2022

SGV thought leadership on pressing issues faced by chief executives in today’s economic landscape. Articles are published every Monday in the Economy section of the BusinessWorld newspaper.
21 March 2022 Christiene R. Matic

New VAT zero-rating rules and requirements under CREATE

Upon the effectivity of the Corporate Recovery and Tax Incentives for Enterprises (CREATE) Act on April 11, 2021, a new requirement to support the VAT zero-rating of local purchases of registered business enterprises was introduced.CREATE required registered business enterprises to prove that their local purchases of goods and services are directly and exclusively used in their registered activities to be accorded 0% VAT rating. Several issuances were subsequently published, which placed many taxpayers in limbo because of the seemingly conflicting provisions related to the VAT zero-rating of local purchases.Almost a month before the anniversary of CREATE, the Bureau of Internal Revenue (BIR) recently issued Revenue Memorandum Circular (RMC) No. 24-2022, which intends to harmonize and clarify the new VAT zero-rating rules and requirements under CREATE.CROSS-BORDER DOCTRINE NOW ‘INEFFECTUAL AND INOPERATIVE’Before CREATE, Ecozones and Freeport zones were regarded as foreign territories (by way of legal fiction) under RMC No. 74-99 and RMC No. 7-2007. Under the cross-border doctrine, sales to registered business enterprises located within these Ecozones and Freeport zones could be treated as constructive exports subject to 0% VAT.However, following the effectivity of CREATE, the cross-border doctrine is no longer applicable. This is because CREATE expressly requires registered export-oriented enterprises to prove the direct and exclusive use of their purchases of goods and services in its registered activities, a departure from the old rule which generally anchored zero-rating of purchases on being economic zone locators.To add, the availment of VAT zero-rating for registered export-oriented enterprises becomes subject to certain parameters regardless of location (i.e., time-bound as it becomes subject to the conditions and period of availment in Sections 295 and 296 of CREATE) under Section 294(E) and Section 295(D) of the Tax Code, as amended by CREATE.It now provides that the effective VAT zero-rating will only apply to the sale of goods and services rendered to persons or entities which have direct and indirect tax exemptions pursuant to special laws or international agreements to which the Philippines is a signatory.Based on these developments under CREATE, investors may now consider reassessing incentives that were previously location-based.CHANGES TO VAT ZERO-RATINGSince the effectivity of CREATE, the VAT exemption on imports and VAT zero-rating of newly registered and existing registered business enterprises (RBEs) only applied to goods and services that are directly and exclusively used in the registered project or activity of registered export enterprises. The phrase “directly and exclusively used in the registered project or activity of registered export enterprises” was explained under Q&A No. 13 of RMC No. 24-2022 as those raw materials, inventories, supplies, equipment, goods, packaging materials, services, including provision of basic infrastructure, utilities, maintenance, repair and overhaul of equipment, and other expenditures that are directly attributable to the registered project or activity, without which the registered project or activity cannot be carried out.In the case of common expenses, taxpayers were directed to adopt a method to best allocate goods or services purchased (e.g., the use of separate water and power meters among activities). Otherwise, if the proper allocation could not be determined, then the purchase of such goods will be subject to 12% VAT. The RMC also made it clear that services for administrative purposes, such as legal, accounting and other similar services, are not considered directly attributable to and exclusively used in the registered project or activity.Previously, a VAT zero-rating certificate was the only document that must be provided by a registered export enterprise to their local suppliers. However, RMC No. 24-2022 introduced additional requirements on top of the VAT zero-rating certificate, such as a photocopy of the export enterprise’s BIR Certificate of Registration, a sworn declaration stating that the goods or services being purchased are to be used directly and exclusively in the registered project, and other documents to corroborate entitlement to the VAT zero-rating.These documents include but are not limited to duly certified copies of the purchase order, job order or service agreement, sales invoices and/or official receipts, delivery receipts. Registered export enterprises should also expect some changes in the VAT zero-rating certificate that will be issued by its Investment Promotion Agency (IPA), which would now include the applicable goods and services meeting the direct and exclusive use criteria.Registered export enterprises must strictly observe the abovementioned criteria and documentation in order to prove the VAT zero-rating of its local purchases of goods and services. This means that registered export enterprises may need to factor in additional compliance requirements to avail of the VAT zero-rating and be able to sustain a claim of VAT zero-rating if eventually audited by tax authorities.The role of tax managers, compliance officers, custodians of records, and the like may have to be expanded as well to ensure that the necessary documentary requirements are secured in a timely manner, compliant with the existing requirements under our tax rules, and would still be available in the event of a tax audit.EXPORTER TAX TREATMENT BEFORE CREATEQ&A No. 23 of the same RMC clarified that registered export enterprises existing prior to CREATE continue to enjoy VAT zero-rating on their local purchases until the expiration of their incentives, as specified in the Implementing Rules and Regulations of CREATE. However, the direct and exclusive use criteria must still be met. Otherwise, sellers of goods and services will be required to pass on the 12% VAT to their registered export enterprise customers within the Ecozone.The RMC further explained that any input VAT passed on for purchases of goods and services not directly and exclusively used in the registered project or activity may no longer be used to apply for a VAT refund. Instead, the RMC presented three options that a registered export enterprise may avail of:• A VAT-registered taxpayer enjoying an income tax holiday (ITH) may claim the passed-on input VAT as credit against future output VAT liabilities; or• Accumulate the input VAT credits and claim for VAT refund upon expiration of its VAT registration (i.e., end of ITH and 5% SCIT incentive commences); or• Charge to cost or expense account if non-VAT registeredSimilarly, existing export enterprises which are already under the 5% gross income tax (GIT) and special corporate income tax (SCIT) were required to change their registration status from a VAT-registered entity to non-VAT within two months from the effectivity of RMC No. 24-2022.It must be noted, however, that the input VAT charged to cost or expense account may not qualify as a “direct cost” for an export enterprise that is already availing of the 5% GIT or 5% SCIT. In which case, there would be no tax benefit on any input VAT passed on by its local suppliers.ACTION PLAN MOVING FORWARDWith the effectivity of RMC No. 24-2022, registered export enterprises and their domestic sellers of goods and services must familiarize themselves with the new principles and additional requirements of VAT zero-rating on local purchases.Given the strict “direct use” requirements, registered export enterprises may consider performing a careful review of their local purchases of goods and services to identify whether or not they meet the criteria. Export enterprises with a more complex business structure (i.e., those with multiple registered activities) and those which incur significant amounts in common expenses may revisit their allocation method among registered and non-registered activities.Otherwise, without diligent study, a registered export enterprise may face a significant amount of input VAT that it may not be able to recover. This article is for general information only and is not a substitute for professional advice where the facts and circumstances warrant. The views and opinions expressed above are those of the author and do not necessarily represent the views of SGV & Co.Christiene R. Matic is a director from the Global Compliance and Reporting service line of SGV & Co.

