Corporate management and governance has, as its primary objective, the
enhancement of corporate profits and shareholder gain. i.e. the corporate
governance is basically rules and practices put in place within a company to
manage information and economic incentive problems inherent in the separation of
ownership from control in large enterprises and as dealing with
how, and to
what extent, the interests of various agents involved in the company are
reconciled and what checks and incentives are put in place to ensure that
managers maximize the value of the investment made by shareholders.
A major approach taken to achieve this
objective is to have in place mechanisms that are targeted at keeping abuse and
fraud in check. These include the duties imposed on directors, the role played
by auditors, the establishment of audit committees, and disclosure requirements
to name but a few. Availability of accurate, relevant, and timely information is
crucial to establishing and maintaining these mechanisms as well as to ensure
their efficacy. Because the availability of information plays such a major role,
the increased use of (IT) in information management has made a considerable
impact on these corporate governance and management mechanisms.
This paper aims to discuss the new
challenges that directors, auditors, investors, and regulators face in adapting
and using IT to enhance standards of corporate governance and fulfilling the
requirements of Corporate Social Responsibility. The project will deal with
providing a brief summary of the basic changes brought about by IT in the areas
of data storage and management, the processing of information, and information
dissemination. The paper will then go on to discuss and highlight how these
changes can impact on the roles of directors, auditors, investors, and
regulators in their respective corporate social responsibility functions and
point out some specific areas of potential development and change.
The Bases Of
Corporate Social Responsibility
Corporate Social Responsibility (CSR) has come to the forefront of Corporate and
economic concerns because of the increasingly globalize nature of business and
the so-called New Economy, a knowledge-based, technology-driven environment that
has, among other things, affected an increase in stakeholders access to
information. “The premise of the corporate social responsibility movement is
that ‘corporations, because they are the dominant institution of the planet,
must squarely face and address the social and environmental problems that
afflict humankind”. As a mode of implementing human rights, labor, and
environmental standards, CSR has long been discussed as a possible remedy to the
inequalities created and exacerbated by globalization. It considers that a
corporation is not just a self-centered profit-making entity, but that the
company and its actions are also integral to the economy, society, and
environment in which they occur. Directors and officers are becoming ever more
aware that CSR may provide human rights, labor, and environmental protections to
the communities in which they live and to the people they employ. The business
case for such social responsibility among corporations is becoming clearer as
globalization progresses. It includes:
1. Managing risks.
2. Protecting and enhancing reputation and brand equity
3. Building trust and license to operate
4. Improving resource efficiency and access to capital
5. Responding to or pre-empting regulations.
6. Establishing good stakeholder relationships with current and future
employees, customers, business partners, socially responsible investors,
regulators, and host communities
7. Encouraging innovation and new ways of thinking
8. Building future market opportunities.
As such, a social responsibility policy can
provide value as a strategic part of a firm's daily activities. Under a strategy
that integrates socially responsible practices, a company's analysis of profit,
return on investment (ROI), or return on equity (ROE) as the bottom-line should
be replaced by a "triple bottom-line" approach, encompassing economic, social,
and environmental factors. A company that ignores social and environmental
concerns in its activities may have substantial profit or returns in its current
state and, therefore, be content to continue its operations at the status quo,
but its actions nonetheless have the potential to negatively affect society and
the environment. Its potential future profit is thereby diminished when the
company does not take a holistic approach to the global business environment.
Thus, CSR involves the integration of
companies into their local, national, and global settings. At the same time, it
recognizes the strong human rights dimension of CSR, particularly with regard to
global operations and supply chains.
What CSR comprises will differ from company
to company and industry to industry. Company’s approaches in dealing with their
responsibilities and relationships with their stakeholders vary according to
sectoral and cultural difference. Implementing CSR practices into a
corporation's strategy is a holistic process and requires several steps,
starting with adopting a mission statement and code of conduct or credo, both of
which describe the company's purpose, values, and responsibilities to its
stakeholders. After that, the company must translate these ideals into actions
within the company's strategy and daily decisions. This requires adding social
policy into every aspect of the company's operation and then evaluating the
corporate performance in accordance with that policy.
Successful implementation of CSR in a
company's strategy therefore requires a paradigm shift at the core of the
business. Managers must learn to think in ways other than those they are
accustomed to, and employees and other stakeholders have greater incentive to
become personally involved in the business.
The Impact Of
Information Technology On Corporate Social Responsibility
In examining this concept itself, it is to be understood that CSR is having both
internal and external dimensions.
