(c) Risk monitoring more important in larger companies than in smaller companies?
Small companies exist in different strategic environments to large companies and because of this, a number of differences
apply when it comes to corporate governance systems. There are a number of compliance issues, for example, where large
companies are required to comply with provisions that smaller companies are not. Some of the differences in regulation and
shareholder expectations are driven by differences in the legal status of the organisation (e.g. whether incorporated, whether
listed, where domiciled, etc).
In the case of risk management systems in smaller companies, there will be a lower overall (aggregate) loss to shareholders
than in a large company in the event of a major risk being realised. In larger companies, especially listed companies, a major
event can affect markets around the world and this can affect the value of many funds including pension funds, etc. This is
unlikely to be the case in any given smaller company.
Many smaller companies, including SmallCo, are privately owned and they are therefore not subject to listing rules and, in
some cases, other legal regulations. In many smaller companies, any loss of value when a risk is realised is a personal loss
to owners and does not affect a high number of relatively ‘disconnected’ shareholders as would be the case in a large public
company.
Risk probability and impact is often correlated with size. Smaller companies have fewer risks because of their lower profiles,
fewer stakeholders and less complex systems than larger organisations. Accordingly, the elaborate risk management systems
are less necessary in smaller companies and could be a disproportionate use of funds. This is not to say that smaller
companies do not face risks, of course, but that the impacts, say to shareholders or society, are less with a smaller rather
than a larger company because of the totality of the losses incurred.
The costs of risk monitoring and control may often outweigh the impacts of losses being incurred from risks, if not in a single
financial period then maybe over a period of years. There are substantial set-up fixed costs in establishing some risk
management systems and, in some cases, variable costs also (e.g. linked to production output). With fewer total risks, there
could be less value for money in having risk controls.
In summary, risk committees and risk mitigation systems are more important in larger companies than in smaller companies.
However it is good practice for all companies, however small, to carry out some form of risk monitoring in order to remain
competitive in their environment.
3 (a) Conflict of interest and discuss the consequences.
Conflict of interest
A conflict of interest occurs when a person’s freedom of choice or action is constrained by a countervailing interest, which
means that the most objectively correct course of action cannot be taken. The discretion to act correctly is fettered by the need
to protect a related but contradictory interest. In the case of Jojo Auditors, Jack Hu experienced a conflict of interest between
carrying out the agreed policy of dismissing all students assessed as ‘poor’ (such as Polly Shah) and his familiarity with the
Shah family and his making a personal gain from the family in the form of free holidays.
Consequences
Mr Hu acted against the best interests of the firm including his fellow partners. In his role as managing partner, he owes it
to the other partners, and to the employees and clients of the firm, to act responsibly and always in the best interests of the
firm. His conflict of interest prevented this from happening.
In acting as he did, Mr Hu compromised the other committee members and made them compromise their own professional
values. Both the training manager and the representative from human resources are engaged in order to maximise their benefit
13to Jojo and as managing partner, Mr Hu ‘bullied’ them into accepting his view. This decision undermined the training manager
and thus circumvented the normal chain of command in matters of student assessment.
He knowingly allowed a technically weak student to be retained thereby potentially compromising the quality and integrity of
the audits she would work on. He owes a professional duty to the shareholders of the companies that Jojo audits. Audits
should be conducted diligently, and technical accuracy should underpin the application of auditing standards and in following
procedures and protocols. A technical weakness (such as Polly’s) would potentially weaken the effectiveness of the audit and
hence be a failure of a duty of care to the client’s shareholders.
In acting as he did, Mr Hu gave the appearance of unfairness and a lack of objectivity. The appearance of integrity and
probity is important in leading organisations and even were it not true, Mr Hu allowed his integrity and objectivity to be seen
as questionable. Once discovered to have made the decision he did, confidence in the assessment process at Jojo would have
been lost and this could have the effect of damaging its reputation as a provider of training contracts, and therefore in the
services provided by the firm.