Read More
14 March 2022 Rossana A. Fajardo

Opportunities for tech companies to seize in 2022 (Second Part)

(Second of two parts)As the digitalization of the world economy further accelerates, the technology sector will likely continue to grow, especially now that vaccines and proactive health and safety measures are helping manage the pandemic. In line with this, EY ranks the top 10 opportunities from its annual report that technology companies should seize for growth while navigating volatility and risks in 2022.In the first part of this article, we discussed the first five opportunities: attracting and retaining more motivated people in a hybrid workplace, strengthening growth profile with M&A, securing business continuity by de-risking supply chains, embedding security in new activity designs, and leading in ESG to strengthen stakeholder relations.In the second part of this article, we continue by discussing the remaining five: transforming the business for consumption-based sales, realigning tax organizations with digital business models, streamlining operations and increasing agility, cultivating customer trust to drive digital engagement and anticipating the transition to 5G technology.TRANSFORM BUSINESS FOR CONSUMPTION-BASED SALESDuring the pandemic, consumption-based business models offered a higher valuation from investors and better protection against economic volatility compared to traditional one-off payments. With more and more customers preferring the flexibility of cloud-based services and software, subscription payments are expected to rapidly replace traditional license payments over the next five years.In order to enable this shift, companies need to change their pricing tools, transform their sales organizations, adopt new incentive schemes, realign their major business processes and track different performance indicators. Though the transition will be challenging, companies will be rewarded with more time to build customer relations, recurring revenues, and the opportunity to generate higher revenues from each user through upselling and cross-selling.REALIGN TAX ORGANIZATIONS WITH DIGITAL BUSINESS MODELSTaxation and legislation changes are targeting the technology sector worldwide, with governments looking to shift the taxation base to capture more value from the growing economic contributions made by digital services. Sudden changes are caused by trade disputes and governments who are looking to protect or strengthen their key industries, and this often includes technology segments.Tech companies need a robust approach to global trade and taxation with regard to their large international footprints as well as their large base of assets, both material and immaterial. This approach has to be built on early planning, real-time insights and an agile operating model. STREAMLINE OPERATIONS AND INCREASE AGILITYWith the current unprecedented economic uncertainty and volatility, customer preferences are shifting overnight and causing large swings in demand. This is especially true in the technology sector. The risk profiles in the sector have also changed due to supply chains getting stretched and geopolitical factors influencing trade. This further increased the need for organizations to transform.To remain competitive, tech companies need to match operational agility with the future levels of volatility in their business. This can be achieved by leveraging data analytics, cloud capabilities and automation tools, streamlining business processes, and identifying ways to simplify the organization.CULTIVATE CUSTOMER TRUST TO DRIVE DIGITAL ENGAGEMENTDigital companies rely on trust to keep driving customers to visit, interact and share the necessary data to create a business and drive growth. Because alternatives are a click or two away, a lack of trust can instantly send customers to competitors.EY research has found that the main drivers of trust and distrust include transparency, ethics, security, regulatory compliance and content. To gain the trust of customers, companies must prioritize protecting customer data and maintain clear policies on dealing with issues that include fake content, discrimination and online abuse. A digital trust strategy that incorporates all the elements of trust has to be established.PREPARE FOR 5G ADOPTIONThe tech industry is gearing up for large-scale implementation with the rollout of 5G driving revenue across the entire technology stack. According to Reimagining industry futures, an EY survey of attitudes across multiple enterprises worldwide, a little over half of enterprises at 52% are more interested in 5G now compared to before the pandemic. This shows that 5G is not just a new connectivity standard, it is also expected to change how objects and devices interact as well as how machine learning and data analytics can be used to improve logistics, identify supply chain bottlenecks and reshape customer interaction.As many as three out of four enterprises in the survey believe that 5G will be integrated into their business processes over the next five years, but for this to happen, tech companies need to prepare adoption roadmaps and use cases to stay ahead.EMBRACING OPPORTUNITIES FROM VOLATILITY AND RISKAlthough the world is still experiencing uncertainty from geopolitical issues and the pandemic, these risks reshape the opportunities that can help tech companies develop new markets and increase their competitiveness. Regrouping organizations around security and trust to increase stakeholder commitment as well as organizational transformation and the adoption of new business models can help drive market relevance and agility. This article is for general information only and is not a substitute for professional advice where the facts and circumstances warrant. The views and opinions expressed above are those of the author and do not necessarily represent the views of SGV & Co.Rossana A. Fajardo is the EY ASEAN business consulting leader and the consulting service line leader of SGV & Co.

Read More
07 March 2022 Rossana A. Fajardo

Opportunities for tech companies to seize in 2022 (First Part)