1. As regard the internal dimension the project deals with the socially
responsible practices primarily involve employees and relate to issues such as
investing in human capital, health and safety, and managing change, while
environmentally responsible practices relate mainly to the management of natural
resources used in the production within the company. They open a way of managing
change and reconciling social development with improved competitiveness.
2. With regard to the external dimension of CSR, the project notes that:
Corporate social responsibility extends beyond the doors of the company into the
local community and involves a wide range of stakeholders in addition to
employees and shareholders: business partners and suppliers, customers, public
authorities and NGOs representing local communities, as well as the environment.
The Impact Of I.T.
On Internal C.S.R. Can Be Listed In The Following Manner
1. Changes in Information Management
The manner in which information is stored, processed, and disseminated has
undergone significant changes over the last decade or so. This has been the
direct result of advances made in computer technology. Documents may now be
electronically prepared, filed, sorted, stored, and archived without leaving the
comfort of one's chair. Furthermore, data can be managed with a precision and
efficiency not possible under the previous manual system of data management.
Computers are able to sort and group data and perform complex calculations at a
rate and with a degree of accuracy never before possible, which means that
customer lists and preferences, information about competitors, financial, and
performance indicators may be generated in a matter of seconds.
In addition, the advent of e-mail and the
internet has made it possible to disseminate this information almost
instantaneously. More sophisticated hardware at lower prices, the increased
user-friendliness of software, and higher computer literacy in many developed
countries have all contributed to an increased use by corporations of computer
Furthermore, the use of IT to manage
information flows and the resulting potential to increase the capacity and
efficiency of data storage, processing, and dissemination has altered the
significance of information for corporations. In other words, information is not
only an invaluable resource for wealth generation but, in many instances, has
itself become an asset. As such, it must be protected through a system of
internal controls. Care must be taken to select the most effective and efficient
methods of storing, managing, and utilising available information. Where the
information stored is proprietary in nature (such as client lists, and trade
secrets), there is a need to protect it from being stolen or used unlawfully.
Steps must also be taken to guard against its destruction. Abuse may also arise
where information is utilized in a manner that invades the privacy of clients,
trading partners, and employees. These issues were important even prior to the
IT revolution. However, they have now taken on an additional perspective because
of the increased use of IT in information management. This, in turn, has had a
direct impact on the duties of directors, the responsibilities of auditors, the
interests of investors, and the role of regulators in establishing and
maintaining satisfactory corporate governance practices.
2. Directors Duties
In this day and age, it is difficult to imagine any major corporation that does
not rely in one way or another on computers for its information needs and this
has forced corporate management to place much emphasis on IT related investments
such as computer hardware, software, and personnel. However, expenses of this
nature must be justifiable and in the long run must result in revenue generation
for the company. To make effective decisions, directors need information to be
passed on to them accurately and speedily. Thus, the potential IT offers in
terms of efficient and effective information management should not be ignored by
the prudent director. Nevertheless, this growing dependence on IT has raised
several issues that those self-same directors should consider in the performance
of their duties.
3. Duty of Care
While it is extremely tempting to jump onto the bandwagon, directors must first
understand the benefits and pitfalls of using IT to store information. One can
hardly dispute that it is much easier to compile and generate information stored
in a computer. The manual compilation and monitoring of data changes used to
take a considerable amount of time and effort for large companies, but may now
be accomplished by a few clicks of a mouse. Copying and transporting such
information no longer requires reams of paper but may be done using a single
floppy disk, and e-mail facilities ensure it is just as easy to disseminate this
information to hundreds more people. There are however, corresponding risks and
disadvantages associated with managing electronic information.
First, the increased ease of compiling,
copying, and transferring information means that information may in turn be
easily misused or stolen. Questions of system security for the purpose of
maintaining secrecy and confidentiality dominate many discussions in the IT
field. Second, aside from being physically destroyed, information stored in
computers may be corrupted because of computer viruses, or accidentally deleted,
or become irretrievable due to system problems. Finally, computers are
increasingly being used to perform more critical functions. From the factory
assembly line to the launching and control of satellites, growing dependence is
being placed on the information systems installed to discharge a corporation's
operations. Consequently, any computer error or system breakdown may prove
extremely costly to the company.
It is therefore important for managers to be
clear about the risks associated with IT. Indeed, directors have a duty to
ensure such risks are minimized by introducing the proper checks and procedures.
Back-up systems and safety devices must also be introduced to ensure that,
should a system failure occur, the company will not suffer significant losses.
