Legal Consultation

What you need to know about board structures and controls

The structure and controls of a board play a pivotal role in ensuring accountability, transparency, and ethical behaviour within a company.

Legislative framework: The Companies Act 71 of 2008 is the primary regulator of business and it provides requisite guidelines for board structures and controls. The Companies Act lays down the foundation for corporate governance principles and practices. It emphasizes the importance of establishing independent boards that acts in the best interests of the company and its stakeholders.

Furthermore, the King Reports on Corporate Governance also provide recommendations and guidelines for board composition, risk management, ethics, and disclosure practices.

The King Reports emphasize the need for effective risk management systems and internal controls. Boards are expected to establish robust risk committees to identify, assess, and mitigate risks. These controls include regular monitoring of financial performance, internal audits, and compliance with applicable laws and regulations.

Board structures: The Companies Act encourages the appointment of both executive and non-executive directors, ensuring a separation of powers and independent oversight. Non-executive directors are expected to bring diverse skills, experience, and independent judgment to the board, contributing to better decision-making and accountability.

Various types of board structuring and controls are implemented to ensure effective corporate governance. These include:
1. Independent directors who bring objectivity and impartiality to board decision-making. Independent directors are not affiliated with the company or its management, enabling them to provide independent oversight. They play a critical role in safeguarding shareholder interests and ensuring the board's accountability; and
2. Board committees which are instrumental in strengthening governance controls. One of the key committees is:
a. Audit committees: They are mandated by the Companies Act. They play a vital role in ensuring financial transparency and the integrity of financial reporting. This committee consists of independent non-executive directors and is responsible for reviewing financial statements, risk management, and internal control systems.

Board controls:
Codes of Conduct and Ethics Policies: Board structuring also places emphasise on the adoption and implementation of codes of conduct and ethics policies. These documents provide a framework for ethical behaviour, guiding directors' conduct and ensuring adherence to high standards of integrity, transparency, and accountability.

Compliance and Internal Controls: Compliance with applicable laws, regulations, and corporate governance codes is also emphasised. Boards establish internal control systems to ensure compliance, prevent fraud, and safeguard the company's assets.
Overall, boards are expected to provide accurate and timely information to shareholders and stakeholders. This includes financial reporting, annual reports, sustainability reports, and disclosure of material information that may impact the company's performance or reputation.

What is a GCR framework?

A Governance, Compliance, and Risk (GCR) framework is a structured approach that organisations use to manage and address various aspects of governance, compliance, and risk management within their operations. It is a critical framework that companies adopt for decision-making processes and management of the company.

The GCR framework depends on three important components being:
1. Governance: Governance frameworks typically outline the roles and responsibilities of key stakeholders, establish reporting structures, and set guidelines for ethical behaviour and integrity.

Governance requires implementing structures, policies, and procedures to ensure effective decision-making, accountability, and transparency within the organisation. It also includes board oversight, ethical guidelines, and performance monitoring.

The Companies Act serves as the primary legislation governing corporate governance in South Africa. It sets out the responsibilities of directors, requirements for financial reporting, and provisions for shareholder rights and engagement.

The King Reports on Corporate Governance provides guidelines and principles for good corporate governance in South Africa. The King Reports emphasises ethical leadership, accountability, transparency, and stakeholder inclusivity.

2. Compliance: Compliance encompasses the adherence to laws, regulations, standards, and internal policies that apply to an organisation's operations.

Compliance frameworks help organisations establish processes and controls to ensure that they meet legal and regulatory requirements, industry standards, and internal policies. For example, companies should ensure that their operations comply with the Companies Act, Labour Relations Act, Basic Conditions of Employment Act (BCEA) and Employment Equity Act.

It is also important for companies to comply with industry-related regulatory requirements. For example, the financial sector is regulated by the Financial Sector Conduct Authority (FSCA).

 For the compliance framework to be successful, it requires risk assessments, monitoring and reporting mechanisms, training programs, and audits to ensure ongoing compliance.