(First of two parts)With the world now able to control the ongoing pandemic better thanks to vaccines and other health and safety measures, the technology sector will more likely continue to grow as the digitalization of the economy further accelerates. In line with this, EY shares its annual report, Value Realized, ranking the top ten opportunities that technology companies should seize this year. Companies who act on these may find opportunities for growth while navigating volatility and risks in 2022.In the first part of this article, we discuss the first five opportunities: attracting and retaining more motivated people in a hybrid workplace, strengthening your growth profile with M&A, securing business continuity by de-risking supply chains, embedding security in new activity designs, and leading in environmental, social, and governance (ESG) to strengthen stakeholder relations.ATTRACT, RETAIN MORE MOTIVATED PEOPLE IN A HYBRID WORKPLACEAlthough finding capable talent has always been a challenge and major concern in the tech sector, the pandemic only increased the urgency in addressing this issue. Companies who are investing in growth will need more salespeople to strengthen their salesforce and more engineers in their research centers.Most tech companies are discussing a partial and staged return to the physical office while trying to balance the preferences and needs of a modern workforce and manage the costs involved. A recent EY survey also cites that nine out of 10 employees demand flexibility in when and where they work and are prepared to resign if this demand isn’t met.However, although employees have mastered working from home, the hybrid model will pose new challenges related to motivating employees and work culture. Companies will need to be able to optimize flexibility, rewards and experience to present a package that can attract the best talent as well as retain them.STRENGTHEN GROWTH PROFILE WITH M&AA little over half of the technology executives surveyed in the 23rd EY Global Capital Confidence Barometer acknowledge that organic growth can be difficult in the near term, with 51% saying that they intend to pursue mergers and acquisitions (M&A) in 2022 to sustain growth. The deal market is expected to stay healthy despite increased financial uncertainty and regulatory scrutiny.Acquisitions will be able to reignite growth through the addition of technologies, distribution channels, business solutions and end markets to a company portfolio. Moreover, divestments can help companies veer away from solutions that require different capabilities from what the company possesses, as well as from market segments with slower growth. The right M&A strategy will result in a better growth profile, while divesting of non-core businesses will help reshape portfolios out of declining businesses.  SECURE BUSINESS CONTINUITY BY DE-RISKING SUPPLY CHAINSSupply chains came under massive pressure from geopolitical events and market volatility, with tech companies dealing with two major bottlenecks in the past months: the availability of components and logistics. Though it can be argued that these issues are temporary and have also hit the entire industry, some have managed them better than others.Tech companies will need to carefully assess and de-risk their supply chains, all the way from the vendors of their vendors down to the customers of their customers. There is no one size solution for this; different risk profiles in the supply chain will require different policies surrounding sourcing contracts and inventories. Issues in logistics can also lead to changes in preferred manufacturing and distribution footprints, but real-time visibility can help identify bottlenecks at an early stage. Furthermore, new technologies such as digital twins, which are virtual representations that serve as real-time digital counterparts of physical objects or processes, and 3D printing could also reduce the degree of disruption.EMBED SECURITY IN NEW ACTIVITY DESIGNSData security and integrity have never been more important than during the pandemic, with more flexible ways of working introducing more sources of risk. A large number of companies had to change their IT structures in rapid response to the pandemic but were not able to sufficiently consider cybersecurity in advance. This resulted in more disruptive attacks and led to increased concerns with regulation compliance.In order to turn data integrity into a business driver and avoid major disruptions, tech companies must embed security and privacy in the design of any new activities. This includes the cyber team in the startup phase of new projects, realigning business objectives with data security, and reviewing the necessary talent profiles to do so.LEAD IN ESG TO STRENGTHEN STAKEHOLDER RELATIONSWhile tech companies have traditionally focused on sustainability, stakeholders and consumers want more, with rising expectations to drive positive environmental and social outcomes. Employees want to make a meaningful impact, and investors demand sustainable investments. Moreover, enterprise customers look to the technology sector to implement new technologies that can help drive sustainable outcomes of their own.This is why tech companies should lead by example, drawing up long-term value propositions and communicating them with their stakeholders. This includes ESG commitments supported by transparency, top-down organizational changes, and reporting on relevant key performance indicator (KPIs).In the second part of this article, we discuss the other five opportunities tech companies can seize in 2022: transforming the business for consumption-based sales, realigning tax organizations with digital business models, streamlining operations and increasing agility, cultivating customer trust to drive digital engagement, and preparing for the shift to 5G. This article is for general information only and is not a substitute for professional advice where the facts and circumstances warrant. The views and opinions expressed above are those of the author and do not necessarily represent the views of SGV & Co.Rossana A. Fajardo is the EY ASEAN business consulting leader and the consulting service line leader of SGV & Co.

Read More
28 February 2022 Katrina F. Francisco

Can ESG data and insights deliver long-term value?

Environmental, social and governance (ESG) driven approaches are rapidly becoming mainstream in the investor and corporate communities, according to the 2021 EY Global Institutional Investor Survey. This is an annual survey that the EY Global Climate Change and Sustainability services team commissioned from a third party with the main objective of examining the views of institutional investors on the use of nonfinancial information in investment decision-making.The survey notes three important themes that stand out: (1) the COVID-19 pandemic has been a powerful ESG catalyst; (2) there is a growing focus on the transition to a net zero economy, and climate change is increasingly central to investment decision-making; and (3) better quality nonfinancial disclosures and a clearer regulatory landscape, coupled with sophisticated data analytics capabilities, will enable ESG to realize its potential.THE COVID-19 PANDEMIC ACTING AS A POWERFUL CATALYSTInvestor attitudes towards ESG have undergone a rapid evolution under the pandemic. Now it’s seen as a central element to the investor decision-making process.The survey data shows that, since the pandemic started, 90% of investors are attaching greater importance to corporates’ ESG performance when making investment decisions, and 86% of those surveyed said that a robust ESG program impacts analysts’ recommendations.In addition, COVID-19 has made investors more likely to divest based on poor ESG performance with 74% saying so, while around 86% said that having a strong ESG performance impacts their decision to hold on to an investment.The way the pandemic has highlighted past and current issues on social inequality has also magnified the importance of social considerations, with consumers mobilized on social issues and investors placing a greater focus on the “S” element of ESG. The top 5 social concerns taking center stage, based on the survey, are: (1) consumer satisfaction, (2) diversity and inclusion, (3) impact on local communities, such as job creation, (4) workplace and public safety, and (5) labor standards and human rights across the value chain.Because of this, the investment industry faces a major challenge moving forward on how to access and analyze the data required to link social impact to financial performance. Without this information, it will be difficult to achieve a comprehensive inclusion of these factors into portfolio decision-making processes.CLIMATE CHANGE AT THE HEART OF DECISION-MAKINGWhen the pandemic struck, many feared that it might put an end to the growing interest of investors on climate change. This fear did not materialize.The significant progress that happened within the investment industry stems from the fact that the pandemic provided a stark and tangible example of what can happen when we fail to tackle systemic risks in our society. Investors could see what might happen to the economy if efforts to address climate change fail. This was further compounded by the results of the Intergovernmental Panel on Climate Change’s (IPCC’s) Sixth Assessment Report (AR6), which found that without “immediate, rapid and large-scale reductions” in emissions, curbing global warming to either 1.5˚C or even 2˚C above pre-industrial levels by 2100 would be “beyond reach.”Investors have become increasingly aware of the risks posed by climate change, and they want their investments to reflect their preferences. Since there is an increased pressure to address the impact of climate change, investors surveyed said that they are placing a significant focus on their portfolios’ exposure to climate risk, with 77% indicating that they are devoting time to evaluate the impact of physical risks, while 79% saying that they will devote time to evaluate the implications of transition risks, into their asset allocation and selection decisions.As decarbonization is crucial to investment decision-making, and with the goal of making progress towards net zero, it is crucial that companies and investors undertake robust scenario planning. This translates the theories related to climate change impact into practice and helps ground the discussion about incorporating decarbonization factors into an organization’s strategies so that it is not just an afterthought when considering the investment opportunities or the risks involved with operations.PERFORMANCE TRANSPARENCY AND ANALYSIS CAPABILITY IS THE FUTURE OF ESG INVESTINGWhile investors are considering ESG performance as central to their decision-making, there are two priorities that could help to realize its full potential.First is the better-quality ESG data from companies and clearer regulatory landscape. These two factors allow investors to conduct a more structured and methodical evaluation of disclosures.This is crucial as there has been an increasing concern of investors about the usefulness of key aspects of companies’ ESG disclosures, with 51% of investors saying that current nonfinancial disclosures are not able to provide insight into how companies create long-term value, which was only 41% in 2020. In addition, despite the importance of ESG performance reporting to the industry, the transparency and quality of ESG disclosures, mainly around materiality, have been an ongoing concern, where 50% of investors surveyed said that they are concerned about a lack of focus on material issues — an increase from 37% in 2020.Moreover, investor and corporate communities are broadly aligned on the importance of uniform standards and they believe that it would be helpful if risk transparency, reporting and assurance of disclosures were mandated by policy. As much as 89% of investors surveyed said they would like to see the reporting of ESG performance measures against a set of globally consistent standards become a mandatory requirement.What this will lead to will be higher quality disclosures around ESG performance, which in turn can underpin good business management to help build and preserve stakeholder trust. The actions relating to the formation and the formal launch of the International Sustainability Standards Board (ISSB) during COP26 is a step in the right direction to more globally consistent standards.Second, building data analytics capabilities and improving data management would be key to helping corporates produce trusted ESG performance reporting, with investors to incorporate that insight into their investment decision-making process.Technology and data innovation can help corporates improve the way they collect, aggregate and own their data and help investors integrate ESG data into the investment analysis.ACTIONS FOR CORPORATES AND INVESTORSAs ESG factors play an important role in economic health and recovery, there are a number of important actions for both the corporates issuing ESG reporting and the investors that will utilize that information.Corporates should consider (1) having a better understanding of the climate risk disclosure element of ESG reporting, since there is growing pressure for companies to do more, (2) making strategic use of the sustainability and finance functions to help inject rigor and factor in materiality into ESG reporting, mainly because investors are concerned about the veracity and credibility of companies’ ESG performance data, and (3) deepening engagement with investors and understand how nonfinancial disclosures help differentiate an entity from its competitors.Investors should consider (1) updating investment policies and frameworks for ESG investments along-side building an ESG-driven culture, (2) updating approaches to climate risk management to understand the potential consequences of climate risks over different time horizons, and (3) putting in place a bold and forward-looking data analytics strategy.With the increasing expectation that businesses create, protect and measure value across a broad group of its stakeholders, they can fully embrace ESG by ensuring that the risks it brings are managed and by fully taking advantage of the opportunities that come with it. This way, companies can better articulate how they are creating long-term value for all stakeholders. This article is for general information only and is not a substitute for professional advice where the facts and circumstances warrant. The views and opinions expressed above are those of the author and do not necessarily represent the views of SGV & Co.Katrina F. Francisco is a senior director from the Climate Change and Sustainability Services of SGV & Co.

