A number of pertinent matters are dealt with in the NamCode. These include:

• Matters concerning the board and directors, such as the composition of the board, duties of the chairperson and the CEO, the board appointment process, director development, remuneration, and performance assessment of directors
• Clearly defined role and functions of the audit committee to include integrated reporting (both financial and sustainability reporting), responsibility for risk management (including IT risks) and the introduction of a combined assurance model
• While not a new concept, emphasis on the risk based approach to internal audit
• Inter-relation between risk management and the company’s strategic and business processes, as well as the three lines of defence for risk management i.e. line management, risk experts and thirdly assurance functions
• Alternative dispute resolution and stakeholder relationships
• IT Governance and IT risk management
• Compliance with laws and regulations

There is no statutory obligation on companies to comply with the NamCode. The underlying intention of the NamCode is not to force companies to comply with recommended practice, but rather for companies to ‘apply or explain’. Directors are accountable to shareholders and other stakeholders, and where directors opt not to implement the recommended practices as set out in the NamCode, they should be able to explain their reasoning and motivation to the shareholders. Having been drafted by the Namibian Stock Exchange, this code is of particular relevance to listed entities.

As directors are accountable for compliance with their duties towards the company (including the fiduciary duty and the duty of due care and skill), they need to ensure that each and every decision is taken with care. Indeed, every decision counts!

Most, if not all of the recommended best practice principles set out in the NamCode relate to the legal duties of a director to exercise their powers and perform their functions in good faith and for a proper purpose in the best interest of the company, and with the degree of care, skill and diligence that may reasonably be expected of a director. As such, the NamCode constitutes a valuable guide to directors and other office bearers to ensure compliance with corporate law. It is recommended that directors pay close attention to the enumerated principles, and aim to apply all such principles. Of course, where they choose not to apply or to apply a particular principle differently, they should be able to explain that decision to shareholders.

The NamCode builds on the principle of the triple bottom line by emphasising sustainability. The concept of the triple bottom line was introduced into King II to emphasise the need for companies to account not only for economic and financial issues, but also for social and environmental issues.

Directors have accountability to shareholders and an obligation to all stakeholders to ensure that the company’s resources are utilised in a manner in which the continuing viability of the company is safeguarded. This involves not only environmental sustainability (resource management with an eye on future needs), but also issues such as social responsibility (ensuring a positive impact on the community within which the company operates), respect for human rights, and the effective management of stakeholder relationships (including the utilisation of alternative dispute resolution mechanisms to resolve potential disputes efficiently, expeditiously and inexpensively).

A focus on sustainability will not only positively impact a company’s risk management, but also its strategic planning processes. Governance, strategy and sustainability have become intrinsically linked, and directors should ensure that the company’s strategy accounts for sustainability issues and report all such issues to the relevant stakeholders.

The NamCode also points out that the economic value of a company can no longer be based on the balance sheet only. Rather, the economic value will be impacted by a range of non-financial issues such as brand and reputation, stakeholder relations and goodwill, an evolving and forward looking strategy, environmental sustainability, social responsibility, quality of governance, etc.

The NamCode advocates a risk based approach to internal audit. In order for internal audit to contribute to the attainment of strategic goals, the function should understand the strategic direction and goals of the company, and develop a programme to test the internal controls vis-a-vis specific risks.

The internal audit function should provide assurance with reference to the adequacy of controls to identify risks that may impair the realisation of specific goals as well as opportunities that will promote the achievement of the company’s strategic goals.

The NamCode emphasises the fact that risk management should be seen as an integral part of the company’s strategic and business processes. The board remains responsible for risk management and should pay particular attention to a number of specific risks, including reputational risk, sustainability risk, IT risk and the risk of the unknown. The company’s approach to risk management should be intrusive to ensure that risks are properly assessed and managed. The NamCode identifies three lines of defence for risk management namely

1.Line management

2.Risk experts

3.Assurance functions.

As IT systems have become such an integral part of doing business, the NamCode now provides specific guidelines to guarantee effective IT governance. It is necessary for directors to ensure proper management of operational risk with regard to IT systems and security. Directors need to take the necessary steps to preserve the authenticity, confidentiality, security, and integrity of data, as well as the availability, reliability and functioning of IT systems.