While there have been numerous suits against directors for failing to monitor
the financial position of companies adequately, a similar focus on directors
failure to monitor IT systems and procedures has yet to arise. As companies
continue to rely on IT, it is envisaged that the scope of a director's duty of
care vis-à-vis the use of IT, its risks and consequences, will soon be a common
feature in the courts because just as a director's ability to assess and handle
the financial aspects of a company's business has become a matter of immense
importance, company directors should attain a correspondingly greater
understanding of IT processes and be able to appreciate the risks involved in
4. Monitoring the Affairs of the Company
Changes in the way information is managed will inevitably result in changes in
the way that information is collated and presented. Computer systems may be set
up to capture information at the point of transaction and transmit it directly
to a centralized database for storage and processing. Bar code devices,
electronic data interchanges, and internet transactions are increasingly being
used by companies in their business processes. In addition, the availability of
computer programmes that can automatically generate relevant financial
information and compute key ratios instantaneously enables a closer monitoring
of a company's financial position. In a properly designed system, directors can
access financial information on-line from literally anywhere. Because technology
enables directors to achieve a higher standard of care and diligence, it
therefore follows that the absence or unavailability of information will become
less acceptable excuses for directors who fail to detect discrepancies in
financial statements. More specifically, directors are now in a better position
to determine the company's degree of solvency to guard against insolvent or
wrongful trading. Likewise, rescue operations may be initiated earlier for the
benefit of the company .
Another implication of advances in this
field is the potential effect on the proposition that directors are not required
to give continuous attention to the conduct of the company's affairs. The time
taken for a director to collect, digest, collate, and analyze information in
1925 when the proposition was first propounded is vastly different to the time
taken to do the same jobs using today's technology: board meetings may be
conducted by video conferencing; information can be faxed, e-mailed, or
otherwise electronically transmitted. Similarly, the internet may be used to
give directors access to relevant information regardless of where they are.
Charts may be prepared and altered to simulate changes, and presented almost
instantaneously. Because of these increased capabilities, directors may achieve
an acceptable degree of continuous supervision without spending an excessive
amount of time in the office. It will therefore be much more difficult for
directors to justify non-attendance at meetings and a completely hands-off
approach to corporate affairs.
5. Reliance on Experts
It is commonly accepted that directors are permitted to base their decisions on
expert advice and will be absolved from liability if their reliance is
reasonable and justifiable, although thus far, such cases have involved
financial advisors, accountants, and auditors rather than company directors. In
the same vein, directors should also be permitted to rely on the advice of IT
specialists as regards the integrity and efficacy of a company's IT system
unless he or she has been put on inquiry.
The law permits directors to rely on others
to assist them in managing the company because it recognizes that the exigencies
of business require, in certain situations, the intelligent devolution of labour. Directors are entitled to rely on the
judgment, information, and
advice of officers entrusted with the duty delegated to them in the absence of
any manifest circumstances that a prudent person would have taken note of which
may have resulted in that person acting otherwise.
6. Changes in Auditing Responsibilities
The role of an auditor in corporate governance is essentially to provide an
independent opinion on the integrity of the financial information provided by
management to a company's owners. Because information is now being stored
differently, auditors must adapt to these changes to properly perform their
roles. It is necessary to control and audit the use of computers in capturing
and storing information for a variety of reasons. These include the costs
associated with data loss, misinformation, and computer error highlighted
earlier, and the potentially costly consequences that may follow such errors.
The changes in the storage and use of data
have resulted in the need for auditors to perform audits on the computer systems
installed for this purpose. It is necessary to ensure that information, as an
asset, is properly safeguarded. Data must be properly captured and be complete
and accurate. One must also ensure that the computer system employed is both
effective and efficient in the management of data. For example, under the
International Standards on Auditing (ISA) 15, auditors must consider how a
computer information systems (CIS) environment will affect their audit. This is
necessary because a CIS environment may have an impact on the procedures that
auditors should adopt to obtain a sufficient understanding of the accounting and
internal control mechanisms of the company. It will also have implications on
the risk assessment considerations that auditors should consider and the design
and performance of audit tests.
7. Investor Involvement
Investors also play an important role in corporate governance. Ownership of
shares gives them the right to assess the performance of directors through the
appointment and remuneration process. They are also in a position to introduce
good corporate governance practices in the operating framework of the company
themselves. For example, as regards listed companies, investors may express
their displeasure by divesting their interest in the company and this will be
reflected in the market through a reduction in the price of the company's
shares. To enable investors to monitor the company's progress and respond
appropriately to corporate performance, investors must be able to obtain
relevant information about the company in an efficient and timely manner.