Read More
21 February 2022 John N. Panes

Shifting to a zero-trust mindset

As the world continues to operate under remotely while grappling with the pandemic, the danger of cyberattack remains a constant threat. The current situation has resulted in people using their own devices and networks to ensure business continuity from anywhere, but these are not as secure as corporate systems and connections, and cybercriminals are not letting these easy opportunities pass.Data security is more critical than ever, with traditional data protection techniques functioning under a “trust but verify” strategy. This perimeter-driven paradigm entrusts its internal users with unobstructed network access and provides security controls only for external or untrusted networks. However, this introduces the issue of misplaced trust that can lead to the IT landscape of an organization being exposed to vulnerabilities.With organizations dramatically accelerating their transformation journey, effective cybersecurity that expands beyond the organizations’ territories becomes even more significant — and this is where the concept of zero trust comes in.Zero trust is a security model based on the principle of maintaining strict access controls without trusting anyone by default, including internal users. Everyone is trusted by default in a traditional IT network, and once an attacker gets inside the network, they are free to move and gain access to protected customer data, intellectual property, or network controls. Zero-trust application security understands that attackers can be present both within and outside of a network, which is why zero-trust policy enforcement dictates that no user should be trusted automatically.With effective zero-trust frameworks in place, organizations can enforce several critical steps as part of their arsenal to reduce cyber risk while establishing access and identity controls.THE NEED TO ADAPT ZERO TRUSTNewer organizations are now adapting this model as it requires a simpler approach but at the same time yields ever stronger security controls.The “trust but verify” strategy is no longer an option as targeted, more advanced threats are now capable of moving inside the corporate perimeter. Because of the nature of remote working, accessing applications from multiple devices outside of the business perimeter has become even more prolific. This results in the increasing risk of exposure to data breaches, malware and ransomware attacks.The zero-trust paradigm requires organizations to continuously analyze and evaluate the risks that involve their business functions and internal IT assets, then form strategies to mitigate them. The zero-trust model also restricts access by only providing access to users who need it while depending on whether they successfully authenticate each access request. The purpose of this process is to help eliminate unauthorized access to services and data while employing a positive security enforcement model. Because it uses a different lens to view data protection, the zero-trust model allows certain criteria that govern access and restrictions. STEPS TO START THE ZERO-TRUST JOURNEYThe looming challenge for these organizations actually involves where to start. They can begin their zero-trust journey with three simple steps, starting with building a zero-trust center of excellence. This entails creating a cross-functional working group of all the teams that will be working together on a zero-trust architecture. This includes cybersecurity and IT teams that will handle actual deployment, as well as business leaders who will help define the necessary business objectives to ensure successful implementation.Second, the center of excellence will need to engage in workshops to ensure that everyone is aligned and understands the basic concepts of this model, the business objectives of the organization, and what to protect — data, applications, assets, and services (DAAS). The prototype zero-trust network can be planned during the workshop to allow IT and security practitioners in the organization to better move to a more formal design phase.Third, start with something low-risk, instead of proceeding ahead with the “crown jewels” of the organization. Deploy zero trust first in an environment where implementation teams can get hands-on experience and develop confidence as they build this simpler but more secure network.MAXIMIZING DATA SECURITY WITH ZERO TRUSTWhile there are many misconceptions surrounding the zero-trust architecture model, from its overall functionality to implementation, organizations can focus on five major aspects identified by Murali Rao, EY India Cybersecurity Consulting Leader, to better maximize their data security.Prioritize top risks. Organizations must understand the attack surface and threat landscape to qualify risks, before prioritizing the ones that will need the most focus.Enterprise-wide policy. Organizations will need to set policies according to the sensitivity of services, assets and data housed. The potential of zero-trust architecture relies on the access policies that organizations define.More granular network enforcement. Organizations must always assume that the network is hostile, and that they cannot trust any user or incident. This will mean removing implicit trust from the network and building trust into devices and services.Implement the zero-trust network based on an inside-out view. Organizations need to include zero-trust architecture as part of their overall transformation strategy. They will also need to implement technologies that help achieve zero trust as their transformation moves them more to the cloud and retires old legacy systems.A strong Identity and Access Management. Organizations need to work on the authentications of their workloads, devices and users. Technologies such as privilege ID management, multifactor authentication, behavioral analytics and file system permissions must be enforced based on defined rules to minimize the compromise of trust.THE KEY TO SUCCESSFUL ZERO-TRUST ARCHITECTURE ADOPTIONBreaches that result in lost or stolen data cost organizations significant financial and reputational damage. The zero-trust model aids in both simplification and standardization of access control enforcement across an enterprise with improved compliance and the continuity of critical business processes, and it is most effective when integrated across the entire digital IT estate.In an era where customers, partners and the supplier ecosystem access data and services from literally anywhere, applying a zero-trust model reduces the risks of security issues that arise due to how organizations often lean on perimeter-based approaches.This article is for general information only and is not a substitute for professional advice where the facts and circumstances warrant. The views and opinions expressed above are those of the author and do not necessarily represent the views of SGV & Co.John N. Panes is a manager from the Technology Consulting practice of SGV & Co.