The board is responsible for overseeing the management of the company’s compliance risk and is liable for the consequences of non-compliance. In turn, management is responsible for the effective management of the company’s compliance risk. The board should ensure awareness of and compliance with statutory, regulatory and supervisory requirements throughout the business. The board may mandate management to establish a compliance function to implement measures and procedures to ensure that the board’s policy on compliance is observed.

Alternative dispute resolution has become a trend worldwide, and not merely as an alternative to the judicial system. Rather, alternative dispute resolution can be used as a management tool to avoid potential disputes, manage and preserve stakeholder relationships and resolve disputes expeditiously and inexpensively. It also provides a mechanism to arrive at novel solutions which considers the needs of both parties without the enforced legal constraints of the judicial process.  This approach is in line with the directors’ duty to act in the best interest of the company and their duty of care. The inclusion of dispute resolution clauses in contracts, as well as the utilisation of formalised alternative dispute resolution channels, is recommended.

The NamCode proposes that companies institute measures to ensure that they are able to proactively manage the relationships with all their stakeholders (including shareholders), and companies should encourage constructive stakeholder engagement. The board should strive to achieve the correct balance between the interests of all its various stakeholder groupings and promote mutual respect between the company and its stakeholders.

The NamCode confirms the role of the Board as the focal point for corporate governance. In doing this, the NamCode has embraced the term Responsible Leadership, under which it has characterised a model Board of Directors.

• The Board has collective responsibility to provide and ensure good governance. As such, it is the responsibility of the directors to ensure, among others that the company:
• operates ethically and with integrity, and as a responsible corporate citizen;
• accounts for the interests of the community within which it operates;
• integrates strategy, performance and sustainability;
• complies with laws and regulations;
• identifies and manages risks; and
• employs structures and processes to ensure the integrity of its financial reporting.

Although the directors are ultimately accountable for adherence to best practice principles, the direct responsibility of the Board is focused on the design and adoption of adequate policies, inculcating the required culture to adhere to such policies, and the subsequent oversight of the implementation of such policies. Management bears responsibility for the implementation of policies.

In order to ensure the effective functioning of the Board, the NamCode proposes a unitary board structure comprising executive, non-executive and independent non-executive members. The Board should be chaired by an independent non-executive director.

The NamCode further proposes a formal election and induction process for new Board members, and emphasises the importance of effective performance management. It also provides guidance on remuneration of directors and the composition and responsibility of Board committees. Specific provision is made for the audit committee and the risk committee.

The NamCode deals specifically with the composition and functions of the audit committee. The audit committee should be appointed by the shareholders and comprise at least three independent non-executive directors.

The NamCode proposes a number of functions for the audit committee which should include:

• Overseeing financial risks and reporting;
• Overseeing internal financial controls;
• Overseeing fraud  and IT risks as they relate to financial reporting;
• Overseeing integrated reporting (both financial and sustainability reporting);
• Satisfying itself with regard to the expertise, resources and experience of the finance function;
•  Overseeing the internal audit function;
• Playing a key role in the risk management process; and
• Overseeing the external audit process.

The NamCode introduces the concept of integrated reporting (which explains how the company creates value in the short, medium and long term). The board may delegate the review of integrated reporting to the audit committee. In this regard, the audit committee should consider and recommend to the board the need to engage external assurance providers to provide assurance on the accuracy and completeness of sustainability reporting.

The NamCode adopts a wide approach to the audit committee’s responsibility for financial risk and reporting and prescribes that this should include:
Financial risks and reporting;

• Review of internal financial controls;
• Fraud risks; and
• IT risks.

The NamCode further introduces the combined assurance model, providing a co-ordinated approach to all assurance activities. In terms of this model, assurance should be done on three levels, i.e. management, internal assurance providers and external assurance providers.

Monitoring

• Board effectiveness reviews (including sub-committee evaluation);
• Board performance evaluation procedures;
• Combined assurance assessment; and
• Internal Control written assessments.

Assessment

• King III maturity tool;
• Global corporate governance leading practice benchmarks; and
• Emerging trends and practices.

Development

• Governance transformation roadmap;
• Delegation of authority frameworks;
• Board and committee structure, composition, membership, roles and processes; and
  
• Succession planning.

Implementation

• Governance Education – Boards & Management;
• Corporate governance models & transformation;
• Governance of risk;
• IT Governance frameworks;
• Ethics / code of conduct;
• Sustainability, social responsibility and environmental practices; and
• Shareowner and stakeholder engagement and management.