3. Risk: This involves identifying, assessing, and mitigating risks that could impact an organisation.

It allows organisations to make informed decisions and take appropriate actions to minimize potential negative consequences. Risk management typically involves risk identification, risk assessment, risk mitigation strategies, risk monitoring, and regular review and update of risk management practices.

Examples of risks faced by companies include operational risks, financial risks, market risks, technology risks, environmental and social risks, legal risks, reputational risks, and strategic risks.

A GCR framework helps organizations maintain ethical standards, minimise legal and regulatory risks, and enhance overall governance and operational efficiency. Furthermore, for the GCR framework to thrive, it requires companies to establish clear guidelines, establish accountability mechanisms, and regularly update risk management practices.

Overall, the benefits of implementing a GRC framework for the company outweighs the costs of doing so. Companies with a GCR framework make informed decisions, identify, and mitigate risks more effectively, ensure companies stay updated with applicable laws, and industry standards, increase accountability and transparency and improve operational efficiency. GRC frameworks should be developed and adopted based on the company’s industry, size, and specific regulatory requirements.

Therefore, it is important to engage with external auditors, consultants, and legal advisors to ensure compliance and effective implementation of their GRC frameworks.

Establishing Clear Ownership and Governance Structures for Long-Term Business Success

Good corporate governance is vital for a business’s success. This includes establishing an organisational structure to promote effective decision-making and any disputes that may arise in process. 

Corporate governance is a set of rules, practices or processes that are aimed at controlling how the company operates and ensuring it operates efficiently, ethically, and in the best interests of all stakeholders. It has a focus on the decision-making processes, risk management and the company’s operations are overseen by the directors. Good governance of the company can lead to long-term success and sustainability. For a small business, it can also help to avoid legal issues and to have clearly defined business responsibilities.

An important way to establish a clear ownership structure which determines the company’s decision-making structure is by establishing the following: 
  • Shareholders: they own shares in the business, provide it with capital and review company results, set company goals and appoint the board of directors as well as oversees it. This information is to be documented in a Shareholder’s Agreement – which is documented to protect the interests of both the shareholders (minority and majority) and the business. 
  • Board of directors: directors give oversight and guidance on strategic decisions that may have an impact on the success or failure of the business. They also oversee the performance of the business, safeguard the business assets and report back to the shareholders. Depending on the size of business, appoint directors that are internal and external, and if possible, directors who are not connected to the company. 
  • Organisational structure: a well-designed and clearly defined roles and responsibilities that all members at all levels understand their roles and positions and how they contribute to the success of the business.

The main difference between shareholders and directors in decision-making is that the shareholders are the business owners, and their voting rights are dependent on the number of shares they own. Directors are responsible for the day-to-day management of the business and usually make collective decisions, unless specific powers and responsibilities have been delegated. 

Effective corporate governance is crucial for a company's health and longevity. Clear roles, responsibilities, and decision-making structures prevent legal issues, promote transparency, and build stakeholder trust. Good governance fosters growth and ensures ethical, accountable operations, positioning the company for future success.

Creating a conflict of interest policy to prevent decision-making biases

A conflict of interest can arise at a senior level or even at a general employee level. It is important to have a policy governing how conflicts will be managed should any arise and how to prevent biases that affect business decisions.

A conflict of interest can be defined as a personal circumstance that makes it difficult for a person to carry out their professional duties. Simply put, it arises when a personal interest conflicts with a professional duty, forcing that individual to choose between the two.

Types and examples of conflicts:
  • Financial conflicts – a financial interest or directorship in a company that competes with or does business with your employer.
  • Relational conflicts – directly reporting to someone you are closely related to or romantically involved with.
  • Professional conflicts – a legal representative representing opposing parties who are in conflict over the same matter.
  • Ideological conflicts – when personal beliefs and values clash with professional duties.
  • Time-based conflicts – doing external work in the time that you are supposed to be doing work for your employer.
  • Organisational conflicts – when an entity’s interests conflict with those of its stakeholders or the public.