Read More
14 February 2022 Leonardo J. Matignas Jr.

The CEO as the overall risk executive

We all understand the critical role played by the Chief Executive Officer (CEO) in protecting and enhancing the company’s value, but we should consider that the CEO is also responsible for managing significant uncertainties that may become obstacles to the achievement of the company’s objectives or desired outcomes. These uncertainties are referred to as business risks. This makes the CEO the Overall Risk Executive (ORE), being technically the owner of all the critical risks of the company.With this enhanced risk management responsibility given to the CEO, it is imperative that he or she is very much familiar with the framework, principles and process of risk management, particularly enterprise risk management (ERM), which has been recommended by the Philippine Securities and Exchange Commission (SEC) in its various codes of corporate governance. ERM has also been mentioned in the guidelines for well-governed companies released by the Philippine Stock Exchange (PSE).THE RISK MANAGEMENT EXECUTIVE TEAMThe CEO as the ORE should be assisted by his executive team, usually composed of executives who are co-risk owners in the organization. This is usually referred to as their Risk Management Executive Team (RMET). In most companies, this could be the management committee or executive committee. Oftentimes, the RMET is composed of the following:• Chief Financial Officer — for financial risk;• Chief Operating Officer — for operational risk;• Chief Information Officer — for information risk;• Chief Legal Officer — for legal risk;• Compliance Officers — for regulatory risk;• Chief Innovation Officer — for new and emerging risk related to markets and competition; and• Other key executives who are critical in identifying and managing uncertaintyAnother role which is critical is that of the Chief Risk Officer (CRO) or its equivalent. The CRO is usually part of the RMET unless the board requires the CRO to functionally report to the Board Risk Oversight Committee (BROC) directly and to the CEO for administrative support (similar to that of the internal auditors). Another factor to consider is the sector to which the company belongs as there can be some regulations in the area of reporting protocols.There is a common misconception that the CRO, which should ideally be a full-time role, is the owner of all the risks in the organization. The reality is that the CRO (again in a full-time capacity) does not own any risk except for the failure of the risk management process, making the CRO the owner of this process. It is important to note that the function/process owners (i.e., CFO, CIO, CLO, among others) are actually the respective owners of the risks within their purview.The CRO’s primarily role is to make sure that all the members of the RMET, who are co-owners of the risks, are working together as a highly integrated, collaborative, cross-functional team. Let us liken the CRO to a conductor of an orchestra, whose job it is to ensure that all the different instruments and performers come together into a harmonious whole. As most of the risks are interrelated and have interdependencies, business risks should not be managed in silos to better maximize the resources needed to manage them. This also ensures that no critical risks fall between the cracks.The CRO (or its equivalent) is the face of the CEO in the risk management activities of the company. But the tone from the top is the responsibility of the CEO supported by the leadership team.THE CEO AT THE FOREFRONT OF IDENTIFYING AND MANAGING BUSINESS RISKSIn most of the board sessions that I have attended, the CRO reports to the BROC on behalf of the CEO. However, for questions on decisions made about how risks are prioritized and managed, the CEO provides his insights to the BROC and also solicits from the latter additional insights to further strengthen their risk management strategies. This emphasizes that the CEO is given the responsibility to ensure that critical risks that will significantly impact the company are identified and managed at acceptable levels.A layman’s definition of business risk is “anything that keeps management awake at night.” That is why the CEO is also referred to as the chief paranoia officer in some circles. Of course, that is just to emphasize the critical role they play in risk management.I would like to share an anecdote about a presentation I made to the board of one listed company. I showed a slide presenting the layman’s definition of business risk. The CEO immediately made a comment that he can sleep well at night. His colleagues in the board room said jokingly that this made the CEO their biggest risk, since he did not know they had risks to manage. At an event after that session, the CEO approached me and said, “You know, Leo, after your session with us, I can no longer sleep well at night.”We had a good laugh but that said it all. This article is for general information only and is not a substitute for professional advice where the facts and circumstances warrant. The views and opinions expressed above are those of the author and do not necessarily represent the views of SGV & Co.Leonardo J. Matignas is the EY ASEAN risk management leader and a business consulting partner of SGV & Co.

Read More
07 February 2022 Anna Maria Rubi B. Diaz

How can accounting relate to climate change?

