The Shareholder Bill of Rights Act of 2009 submitted by Senators Schumer and Cantwell addresses one of the key issues in the current financial crisis, that of corporate governance. While the NYSE has a rule that the board must articulate its enterprise risk management strategy, such a proscription has yet to be enshrined in law. The Schumer Bill address that:
16 (A) IN GENERAL.—Each issuer shall…establish a risk committee, comprised entirely of independent directors, which shall be responsible for the establishment and evaluation of the risk management practices of the issuer.”
It’s unlikely that this particular bill passes as written, but the notion that companies will have to formally name a risk committee will certainly shine the light on how companies identify and evaluate risk in their business.
Interestingly, in the UK, the Financial Reporting Council just finished their review of the corporate governance code. There’s an interesting article in Management Today here:
I disagree with the conclusion, however. The ‘comply or explain’ approach will never work. We just learned that lesson from the former investment banks that were supposed to self-regulate in the US. My view is that you can fashion regulation that’s not “over-reaching” (some would say Sarbanes-Oxley falls into this category) yet provides sufficient guidance on operating requirements to actually mitigate real risks.