Duty on a Director to Declare Conflict of Interest
It is a legal requirement and duty for a director to avoid conflicts of interest. A director must disclose his personal financial interests, and that of any person or entity related to them, in any matter that is to be considered by the board of the company. The director must then recuse themself from the decision to be taken and they may not vote on that matter. The Companies Act ensures that directors are held accountable for any such conflicts and that any approved transactions are approved in the best interests of the company. If a director fails to take steps to avoid a conflict, they may be held liable for breach of their fiduciary duty and for any loss that the company suffers as a result.

General disclosures are made prior to joining the business, and then at least annually or when there are significant changes by designated persons for general interests and interests that could potentially cause a conflict. Specific disclosures must be made for specific interests that could cause a conflict and which most likely is related to a matter that is under consideration by the board. This is done if and when the specific interest arises.

Conflict of Interest Policy
A Conflict of Interest policy is essential for promoting transparency and ethical decision-making. Clear guidelines, training, and regular disclosures help the company mitigate risks and ensure decisions prioritise the stakeholders’ best interests.

Training and awareness of the Policy
Training and awareness are vital for promoting the policy and procedures, while also promoting a deeper understanding of conflicts of interest to guide better decision-making. A good training programme will be aimed at all staff that may need to make disclosures.

Key elements & terms of a Conflict of Interest Policy
  • Objectives of the policy: what it aims to achieve Scope: who it applies to
  • Definitions
  • Governing law and compliance with internal company regulations and policies
  • Provisions:
     o Decisions to be taken in the best interest of the company.
     o Business opportunities that belong to the company are not to be taken by employees and designated individuals.
     o Immediate disclosures of any conflicts.
     o Designated individuals are to abstain or withdraw from discussing, voting and decision making if a conflict exists or may arise.
     o Senior management is to lead by example and provide guidance.
     o Newly appointed individuals are to disclose any conflicts immediately during the hiring / appointment process.
     o Senior Management must update their disclosures at least annually to the Compliance Officer, or any other person in charge of the Conflict 
         of Interest Policy.
     o Training and awareness on conflict of interest.
     o Regular reporting of Conflicts of Interest and review of the Policy.
     o Record keeping and documenting of a Conflict of Interest register.

An effective conflict of interest policy is a cornerstone of good governance. By ensuring transparency, accountability, and adherence to ethical standards, the policy safeguards the integrity of the company’s decision-making processes. Regular training, clear guidelines, and a culture of openness empower all stakeholders to act in the best interests of the company, fostering trust and long-term success.

Establishing a code of ethics to guide employee and director behaviour

A code of ethics sets ethical standards and principles that governs the conduct of contractual and non-contractual stakeholders of a company. These principles guide parties to conduct business with honesty and integrity. 

The purpose and significance of a code of ethics is it clearly outlines the ethical standards that should guide interactions between a business and its stakeholders, both contractual and non-contractual and business operations. This is beneficial to the business and also to the community in the long term because it is in line with the triple bottom line approach, which focuses on profit, people, and the planet.

A code of ethics helps members make good decisions. Whereas, a code of conduct sets expectations for employee behaviour, for example being on time. Companies use a code of conduct to promote professionalism. A code of ethics is therefore not a legally binding document – it is considered to be more of an inspirational document based on morals and values, and therefore cannot be used to build a case against one who has contravened the code. Whereas, a code of conduct, on the other hand, is a conditions of service document that should be complied with. It would therefore be worthwhile to have a code of ethics vetted by a legal practitioner.

Reporting an ethical violation may vary for each company:
  • A company may have a policy (like a Whistleblowing policy) that addresses the reporting of incidents or violations.
  • Reports may be submitted to a designated individual.
  • Reports may be submitted to a designated hotline or email address.
  • Reporting an incident may be done confidentially and anonymously. 