There has been an increased public focus on the harmful effects of climate change, with practices and reforms continuously being developed and implemented globally to reduce its negative impact. Because of this, some industry players are taking steps to address climate change, such as utility companies focusing on renewable energy investment, financial institutions expanding their portfolios to include green bonds, and private entities investing in technologies to conserve resources.Regulators have also been taking steps to address climate change. For instance, the Philippine Securities and Exchange Commission (SEC) issued Sustainability Reporting Guidelines for Publicly Listed Companies (PLCs) in 2019 to help PLCs better assess and manage their non-financial performance across the economic, environmental, social and governance (ESG) aspects of their organizations. Similarly, the International Financial Reporting Standards (IFRS) Foundation also established the International Sustainability Standards Board (ISSB) to develop sustainability reporting standards that will provide a high-quality, comprehensive baseline of ESG information.It is to be expected that in the years to come, climate change will have an even more significant impact on the way entities do business. Because of the potential impact of climate change and the continuing drive to manage it, various entities are facing the challenge of adopting these new practices and reforms in anticipation of how they will eventually impact their financial statements.CONSIDERING CLIMATE CHANGE IN FINANCIAL STATEMENTSCurrently, there is no specific accounting standard or guidance in the Philippines that deals directly with climate change matters. However, entities are still expected by regulators and stakeholders to explain how climate change is considered in their financial statements in a way where its impact is material or significant from a qualitative perspective. They need to disclose how climate change may impact the significant assumptions, judgments and estimates used in preparing their financial statements. Entities also need to ensure that the information from the financial statements agrees with the information provided to the stakeholders and general public through publications and press releases.Given these, we cite some accounting standards that entities may revisit in preparing their financial statement in consideration of the impact of climate change.GOING CONCERNThe Philippine Accounting Standard (PAS) 1, Presentation of Financial Statements, provides that an entity shall prepare financial statements on a going concern basis unless management either intends to liquidate the entity, to cease trading or has no realistic alternative but to do so. When management is aware of material uncertainties related to events or conditions that may cast significant doubt upon the entity’s ability to continue as a going concern, the entity is required to disclose those uncertainties.Risks coming from climate change may be a source of material uncertainty to some entities due to its potential impact on their future business activities, such as bank financing restrictions. Accordingly, entities need to revisit the impact of climate change on their financial statements particularly on their judgment to continue as a going concern and related disclosures pertaining to material uncertainties.Furthermore, entities will need to consider how natural resources issues that are necessary for their operations, such as waste management, water, and energy, will affect their ability to continue as a going concern.INVENTORYAccording to PAS 2, Inventories, inventory shall be measured at the lower of cost and net realizable value. Given the developments brought by climate change, entities need to assess whether inventory has become less profitable or obsolete as the cost may not be recoverable if the inventory is damaged by climate disturbances, if it has become wholly or partially obsolete, or if selling prices have declined.PROPERTY, PLANT AND EQUIPMENTPAS 16, Property, Plant and Equipment discusses how entities should measure, recognize and disclose information on property plant and equipment. Changes in the economic and legal environment coming from the societal pressures and legislation may affect how entities measure, recognize and disclose information on property plant and equipment. This is due to the potential impacts on the useful life, residual value, designs, technology and decommissioning of property, plant and equipment.Given the uncertainty, entities need to consider how the measurement and recognition principles in accounting for the entities’ transactions, events and conditions will be impacted by these changes and how disclosures can be enhanced to allow the users of financial statements to better understand the judgments made by entities on their property, plant and equipment.IMPAIRMENT OF ASSETSPAS 36, Impairment of Assets requires an entity to assess at the end of each reporting period whether there is any indication that an asset may be impaired. If any such indication exists, the entity is required to estimate the recoverable amount of the asset. Action from governments and public awareness on climate change may drive impairment indicators.For example, a government may require entities to focus on new products and technologies that will conserve resources, potentially resulting in a significant decline in the value of the entity’s existing assets. If the public has already been consciously investing in entities with climate change initiatives, investors may withdraw their support from entities who are not concerned with such initiatives. It can also result in adverse changes to the technological environment of an entity, which may result in the obsolescence of its assets. These may also affect forward-looking information, such as cash flow projections in estimating the recoverable amount of an entity’s assets.Due to this, entities may need to consider how the impairment indicators will affect the measurement of their assets, including relevant disclosures on assumptions, judgments and estimates.PROVISIONSPAS 37, Provisions, Contingent Liabilities and Contingent Assets requires that provisions need to be recognized when: (1) an entity has a present obligation (legal or constructive) as a result of a past event; (2) it is probable that an outflow of resources embodying economic benefits will be required to settle the obligation; and (3) a reliable estimate can be made of the obligation.New legal requirements and laws, decommissioning and asset retirement obligations and legal claims in response to climate change may give rise to new obligations that may lead to a potential significant impact on the recognition and measurement of provisions. Due to the significant uncertainty, entities need to consider the adequacy of the disclosures in how they incorporate climate change risks in recognizing and measuring their provisions.ASSESSING THE IMPACT OF CLIMATE CHANGEThe items cited in the foregoing are based on general accounting considerations and are not inclusive of everything that entities should consider. Since each entity’s business, operations and situation are unique, each entity will need to apply significant judgment and analysis of relevant facts and circumstances to reasonably assess the impact of climate change.As the global conversation between and among businesses, consumers and regulators grows increasingly dynamic, entities will need to proactively consider how the risks from climate change may affect not only their operations but also their financial statements. More importantly, they will also need to consider potential solutions to the climate change disruptions that are happening now and those that are emerging — before it’s too late. This article is for general information only and is not a substitute for professional advice where the facts and circumstances warrant. The views and opinions expressed above are those of the author and do not necessarily represent the views of SGV & Co.Anna Maria Rubi B. Diaz is a senior director from the Financial Accounting Advisory Services (FAAS) service line of SGV & Co