One of the key controls associated with good corporate governance and management
practice is the prompt and accurate disclosure of information. There has been a
growing realization that corporate reporting is likely to shift from being
regulation-led to being market and stakeholder led. The availability of new and
more efficient methods of managing information has an impact on this too.
Improvements in information management brought about by IT make the collecting
and collating of information a much speedier process. This has enabled quicker
disclosure, thus reducing the time gap between the time management receives the
information and the time it is disclosed to the public.
In recent years, there has also been a
growing trend for companies to contact and communicate directly with their
shareholders instead of going through brokers. The ability to provide up-to date
information directly to shareholders through the internet will empower investors
to inquire into specific areas of the company's operations. At the same time, it
provides the company with the means to explain investment decisions and policies
directly to shareholders as and when these take place, potentially leading to
improved governance and accountability.
Another profound effect of the IT revolution
concerns the breaking down of geographical boundaries. This pushes countries to
review national laws and regulations and may even force companies to meet global
standards of disclosure and performance. Generally speaking, the effect of these
developments will probably be to hasten a review of the disclosure policies and
practices of stock exchanges and companies throughout the world.
The use of IT in information management
therefore sets the scene for the introduction of higher standards of disclosure.
Giving investors access to relevant information as frequently and quickly as
possible permits them to make better-informed decisions and allows them to voice
their views on corporate performance more effectively. There is nothing, in
fact, to stop companies from adopting a disclosure policy that provides
financial information other than just their annual reports (such as monthly
balance sheets and profit and loss accounts), or any other relevant information,
over the internet. The use of real time technology can even provide information
on transactions as and when they take place. The argument that the cost of such
an exercise would be disproportionate to the benefits no longer holds water.
Many companies already have in place computerized accounting systems capable of
providing such information which may even be customized to suit the needs of the
relevant stakeholder. Reporting may be done on a continuous basis rather than
periodically. The potential that IT affords may well change the process and
purpose of corporate reporting into a new and ever-evolving creature.
9. Minority Protection
Controlling shareholders have a general duty to act bona fide for the good of
the company. By giving equal access to information to all shareholders, minority
shareholders would be more protected against abuse as they would be better able
to obtain the necessary data and evidence to support any derivative action. Also
it is highly likely that controlling shareholders would be less inclined to
abuse their position if they knew minority shareholders had access to this
10. Impact on Regulatory Bodies
Various bodies are involved in regulating the operating of companies. Such
entities usually have a record keeping function and are empowered to investigate
the affairs of companies to guard against fraud and to ensure compliance with
relevant legislation and regulations. These records are generally available to
the public and may be used to monitor corporate activity. These entities are
increasingly using IT to facilitate the collection, storage, collation, and
provision of information. The Australian Securities Commission's electronic lodgement system (EDGE), its electronic database of corporate information
(ASCOT), and its internet-linked electronic search and retrieval network (DOCIMAGE)
are examples. Aside from facilitating the keeping and provision of records, such
systems can also perform a useful monitoring function and improve corporate
11. Determination of Control
As ownership of corporate wealth becomes increasingly dispersed, control and
ownership also diverges. In addition, control of the corporations that generate
and distribute this wealth is also beginning to lie in fewer hands. This results
in the need to monitor the activities of those in control to ensure that they
act, not in their own interests, but for the benefit of the owners of the
company (ie the general body of shareholders). In order to do this, one must
first be able to determine who controls the company and how this control is
achieved. It is also necessary to monitor their interests in other companies to
keep an eye on potential conflicts of interests.
It is therefore important to be able to
trace and track ownership of interests in corporations. Many individuals and
families today maintain control over large conglomerates through
This involves the use of multiple layers of companies whereby those on the upper
levels hold a majority or controlling stake in companies on the lower levels.
Through such devices, parties can legally control companies at the lowest levels
while actually owning only a fraction of their shares. Being able to trace
ownership is necessary to hold controllers accountable to other interest holders
of the company. It is also vital for the purposes of determining shadow
directorships and breaches of fiduciary obligations (eg where it is alleged that
directors are or have acted in conflict of interest).
Accurate tracking of changes in ownership is
also essential because it assists not only in alerting investors to shifts in
the balance of power of companies but it also helps to guard against insider
trading. In addition, management may use such information to alert themselves to
any possible hostile take-over attempts.
