversity characteristics for board membership, be prepared to disclose those diversity characteristics.

Our further Insights into board diversity reporting identified that a number of the ASX50 already disclose diversity metrics such as ethnicity, nationality and geographical location, in addition to the prescribed metrics of gender and tenure. At least one ASX50 company in the 2023 financial reporting year also disclosed LGBTIQA+ representation in its board diversity reporting.

Recommendation 3.4

A listed entity should:

1. have and disclose a diversity and inclusion policy;
2. through its board or a board committee set measurable objectives for achieving gender diversity in the composition of its workforce (including in its senior executive team); and
3. disclose in relation to each reporting period the effectiveness of its diversity and inclusion practices, including:
   1. the measurable objectives set for that period to achieve gender diversity;
   2. the entity's progress towards achieving those objectives; and
   3. either:
      1. the respective proportions (by gender) of members of the board, in senior executive positions and across the whole workforce (including how the entity has defined "senior executive" for these purposes); or
      2. if the entity is a "relevant employer" under the Workplace Gender Equality Act, the entity's most recent "Gender Equality Indicators", as defined in and published under that Act.

Commentary, impact and steps to prepare

This Recommendation has been expanded.

The Consultation Draft has built on the Fourth Edition's Recommendation 1.5, with a slight amendment to expand the disclosure to require a diversity and inclusion policy (whereas previously in the Fourth Edition it was only a diversity policy). There is also a new requirement for entities to disclose the effectiveness of their diversity and inclusion practices. The Draft Commentary notes this includes 'information on the prevalence of, and measures taken to address, sex-based harassment and discrimination'. The Draft Commentary has also expanded diversity characteristics to include relationship status, family and caring responsibilities, inter-sex status and race.

What does this mean?

• Listed entities should expect increased attention on their D&I-related practices and processes, especially given it is proposed entities will also need to form a view and disclose the effectiveness of their diversity and inclusion practices.
• Collecting demographic data within the workforce will need to be done having regard to privacy laws and other sensitivities. Mishandling or inappropriate use of this data (or any leak of this data) could lead to legal and reputational consequences.

What can I do to prepare?

• Review and consider any necessary (or appropriate) uplift to your diversity and inclusion policy.
• Develop a secure and compliant information gathering and reporting methodology.
• Determine the criteria you will use to assess the effectiveness of your D&I practices, and what messages you intend to communicate to stakeholders in reporting against this.

Recommendation 6.2

A listed entity should have an investor relations program that facilitates effective, two-way communication with investors.

Commentary, impact and steps to prepare

The Draft Commentary regarding Recommendation 6.2 has been broadened.

The Draft Commentary expressly notes that in order to have an investor relations program that facilitates effective, two-way communication with investors, entities should consider, for example, engaging with investors where a significant number of votes are cast against a resolution put to a general meeting, and (if appropriate) disclosure of any actions to understand and respond to that vote.

What does this mean?

There are some specific disclosures already required at law (eg a Remuneration Report needs to include specific information where a company receives a strike on its previous Remuneration Report). However the suggestions in the Draft Commentary would open a new paradigm for public discourse on reactions to shareholder sentiments more broadly—which is particularly interesting in the context of shareholder activism and protest votes against director elections or remuneration awards to managing directors.

What can I do to prepare?

Consider what parameters are in place (or should be put in place) to assess the materiality of issues that are raised by shareholders or special interest groups that would trigger consultation and, if appropriate, whether you should disclose any actions taken in respect of such consultation. This will need to be done having regard to your continuous disclosure obligations and the need to manage issues such as selective briefings.

Recommendation 6.3

A listed entity should disclose how it facilitates and encourages participation at general meetings of securityholders.

Commentary, impact and steps to prepare

This Recommendation remains substantially the same, but the Draft Commentary has been broadened.

There was a significant shift in member engagement at meetings that was brought on by the COVID-19 pandemic and the use of technology to allow the board, management and securityholders to come together whilst being physically separated.

The Draft Commentary focusses on how technology should be used in these forums and the expectations of investors—a reflection of the fact that virtual and hybrid meetings have become part of the Australian corporate landscape as a result of the pandemic.

What does this mean?

The Fourth Edition only asks listed entities to consider what technologies could best be used to facilitate engagement at meetings. The Draft Commentary is stronger in articulating that 'investors expect' listed entities to use technology to facilitate participation in general meetings.