Read More
31 January 2022 Aris C. Malantic and Ronald Wong

How boards can seize the opportunity in enhanced corporate reporting

Companies are increasingly expected to broaden the quality and scope of their corporate reporting to include enhanced environmental, social and governance (ESG) disclosures. Adopting an enhanced corporate reporting approach enables an organization to articulate a unique narrative on how the business is creating long-term value for its stakeholders. Boards have both a responsibility and an opportunity to challenge their organizations to transform into sustainable businesses and redefine reporting to address the wide-ranging insights that stakeholders are looking for.To deliver enhanced reporting, companies need to think about transforming their finance operating model so that they can inject the same rigor and relevance of traditional financial reporting into ESG reporting. Boards should challenge their finance leaders to take a fresh look at how reporting is delivered by considering three key areas: data analytics, talent strategy and C-suite collaboration.LEVERAGING ADVANCED DATA ANALYTICSThe use of advanced analytics is instrumental in extracting relevant ESG insights from data. Advanced analytics can help companies structure, synthesize, interpret and derive insights from voluminous data, and create credible and useful ESG reporting. Bearing this out, the EY 2021 Eighth Global Corporate Reporting Survey, which examines the perspectives of more than 1,000 CFOs, financial controllers and other senior finance leaders globally, found that the top technology investment priority for finance leaders over the next three years is advanced and predictive analytics.Yet even as finance teams seek to build a more agile financial planning and analysis approach, several data challenges stand in the way. These include the sheer volume of external data, followed closely by data quality and comparability issues, according to the abovementioned survey. Boards should assess if finance leaders have adequate resources and budgets to address these challenges and increase their use of advanced data analytics to deliver more robust reporting.A key way to leverage data analytics to enhance the quality of reporting is to introduce forward-looking insights, for example, by bringing in external data to corroborate and provide analysis on future trends. Thereafter, this downstream reporting outcome can be used to streamline upstream activities, such as capturing data in the right format to allow for efficient collection and analysis. This requires proper planning from data collection to reporting, with technology as a key enabler. Hence, this process should be considered part of an organization’s digital transformation journey.FUTUREPROOFING FINANCE TALENTWith accelerated technology adoption, technology and data skills will become crucial for finance teams. Indeed, survey respondents identified understanding of advanced technologies and data analytics as the top two skills respectively that will be important for finance professionals to succeed in their roles over the next three years.To make enhanced reporting a reality, the board should mandate the management to define a talent strategy that equips the finance team with the right skills for the future. This includes hiring of talent with essential specialist skills like artificial intelligence knowledge and experience as well as upskilling the current finance workforce.To future-proof the existing finance workforce, boards can challenge finance leaders to rethink their talent strategy and build an investment case for a major upskilling exercise. They should also assess whether the finance leaders have taken key actions, such as performing a gap assessment of current staff skill sets and creating incentives to encourage existing finance staff to pick up new skills.Closing the technology adoption gap between the younger and mature workforce is important for driving the right culture. The senior leadership can empower the younger workforce to champion new ideas on leveraging technology through work improvement initiatives and reward successful initiatives by following through on implementation, with its support.COLLABORATING ACROSS THE BUSINESSA significant amount of ESG data is owned by different parts of the business, making it an imperative to collaborate across the different functions. In this regard, CFOs play a pivotal role in advancing the ESG agenda and sustainability performance among their C-suite peers to drive a cohesive ESG approach. For instance, finance leaders should work with sustainability leaders and supply chain executives on environmental performance to understand more about how the company utilizes natural resources and the effect of its activities on the environment. Boards should direct finance leaders to proactively collaborate across the organization to drive effective ESG reporting and demonstrate the economic impact of different ESG strategies and related targets to stakeholders.Boards should also expect finance leaders to work closely with them on sustainability performance management and oversight. With their deep understanding of the regulatory and reporting standards environment, finance leaders are well-placed to lead in building trust and transparency into ESG performance.The integration of sustainability — and broader ESG factors — into the business strategy and enterprise risk management must be a board priority. In a world where stakeholder demand for reporting on nonfinancial information is growing, the board should challenge the management to redefine reporting and be prepared to disrupt the status quo. By accelerating the digitization of finance, defining a talent strategy that focuses on reskilling employees for a very different future and strengthening C-suite collaboration, companies will be well-positioned to deliver the insights expected by their stakeholders.Boards should consider the following questions:• How is the company using nonfinancial reporting to communicate how it is generating long-term value for stakeholders and does its ESG reporting meet stakeholders’ expectations?• How is the board supporting and monitoring ESG strategy development and related goals and metrics, including the identification and integration of nonfinancial key performance indicators?• How is the organization injecting rigor into nonfinancial reporting in terms of disclosure processes, controls and obtaining external assurance?• What governance, controls and ethical frameworks are in place to oversee the use of artificial intelligence and other technologies in the finance function?• What are the top skill sets needed to enable an enhanced corporate reporting approach and what are the skills gaps in the current finance team? This article is for general information only and is not a substitute for professional advice where the facts and circumstances warrant. The views and opinions expressed above are those of the authors and do not necessarily represent the views of SGV & Co. and Ernst & Young LLP Singapore.Aris C. Malantic is a partner and the Financial Accounting Advisory Services leader of SGV & Co. and EY ASEAN. He is also a Market Group leader in SGV & Co. Ronald Wong is a partner and the Financial Accounting Advisory Services leader of Ernst & Young LLP Singapore.

Read More
24 January 2022 Roderick M. Vega

Accelerating the integrity agenda (Second Part)

(Second of two parts)The EY Global Integrity Report 2022 shows us that 97% of survey respondents — consisting of 4,762 board members, managers and employees from large organizations in a wide spectrum of industries, including financial services, government and public sector, consumer products, manufacturing, life sciences, professional services and others from 54 countries in North and South America the Far East, Western and Eastern Europe, and the Middle East, India and Africa — place a high value on corporate integrity.However, the report also shows that organizations are struggling to close the gap between reality and rhetoric. As organizations rewrite the processes for digital transformation and recalibrate how and where work is performed, they can seize an opportunity to close the gap between what they say and what they do. Integrity in business is not confined to ticking boxes in compliance and risk management; it is about securing the organization, its reputation, and its assets — all of which drive sustainable, long-term value.While the report did not include respondents from the Philippines, we believe that the insights from the report offer much food for thought for local business leaders who place great emphasis on corporate governance and integrity.The EY Global Integrity Report 2022 provides insights on accelerating the integrity agenda, and in the second part of this article, we discuss how companies can create an optimal environment that encourages integrity, and how the integrity agenda can be innovated and transformed to minimize external threats while protecting value.CREATING THE OPTIMAL ENVIRONMENT FOR INTEGRITYThe report indicates that integrity standards have dropped in the aftermath of the pandemic, with 42% of board members agreeing that unethical behavior from senior or high performers is tolerated in their organizations and 34% agreeing that it is easy to bypass business rules. At the same time, 18% of board members are willing to mislead external parties such as regulators and auditors. In addition, 15% expressed a willingness to falsify financial records, and 14% said they would offer or accept a bribe.It becomes even more imperative for employees at all levels to understand that these violations bear consequences, and in being able to report such acts without the fear of negative consequences. The report shares that too often, employees feel that reporting violations won’t trigger change, with 38% of survey respondents saying that the main reason they do not report is the concern that no action would be taken against the violator anyway.The report also highlights the gap in perceptions of board members (47%) on how easy it is to report violations, compared to the views of employees (25%).Companies must be able to create an optimal integrity environment where management and employees trust that whistleblowers are protected, and where values are shared across every level of function and seniority. In fact, the extent to which companies can protect whistleblowers in their organization should be a benchmark of their integrity culture.There must be a high degree of transparency, with a culture that has a zero tolerance of transgression. A progressive integrity agenda extends beyond opportunistic compliance, where people do something simply because it is not illegal under the law; restrictive compliance, where people are prevented by the law from doing something; and the avoidance of litigation, where people do something to avoid being sued.The pandemic showed us that when the global economy experiences a crisis, many companies depended on the rescue interventions of Government authorities and taxpayers. Companies have the responsibility of managing resources for the common good and acting ethically, as employees, shareholders, consumers and the community at large expect them to do so.INNOVATING AND TRANSFORMING THE INTEGRITY AGENDAThe accelerated reliance on digital platforms and automation raises important risks, as data systems become increasingly fundamental to the operation of a business. Issues such as data completeness, data quality and AI models that do not perform correctly are no longer only technical problems to be managed by IT colleagues. Data systems that are critical to the business require many stakeholders involved in curating and shaping these systems, addressing any challenges with urgency. This blurring of boundaries is not confined to the digitalization of business operations and transactions, either — it is also increasingly blurred by third parties such as suppliers, vendors and contractors.The report shares that the overall confidence that third parties abide by relevant regulations and laws is high at 83%. However, while 47% of board members have the highest level of confidence, only 28% of employees believe the same. The report also indicated that different roles tend to have different levels of confidence in the integrity of third-party suppliers (86% of IT departments compared to 71% of legal departments).The report shows how easily mismatches can develop between the perceptions of the board, their employees and various groups in an organization, increasing the need to close the distance between all the groups and hierarchal layers comprising an organization. By tightening the connections between its parts and functions, an organization can deepen a shared integrity culture. As companies emerge from the pandemic and start looking to fill resource gaps with third party contractors, aligning them to the integrity culture of the company will also be vital.Organizations that leverage technology to further enable risk mitigation efforts will gain greater visibility into their risk landscape and the effectiveness of their compliance program as a whole. Leaders will need to ensure that technology is an integral part of their compliance strategy to make the most of these advancements, harnessing forensic technology solutions to identify hidden risks and using benchmarking to understand outliers. With technology able to advance the integrity agenda beyond merely checking travel and entertainment expenditure lines, data will be likewise capable of increasing the transparency of all company interactions and transactions.BUILDING A CULTURE OF INTEGRITYFocusing on technology-driven and data-centric ways to monitor one’s integrity culture and build the necessary controls, insights and process allows companies to transform their compliance programs, creating long-term value. Increasing volumes of data can be utilized as an opportunity to aid in the combat against fraud, but it should be recognized that systems and processes are not the source of fraud: humans are.This means that the best compliance frameworks can be breached if a culture of doing the right thing is not established at a fundamental level, making building a strong integrity culture as important as the control environment. The report shows that while the integrity message is reaching people, the appetite for malpractice is growing. Companies must therefore continue communicating and building awareness by educating instead of training, ensuring that everyone understands the “why” of business integrity as much as they do the “what.” This article is for general information only and is not a substitute for professional advice where the facts and circumstances warrant. The views and opinions expressed above are those of the author and do not necessarily represent the views of SGV & Co.Roderick M. Vega is a partner and the Forensic and Integrity Services leader (FIS) of SGV & Co. 

