Can ethics be audited?

“Is it really common practice that CFOs are ethical?” The question came from Emma Mashilwane (pictured), Head of Risk Advisory Services at auditing and advisory firm Nkonki. On the first day of Finance Indaba Africa 2017, held in mid-October at the Sandton Convention Centre, Emma gathered a group of top experts to discuss the role of finance as a custodian of ethics and governance. She posed the question: How can a CFO balance ethical and governance controls with the need to not be perceived as stifling business?

The experts on the panel included Natasha Camhee, CEO of Arenkwe Governance Services, and two CFOs: Ntombi Mothibeli of Hosmed Medical Scheme and Dineo Molefe of T-Systems South Africa. Emma challenged the panel with a direct and controversial question right from the beginning of the discussion, which proved to be a theme running through the session – and in many ways through her own career: “Can ethics be audited?”

Emma’s career path has taken her from articles at KPMG, to the defence industry, a BEE company, back into KPMG, and eventually saw her headhunted to lead the revitalisation and growth of the internal audit portfolio at Nkonki. Under her watch over the last six years, the portfolio didn’t only grow significantly in revenue but also in headcount and intellectual capital.

To do this, Emma focused on a broad skill set and complex approach to internal audit. The team now includes such diverse professionals as engineers, quantity surveyors and specialists in areas such as SHEQ, revenue assurance and capital projects assurance, as well as the CA, CIA, CISA and CFE skills. As Nkonki can now provide better of depth of insight and assurance, the firm’s evolution neatly matches the transformation of the typical CFO role from bean counter to business partner.

Connecting the dots
This broad and complex nature of the role also emerged strongly in the Finance Indaba panel discussion. The two CFOs on the panel described how they see their role as “connecting the dots” across their organisations, and the breadth of functions and departments that fall under their watchful eye, including legal, procurement, strategy and HR.

As Natasha explained, ethics is the right thing to do, while governance is concerned with what you have the right to do. She argued that considering the ethics and governance of our actions is now unavoidable for CFOs, adding that ethics should be the “business” of the whole business, and that CFOs should lead in that regard.

Ntombi was quick to concur, adding “ethics are embedded in everything we do”. She said:

“If you look at the principles of procurement, for example, ethical behaviours are built in. They are so fundamental, so second-nature that they become part of everything you do.”

Do the right thing
“As a CFO, you don't get to see every transaction in a company, or sit in on every session where critical decisions are made,” said Emma. “But through the delegation of authority, you are entrusting management to do the right thing. You can't keep looking over shoulders.” This is easier said than done. “You don't want to delegate authority but disempower people by constantly checking up on them. I see that with my clients. That is the challenge the CFOs and board members face.”

Dineo replied without mincing her words: “As finance people, we take it for granted that we operate in an ethical sphere; that all financial professionals just do the right thing. That we do the basics like making sure there is budget, a contract, that the price is market-related. Today, I call them the basics, but we see so many instances of misapplication that for many I fear these are not so basic.”

That is why Dineo believes it is important for finance to make sure the rest of the business is aligned. She said:

“When the business is under pressure, people might want to take shortcuts. As the CFO, I need to know what is in place before I sign that paper. A CFO’s core responsibility is to lead from the front and lead by example. If I am on an exco, and I see my colleagues not thinking like me about issues of ethics and governance, I must keep reminding them of our obligations to do so.”

Risk register
Emma pointed out that this will be even more crucial with the expectation for CFOs to report any instances of noncompliance with laws and regulations as per the requirements of the NOCLAR standard (Non-Compliance with Laws and Regulations) issued by the International Ethics Standards Board for Accountants. “Delay doesn’t mean denial,” Natasha added. “You as the CFO must push the team to follow all the processes, and you have a challenge to frame the conversation in that way.”

Given these points, argued Emma, aren’t ethics something that might make for an important section in a risk register? And if we conceded that, surely then we are saying that risk (and with that ethics) can indeed be audited?

The end of the discussion brought the original question back on stage: can ethics be audited? The panel broadly agreed with Ntombi, who argued that this can be achieved by using solid internal audit application, and ensuring that there is an effective combined assurance model to enable discussion of issues of ethics among all assurance providers. “Embed ethics right into the performance objectives and cascade it up,” said Ntombi. As CFOs and as finance professionals, we must be ethical even when nobody is watching, summated Emma. “We need to be the torch bearers of ethics within the organisations we lead.”