Company law provides the mechanisms for
tracing and tracking ownership through the maintenance of registers. Companies
are required to maintain a register of shareholders and, where listed, are
required to maintain a register of substantial shareholders. A
directors interests is also kept to make available information about the
various interests directors may have in the company. While this does assist in
pinpointing the major controllers of a company, the task is made doubly
difficult when one attempts to trace the ownership of large groups of companies
or where there is a high degree of cross share-holdings. These difficulties will
be compounded by the fact that one will have to seek such information from a
variety of offices thereby making the process tedious and time-consuming.
12. Other Potential Applications
With the increased efficiency with which information may be managed, a similar
system of central data management may be implemented as regards other aspects of
corporate operations. Thus, information pertaining to transactions involving
directors, related party transactions, preferences etc may all be tracked and
traced. Likewise, a company's financial performance may also be tracked and made
readily available. This would complement the disclosure regime suggested in the
earlier part of this paper. Such a system, if implemented, would make the
regulatory authority a one-stop shop for all corporate information for
investors, financiers, creditors, financial analysts and advisors, as well as
the company itself. It would also place the regulators in a better stead to
conduct inspections and investigations into the affairs of companies where
called for. It is also possible for regulators in different jurisdictions to
share information, thus setting the stage for trans-border regulatory systems.
Major Hurdles In
Using I.T. For C.S.R.
There are significant hurdles to the implementation of a regulatory system with
latest advancement of Information Technology. First, there is the question of
cost. The potential beneficiaries of improved corporate governance standards are
the companies themselves, those who have an interest in the performance of the
company and, at a macro level, the state. One must weigh the economic and social
cost of setting up such a network and at the same time, determine how this price
tag should be borne by the various interested parties. However, as IT continues
to get gradually cheaper and more companies embrace its use, cost will doubtless
become less of a concern.
Second, all parties must agree on the
appropriate IT protocols and standards to adopt. Over the years, individual
companies may have developed their own standards according to their specific
internal IT needs.
There is also the issue of exposing
companies to security risks whilst participating in an open information network.
However, much has been done in terms of the design of tools and systems to
minimize the incidence of computer hacking and interference with data. These
include computer programs designed to protect web sites and to detect
unauthorized interference with or entry into designated computer information
systems, and legislation imposing severe penalties for such unlawful action.
This concern is also likely to weigh less on the minds of IT users as knowledge
of these new technologies becomes more widespread and users understand the
extent to which security risks may be controlled.
Finally, an issue attracting much debate
relates to fears of loss of privacy. Exactly how much information should be
provided? Will the availability of information increase vulnerability to
takeovers or unnecessarily expose companies' weaknesses to competitors? How does
one achieve a balance between protecting public investors and preserving the
privacy of major shareholders and individual directors? While there have been
calls for developing markets to move towards a more disclosure based regime,
these concerns must be addressed in any attempt to encourage or compel companies
to support and adhere to such a regime.
CSR simply means that the business enterprise must meet its basic obligations to
the society. As observed, some of the actions under CSR are a part of the daily
business activities of companies. In fact, it should be etched in their mission
and corporate responsibility statement to reflect their commitment towards it.
Hence, the whole deliberation over CSR can be succinctly summarized in terms of
the ‘FREEDOM’ we envisage for the society:
F - Fairness in dealings;
R - Responsibility towards the environment and the society;
E - Empowerment of masses to remove un-freedoms
E - Ethical conduct of financial dealings and corporate governance;
D - Development of social and economic infrastructure;
O - Opportunity creation for public welfare and social enlistment;
M - Moral actions of paying taxes and fair treatment of labour;
The increased dependence on IT for our
information needs is leading us down a path of no return. Undoubtedly, new
technology has given life to new business opportunities. Increased access to
information has placed more power in the hands of those parties responsible for
the various corporate governance mechanisms of companies. But with power comes
responsibility. High standards of corporate governance can only be achieved if
parties are able and willing to actively fulfill their respective roles in
achieving such standards. No doubt, advances in IT will continue to alter the
significance of information both as a business tool and as an asset.
Consequently, corporate governance mechanisms that involve the protection and
generation of information must adapt to these changes. As highlighted above,
this will have an impact on the role of corporate directors, auditors,
investors, and regulators. It is therefore imperative that these parties
familiarize themselves with potential IT applications in their respective
corporate governance roles as well as the emerging legal issues and problems
that are likely to arise.
The author can be reached at :