Prior to the pandemic it was not uncommon for listed entities to hold meetings that were entirely in-person, and it has been the preference of some listed entities to revert to this meeting format now that public health and safety restrictions have been wound back. There continues to be heightened scrutiny and pressure being applied by representative groups on the AGM format. The Draft Commentary would appear to set the expectation that the default position should be a hybrid meeting.

What can I do to prepare?

You should canvas your own investors to ensure you understand their expectations, and respond accordingly when planning your meetings.

Recommendation 8.2

A listed entity should not give performance-based remuneration or retirement benefits to non-executive directors.

Commentary, impact and steps to prepare

This recommendation is new.

The Draft Commentary provides that non-executive directors (NEDs) should not receive performance-based remuneration as it may lead to bias in their decision-making, thereby compromising objectivity and independence. Although the Draft Commentary indicates that it is generally acceptable for securities to be issued to NEDs as part of their remuneration, they should not receive options with performance hurdles attached or performance rights as part of their remuneration.

What does this mean?

If the Recommendation is adopted as proposed, listed entities should note that, whilst this position has been considered best practice for a while, it means the fifth edition would go further than what the law strictly requires.

What can I do to prepare?

Consider if your NED remuneration practices could be impacted by this development. If you intend to maintain any performance-based remuneration for NEDs, consider the rationale for doing so and how this non-adherence to Recommendation 8.2 will be disclosed in your Corporate Governance Statement.

Recommendation 8.3

A listed entity should:

1. have remuneration structures which can claw back or otherwise limit performance-based remuneration outcomes of its senior executives after award, payment or vesting; and
2. disclose (on a de-identified basis) the use of those provisions during the reporting period.

Commentary, impact and steps to prepare

This recommendation is new.

The Fourth Edition includes commentary that recommends disclosure of a summary of the entity’s policies and practices regarding the deferral of performance-based remuneration and the reduction, cancellation or clawback of performance-based remuneration in the event of serious misconduct or a material misstatement in the entity’s financial statements. These issues now form the basis of a new recommendation 8.3.

The Draft Commentary that accompanies the new recommendation suggests that any disclosures made regarding the use of these clawback provisions should include, where appropriate:

• the types of matters that triggered the provisions, including misconduct or a material misstatement in financial statements;
• the number of current and previous senior executives impacted by the use of the provisions during the reporting period; and
• the impact on remuneration outcomes for those executives (de-identified), such as the aggregate value or percentage of performance-based remuneration clawed back, reduced, cancelled or limited.

What can I do to prepare?

• Confirm that your remuneration structures include appropriate clawback and discretionary mechanisms that respond when needed. Many Australian listed entities will already have these mechanisms in place. If not, consider necessary uplift.
• Consider how you will disclose the entity's use of those mechanisms, including the rationale and justifications for the relevant outcomes. We expect market participants will closely monitor these disclosures, including whether entities are holding senior executives to account in the event of serious misconduct.

Recommendation 4.2

A listed entity should disclose its process to verify the integrity of any periodic corporate report it releases to the market, including the extent to which it has been audited, or otherwise the subject of assurance, by an external assurance practitioner.

Commentary, impact and steps to prepare

This Recommendation has been broadened.

The Fourth Edition only requires a listed entity to disclose its process to verify the integrity of any periodic corporate report it releases to the market that has not been audited or reviewed by an external auditor. However, the Consultation Draft now broadens Recommendation 4.2 to require (among other things) disclosure of the extent to which all corporate reports have been audited, or the subject of assurance by an external assurance practitioner. The updates to this recommendation have also broadened the coverage to any sustainability report required under the climate-related financial reporting regime (if prepared).

The Draft Commentary suggests a listed entity should:

• where some or all of the report was subject to audit or another assurance, disclose (within the report itself) the nature and extent of that work;
• disclose the processes more generally in the entity's governance disclosures in its annual report or on its website, including the guiding principles and internal procedures; and
• provide an opinion from management for financial reports that the reports are based on a sound system of risk management and effective internal control.

What does this mean?

The process to prepare and verify a periodic corporate report is complex and varies from document to document, particularly—as the Draft Commentary notes—for developing areas of reporting. Listed entities are already careful in how they craft the statements in their Corporate Governance Statements around the process they have undertaken to avoid misrepresenting or overstating the process. While we expect the new information required will be readily available, the additional disclosures could prompt further scrutiny on the following fronts:

• Inadequate and inaccurate disclosure of the verification process for periodic corporate reports may prompt regulators or other stakeholders to investigate, and possibly challenge, perceived shortcomings.
• If certain corporate reports are partially audited or assured, this may attract increased investor scrutiny in the event investors disagree with the level of audit / assurance completed on the corporate report.