Consequences of unethical conduct
Common examples of unethical behaviour are fraud, tax evasion, employee exploitation, unethical accounting practices, false advertising, and misuse of company time and resources by employees. These actions carry consequences, sometimes that can be overturned and remedied, but in other instances have a lasting and unrecoverable effect:
  • Reputational damage and loss of credibility: stakeholders have a tainted view of the company’s reputation and credibility. Loss of trust in the brand can affect sales and demand for services and even investments. 
  • Decreased productivity and employee turnover: employees become demoralised, affecting productivity and resulting in loss of talent and high employee turnover. 
  • Legal issues: legal implications and possible criminal charges for designated individuals.
  • Financial loss: fines and penalties in addition to financial losses the company makes.

Training and Awareness of the Code 
As the code of ethics is being implemented, there must be an ongoing and continuous creation of awareness to bring the code to the relevant people. In doing this, there would be an increase in attention and the likelihood of the code being used to guide behaviour and decision. Employee and stakeholder awareness of the code must be regularly monitored. The code can also be included in the company’s employee induction programmes for new joining employees, and it is also to be used during ethics training programmes.

The code of ethics should be reviewed annually, and any necessary amendments are to be made based on the business developments and any external legal developments that would have an impact on the business. It is also recommended that the code be reviewed against a leading practice standard by an objective internal or external expert who was not involved in the development of the code. In this review, the reviewer must consider the form and content of the code. 


A good code of ethics fosters a positive culture, reduces unethical behaviour, and protects the company’s reputation. Regular training, awareness, and reviews keep the code relevant and effective in promoting ethical conduct.

How to create a succession plan to ensure leadership continuity in a small business

Succession planning is essential for ensuring leadership continuity in small businesses. This is a business strategy that ensures the future of a business by preparing for future leadership and ownership transfer by identifying and developing employees to take over leadership roles should someone leave the business. It's important for SMMEs because it can help prevent businesses from collapsing when key individuals leave, ensuring smooth, uninterrupted operations.

Choosing a Potential Successor
There are 4 options for choosing a successor, with skills, experience, and leadership abilities being key considerations: 
  1. Family business: A family member is typically chosen to succeed. 
  2. Business with multiple partners: A business partner, already invested in the company, provides stability and continuity. 
  3. Internal candidates: Existing employees already know the business and its operations, which ensures continuity and stability.
  4. External candidates: New candidates require time to integrate and understand the business operations.

Some Qualities to Identify a Good Successor
  • Technical Skills and Experience
  • Leadership Qualities
  • Interpersonal Skills
  • Financial Resources
  • Commitment and Vision
  • Compatibility with the Company Culture

Identifying key leadership roles to plan for
The following factors can guide the evaluation and identification process of positions which are critical in ensuring the business’s ongoing success with minimal interruption: 
  • The position significantly impacts the operations, strategising and decision-making of the business.
  • The position requires specialised expertise, training, or experience.
  • The role has a high talent scarcity or risk.
  • The role is required for future organisational success.

Create a succession plan
  • Develop successors through training once the successor and role have been finalised.
  • Provide mentorship, leadership opportunities and exposure to strategic decision making.
  • Document the succession plan in detail, with a clear outline of responsibilities and transition timeline.
  • Communicate the plan with stakeholders timeously.
  • Review and update the plan regularly to ensure that it aligns with current business goals and objectives.

Succession planning maintains stakeholder relationships (staff, customers, suppliers, investors and other stakeholders) and their expectations, preserving their business confidence. The company suffers minimal disruption in fulfilling its mandate and it is prepared for stability and growth. 

In doing this, future talent, successors and leaders need to be developed and trained by considering:
  • career pathing for employees
  • current talent pipeline of potential candidates who are being developed and groomed 
  • ongoing training for all staff but specifically for selected potential successors.

A well thought out succession plan is crucial for the long-term success of small businesses. Identifying and developing future leaders ensures continuity, protects stakeholder relationships, and prepares the business for future challenges.