I am working on a specula principum for the Big Four (four cutting edges, like a Wilkinson Sword Quattro: they are Deloitte, KPMG, E&Y and PwC). I'm focusing, obv., on their provision of assurance of corporate responsibility reporting.
I've drafted this wish-list of features which I think a good assurance engagement should have. I'd love to hear your views (I mean anyone!).
Is there something I've left out?
I've tried to be as ambitious as possible, but are some of these just completely unrealistic longings?
"CR" stands for "Corporate Responsibility" (something like CSR, corporate citizenship, or sustainability). "CRR" stands for "Corporate Responsibility Reporting." CSO and NGO are "Civil Society Organisation" and "Non-Governmental Organisation."
Third-party involvement in CRR: best practice and risks
(1.1) Stakeholders - best practice
Critical independence
- The assuror is an expert on the public interest, conceived as a global phenomenon ("the common good" etc.)
- The assuror constantly maintains its expertise through consultation with -- and procurement and recruitment from -- CSOs, NGOs, academia, business, grassroots activists, the political class, and through original research
- The assuror's opinion is widely regarded as credible, but the assuror's ultimate reference standard is the public interest, not the protection of its own credibility
- The assuror doesn't take the existence and salience of different stakeholders as a "given," but considers how CR and CRR can influence the formation, salience and empowerment of stakeholder constituencies
- The assuror also takes into account the formation of different stakeholder models and representations by CR and CRR -- different ways of imagining or modelling stakeholder expectations
- The assuror recognises itself as a stakeholder, and does not present itself as neutral
- The assuror recognises that it is a nexus of stakeholder views
- The assuror itself is subject to independent oversight
- The assuror employs third (fourth, I suppose?) parties to double-blind assure randomly selected CRR assertions
- The assuror treats liability as a transformative instrument, not just as a risk to be avoided
- The assuror’s employees possess independence of mind
- The assuror’s independence is not structurally compromised
- The assuror always constructively criticises the reporting entity’s CR and CRR (there are no clean bills of health)
- Criticism is always addressed by the reporting entity, not normalised as a permanent feature of CRR
- The assuror ensures that stakeholder conflict is reflected in the reporting entity's CRR
(1.2) Stakeholders - risks
Independence is confused with objectivity
- The CRR obscures the political dimension of the reporting entity’s activities -- disguising political conflicts with winners as losers as "challenges" which can be tackled to everyone's satisfaction
- Processes which cannot be quantified are neglected
- Processes which cannot be validated are neglected
- Measureable indicators are mistaken for hard facts
Pandering to stakeholders
- Stakeholder-orientation leads to neglect or misuse of expert knowledge
- Stakeholder-orientation leads to overemphasis on credibility at the expense of accuracy
- Goals which cannot be associated with specific stakeholders are ignored
Inventing stakeholders
- Stakeholder-orientation causes assurors and reporting entities to see well-defined constituencies where no such constituencies exist
- "Communities" or "the community" abstract away real differences, fragmentation and conflicts among stakeholders
Malign transformation of stakeholders
- “Symbiotic” stakeholder constituencies, which legitimate corporate activities in return for minor concessions, marginalise other stakeholders
- Traditional democratic resources are eroded by the emergence of corporate stakeholder constituencies (e.g. time spent in stakeholder dialogue is diverted from traditional civic participation)
- Improvements in CR damage the identities of critics of the reporting entity (e.g. critics are marginalised, "defeated" and/or radicalised, rather than transferred to new appropriate targets)
- CR compels individual stakeholders with unique characteristics to assimilate into blocs
(2.1) Holism - best practice
Intelligent responsibility
- CRR allows corporations, states, CSOs, NGOs, international institutions and other actors to dovetail their efforts towards achieving the public interest
- The assuror helps the reporting entity to define scope and materiality, not just test accuracy
- Materiality is defined with respect to the public interest
- The burden of proof lies with the assuror in determining that it or the reporting entity “is not in the business of [x]” (i.e., that [x] is a matter for private morality / government regulation / someone else in the supply chain etc.)
Intelligent comparability
- CRR identifies the real drivers of CR and allows easy policy transfer to underperforming entities
- CRR encourages the growth of SRI and engages in critical dialogue with ranking agencies and investors
- CRR is tailored by context, including entity size, industry, sector and geographical spread
- CRR occurs at the appropriate organisational level, which may be above or below that of corporate reporting
- At each level, CRR facilitates CR at every level -- e.g., CRR at the level of the individual corporation facilitates the launch of CR programmes at the industry level
(2.2) Holism - risks
Inappropriate responsibility
- In defining materiality, the survival or “success” of the reporting entity takes precedence over public interest
- In defining materiality, partial social goods, such as job security or local community development, take precedence over public interest
- The reporting entity’s CR is benchmarked against a limited model, against competitors, or against an abstract idea of “public expectations” or of “progress”
- Too many scenarios and interactions are considered, incurring unecessary costs and obscuring priorities
- Responsibility is confused with accountability, making it difficult to tell where accountability channels exist
- CR successes are “consolidated” by unnecessary or counterproductive regulative regimes
- The assuror and / or the entity hold unrealistic expectations about the limits of the law
Inappropriate comparisons
- CRR invites misleading comparisons, either because reports are insufficiently tailored to context, or because errors occur in translating between contexts
Malcoordination
- Different visions of the public interest interfere with one another
- Important issues “fall between the cracks” between businesses, states, assurors and other actors
- Corporations are encouraged to try to replicate context-specific or one-off successes
(3.1) Business case - best practice
Conflicts of interest
- The assuror does not just avoid conflicts of interest or seek to neutralise them with Chinese walls, but resolves them in favour of the public interest
Appropriate scope and depth
- Neither assuror nor reporting entity view assurance as primarily a commodity
- Where possible, assurance is not a commodity - for example, provided free of charge with large contracts, or incorporated into the assuror's own CR programmes
- The assuror achieves the appropriate balance between driving change and ensuring comparability across reporting entities
- Assurance always contains "spot checks" in which randomly selected material items are assured to a higher level than they otherwise would be
- The scope of the engagement between the reporting entity and the assuror is not determined by the reporting entity, but by the global public interest
- The scope of the engagement between the reporting entity and the assuror is not determined by the assuror, but by the global public interest. Increases in scope are not reflected by increases in fees (for example, the expanded scope engagement could be passed over to a second assuror)
- The scope of the engagement is not limited by financial considerations - if the reporting entity cannot afford the required level of engagement, the assuror or some other actor meets the funding gap
- The assuror drives change at substantive, procedural and cultural levels
- Assurors and reporting entities achieve the appropriate balance between long-term relationships and fresh perspectives
- Assurance involves a long-term on-site presence
- Assurance involves off-site interviews of employees and management
(3.2) Business case - risks
Assurors sell legitimacy
- CRR is callibrated to maximise legitimacy, not to accurately reflect CR
“Box-ticking”
- CRR is dominated by a compliance-orientation
Cultural change is emphasised in the wrong areas
- Compliance-orientation is underused. CR which could safely and easily coordinated through systems rationality places an undue burden on communicative rationality
Notes
At the moment, I'm coming at the issue from the perspective that "stakeholder" is in danger of becoming a magical concept, capable of solving any CR problem. But the definition of a stakeholder is notoriously contested, and certain groups of stakeholders may simply get certain issues wrong.
Once I've finalised my model of a perfect assurance engagement, the next step is to see how the Big Four measure up to it! Then to insinuate myself as a mist under boardroom doors.
No comments:
Post a Comment