Governance pillar tips
Evidence-driven governance cadence for boards and executives
These steps combine Zeph Tech briefings with IFRS Foundation guidance, UK Corporate Governance Code revisions, SEC climate disclosure requirements, and investor stewardship codes.
Assign owners, due dates, and documentation to each task so assurance teams can demonstrate accountability.
Board and committee structure
- Refresh charters. Update audit, risk, ESG, and technology committee charters to reflect UK Corporate Governance Code 2024 internal control statements and DORA board accountability clauses.
- Define competencies. Document director skills matrices covering financial reporting, cybersecurity, sustainability, and regulatory expertise; align with Nasdaq board diversity Rule 5606 disclosures and FCA Listing Rule 9.8 diversity reporting expectations.
- Succession planning. Maintain board and executive succession plans with annual stress tests and emergency designations.
Reporting and disclosure
- Integrated reporting pack. Consolidate financial, risk, cyber, and ESG dashboards with narrative context, materiality assessments, and assurance conclusions for quarterly board meetings.
- Disclosure controls. Align disclosure committee workflows with COSO Internal Control—Integrated Framework ICFR, ESMA European common enforcement priorities, SEC climate disclosure timelines, and CSRD ESRS tagging requirements.
- Stakeholder communication. Publish stewardship reports aligned to the UK Stewardship Code and PRI transparency reports, documenting investor engagement outcomes.
- Incorporate ESRS quick-fix relief. Apply the November 15, 2025 briefing to refresh sustainability evidence packs, PCAOB QC 1000 alignments, and audit committee certifications ahead of financial year 2025 reporting.
Assurance coordination
- Combined assurance map. Document first, second, and third line coverage for key risks; note reliance on external assurance providers and regulatory inspections.
- Audit readiness. Prepare evidence repositories for internal audit, external auditors, and sustainability assurance, including sample selection, testing results, and management responses.
- Issue tracking. Maintain a consolidated log of audit findings, regulator feedback, and investor commitments with closure status and owner accountability.
Stakeholder engagement
- Investor dialogue. Schedule pre-AGM engagement with top shareholders, Climate Action 100+ signatories, and proxy advisors; track commitments and board feedback.
- Regulator interface. Assign owners for FCA, SEC, ESMA, and national environmental regulator communications, ensuring timely responses and board notifications.
- Workforce voice. Capture employee sentiment via engagement surveys, works councils, and whistleblower channels; present metrics and remediation plans to the board.
Strategy and risk integration
- Scenario planning. Run climate, cyber, and supply chain scenarios aligned to TCFD scenario guidance and NGFS climate scenarios; review capital allocation implications during strategy sessions.
- Risk appetite calibration. Update risk appetite statements to reflect geopolitical, regulatory, and technology shifts; tie metrics to board-approved thresholds.
- Remuneration linkage. Align executive incentives with verified KPIs (safety, emissions, digital resilience) and document rationale per ISS 2024 benchmark policies and Glass Lewis 2024 policy guidelines.
- Embed climate-risk oversight. Follow the August 26, 2025 interagency climate-risk governance briefing to evidence board review of appetite statements, scenario outputs, and management reporting ahead of 2025 supervisory exams.
Monitoring and continuous improvement
- Annual effectiveness review. Conduct board and committee effectiveness assessments referencing FRC Guidance on Board Effectiveness; capture action plans and status.
- Training program. Deliver annual director education covering regulatory updates, ESG assurance, and digital risk; record attendance and materials.
- Metrics dashboard. Publish quarterly dashboards on control effectiveness, ESG progress, regulatory compliance, and stakeholder sentiment for ongoing oversight.