Read More
17 January 2022 Roderick M. Vega

Accelerating the integrity agenda (First Part)

(First of two parts)Played out against a landscape of evolving social expectations from businesses under current conditions, corporate integrity is foundational to fostering trust among the various stakeholders in an organization. The importance of corporate integrity has also grown in the immediate aftermath of the pandemic, as revealed by the EY Global Integrity Report 2022.Conducted between June and September 2021 by global market research agency Ipsos MORI, the EY Global Integrity Report 2022 surveyed 4,762 board members, managers and employees from large organizations in a wide spectrum of industries, including financial services, government and public sector, consumer products, manufacturing, life sciences, professional services and others from 54 countries in North and South America, the Far East, Western and Eastern Europe, and the Middle East, India and Africa. The report shows that 97% of the respondents indicated that they value corporate integrity. Companies are also intensifying their reinforcement of integrity through training and communication; 37% of respondent companies now have a statement of organizational values in place, 46% are investing in integrity training, and 53% have a code of conduct in place.While the report did not include respondents from the Philippines, we believe that the insights from the report offer much food for thought for local business leaders who place great emphasis on corporate governance and integrity.Respondents are placing greater responsibilities on their corporate leaders, with as much as 68% expecting CEOs to tackle societal problems unaddressed by government and 65% saying that CEOs should be accountable to both the public and shareholders. These rising expectations have led to organizations being asked to more formally report on the non-financial aspects of their operations. These include not just philanthropic or corporate social responsibility (CSR) programs that fall outside their core businesses, but also environmental, social and governance (ESG) measures that determine how the core business impacts the community and the planet.The report also shows that organizations are struggling to close the gap between what they say and what they do. As organizations start taking steps to rebuild the economy, rewriting processes for digital transformation and recalibrating how and where work is performed, an opportunity to close the gap between reality and rhetoric presents itself. Integrity in business does not merely refer to ticking boxes in compliance and risk management; it is about securing the organization, its reputation, and its assets — all of which drive sustainable, long-term value.The EY Global Integrity Report 2022 provides insights on accelerating the integrity agenda, and in the first part of this article, we detail how companies must define and embed integrity into their culture. EMBEDDING INTEGRITY INTO THE CULTUREBecause ethical dilemmas are different for various organizations and situations, no two companies will have the same definition of integrity, nor will they utilize the same mechanisms to instill integrity into their organizations. It then becomes imperative for integrity to be a fundamental component of corporate strategy in any organization.The report reveals that only 33% of its respondents believe that integrity means behaving with ethical standards. Meanwhile, 50% define it as complying with codes of conduct, laws and regulations. Somewhat alarmingly, the results also show that of the 442 board members, 15% were more likely to falsify financial records as their employees, and 17% were more likely to ignore unethical conduct by third parties. This makes it unsurprising for 58% board members to be fairly or very concerned if their decisions were to come under public scrutiny, compared to only 37% of employees.Though it should be noted that this is only a single snapshot of board behavior, which can vary considerably by country, region and industry, the data showed a significant change in emerging markets: the propensity of board members to act unethically increased from 34% to 41% between 2020 and 2022. There are also differences in how management and staff see integrity values within their organization: 77% of board members and senior managers are confident that employees within their organizations can report wrongful acts without fearing negative consequences, yet 20% of employees disagree with this. This year’s report even revealed a drop in survey respondents who reported misconduct, from 23% in 2020 to 19% in 2022.A large majority of surveyed companies at 93% also have codes of conduct, with a mix of training and whistleblowing policies in place. However, even though 59% of the respondents say that they do have “training for employees,” 15% of those employees are either unaware that these measures exist or claim that they do not exist. This shows that although organizations are investing in more training and communication programs to instill integrity, the messaging may not be effective. Though 60% of board members say that their organization frequently communicated about the importance of integrity within the past 18 months, only 30% of employees remember these communications.These findings reveal the danger that organizations are relegating their integrity agenda to box-ticking without giving real attention to deepening their integrity culture, which rests on actual behavior and organizational intent.The pandemic has only increased the challenge as well, with 54% of board members saying that the pandemic is making it more difficult to conduct business with integrity. Disruptions have added to the challenge of corporate survival, while increased digitization, which moved more of a company’s operations to the cloud, has further tested risk management processes. The risk landscape itself has become more disrupted, with another report, the EY Global Board Risk Survey 2021, saying that 87% of more than 500 board directors around the world think that market disruptions are now more frequent, while 83% say they are more impactful. The 2021 EY Global Information Security Survey also found that many businesses have sidestepped cybersecurity processes to facilitate flexible and remote working in the wake of COVID-19.Because of an increased focus on surviving the disruptions and uncertainty caused by the pandemic, companies have let go of non-essential activities — possibly including integrity agenda. Leaders will have to rethink of procedures for a post-pandemic era with a pivot to full digitization and a distributed workforce.In the second part of this two-part article, we will discuss how companies can create an optimal environment that encourages integrity, and how the integrity agenda can be innovated and transformed to minimize external threats while protecting value. This article is for general information only and is not a substitute for professional advice where the facts and circumstances warrant. The views and opinions expressed above are those of the author and do not necessarily represent the views of SGV & Co.Roderick M. Vega is a partner and the Forensic and Integrity Services leader (FIS) of SGV & Co. 

Read More
Leading the way in business

Other SGV News and Publications