What can I do to prepare?

By now, listed entities that comply with the Fourth Edition will already have a verification process they can point to, but if the Recommendation is adopted as proposed, listed entities should plan for, and document, the nature and extent of the audit, or external assurance received for all corporate reports and be comfortable that this is appropriate for the relevant report, given this will also need to be disclosed.

Recommendation 4.3

A listed entity should disclose:

• the tenure of the audit firm and audit engagement partner as at the end of the reporting period; and
• when the appointment of the external auditor was last comprehensively reviewed and the outcomes from that review.

Commentary, impact and steps to prepare

This Recommendation is new.

The Draft Commentary suggests the audit committee should periodically undertake a comprehensive review of the effectiveness and independence of the auditor, and consider the removal of the auditor by the shareholders, putting the audit to tender or for rotation of the audit engagement partner.

What does this mean?

While audit committees will have processes in place to determine the appointment and removal of external auditors, assess their performance and assure themselves of their independence (and listed entities must also adhere to the auditor independence and rotation requirements under the Corporations Act), this new recommendation will require listed entities to disclose more detail regarding their engagement with their auditor. It could lead to a new spotlight on auditor tenure and performance, and the frequency and process for auditor reviews.

What can I do to prepare?

Work with your board, audit committee and auditor to understand your relationship with your auditor and how and when their performance is reviewed, and plan for future disclosures in this regard (including the rationale for your review process). 

Recommendation 7.4

A listed entity should disclose:

• its material risks (including its material environmental, social and governance risks); and
• how it manages or intends to manage those risks.

Commentary, impact and steps to prepare

This Recommendation has been broadened.

A key focus of the Fourth Edition was the requirement to disclose a listed entity's 'environmental and social risks'. Much consternation ensued about what was and was not captured by those terms, and what it means to be 'exposed' to such risks.

The redrafting of this Recommendation in the Consultation Draft broadens the field by applying to all 'material risks', including (but not limited to) environmental and social risks.

What does this mean?

Listed entities are being asked to think more holistically about risk without limiting themselves to particular categories of risk or ways in which those risks might manifest. Identifying and empowering management to respond to material risks is already what directors need to do, so we think the changes are helpful in encouraging listed entities to engage in dialogue about their efforts without limiting those discussions to particular issues.

What can I do to prepare?

The good news is you are likely already doing this. The Draft Commentary notes that this Recommendation could be complied with by cross-referring to the issues discussed in your operating and financial review in your director's report or your sustainability report (if you have one), so it will be a matter of bringing together disclosures that appropriately describe or reference your risks and risk management strategies.

Recommendation 9.3

Commentary, impact and steps to prepare

New recommendation 9.3 states that the board of a listed entity outside Australia should receive from its CEO or CFO a declaration that the financial records of the entity have been properly maintained, comply with the appropriate accounting standards and give a true and fair view of the entity's financial position and performance. This declaration should be given before the board approves the entity's financial statements for a financial period.

This recommendation largely mirrors the declaration required by listed entities established in Australia under s295A of the Corporations Act.

Recommendation 9.4

Commentary, impact and steps to prepare

New recommendation 9.4 states that a listed entity established outside Australia should ensure all substantive resolutions (proposed resolutions that appear in a meeting's ballot paper) at a meeting of security holders are decided by a poll rather than by a show of hands.

This recommendation reflects requirements imposed on Australian listed entities under the Corporations Act.

Recommendation 9.5

Commentary, impact and steps to prepare

New recommendation 9.5 provides that a listed entity established outside Australia should give security holders the option to receive and send communications electronically.

This recommendation reflects the ability of Australian listed entities to provide security holders with electronic communications, unless they have elected otherwise.

Recommendation 9.7

Commentary, impact and steps to prepare

New recommendation 9.7 provides that a listed entity established outside Australia and that has an equity-based renumeration scheme should have a policy on whether participants can enter into transactions that limit the economic risk of participating in the scheme and disclose that policy or summary of it. This applies whether the participants in the scheme are directors, senior executives or other employees.

Australian listed companies have a similar requirement at law.