Annual report 2019: Evolving our governance transcript

Margaret Cole (MC): So Ian, you are almost the longest serving Independent Non Executive member of the Public Interest Body. I wonder if you have observations about how that journey has been for you and how the firm has been evolving?

Sir Ian Gibson (IG): I think two observations: (1) the firm is learning and it continues to learn how to be more transparent and how to look at what it’s doing from the eyes of others as well as itself; and (2) in terms of understanding where it is - it has become very explicit about how to look at the ways in which it evaluates the risk - the risk that it’s taking on, the risk that it’s creating, and the environment it lives in. And those are significant changes over time.

MC: So last year we had the Governance Review and a significant part of that was how we go about managing risk and the structures that we have around risk. We have a new Executive Risk Committee that I chair, and that has been an evolution from an earlier process called the Risk Council. Obviously that’s an executive function, but we also created the Supervisory Board Risk Committee and you are participating on that.

IG: Yes, and one of the pieces of that is the Supervisory Board always thought about risk, but it did it as part of ‘Audit and Risk’, and the decision to split Audit to one side and keep it as a clear and continuing function, but say ‘no - this extra level of risk governance needs its own recognition’. And then to invite onto that, someone like me who is: (a) an independent; and (b) a member of the Public Interest Body, says we recognise there are overlapping areas of interest in risk.

MC: This is all about continuous improvement for us - how we improve the way we go about managing risk and the three lines of defence model. We really think that is going to be a good way of approaching the management of risk.

IG: I’m really impressed with it to be honest - it’s the first time I’ve seen it so clearly articulated that there are three different layers and levels and ways of looking at understanding and managing risk. So I think it’s very powerful as a concept.

MC: One of the other important features of risk management that has also been evolving here is the Client Committee. That is the senior committee that looks at the work that we take on for clients - not just at the outset, but as a matter evolves, as the risk profile changes, and I think you’ve seen that committee evolve in your time here?

IG: Certainly our Public Interest Body has - we review all of their minutes and we discuss it routinely. Kevin, or you, or others, come along to the Public Interest Body and talk about what’s going on there. It’s just a reflection, not that it’s new, but in the public interest the review of it has risen way up the agenda and is under constant discussion now.

MC: That brings me to a point about individual accountability, and having a culture where our people in the business take primary responsibility for the ownership of risk.

IG: Yes, it’s one of the differences between a corporate ‘command and control’ structure and a partnership structure. In the corporate command and control, you always know what your accountability is - and it’s to your boss. In a partnership structure it’s much more diverse because it goes from up here, to out there. Helping people to understand that their role carries risk whatever it is they are doing - helping people to understand that, and giving them the tools to explore it, is key to a partnership that is in our sort of business.

MC: Yes, and our sort of business is in a challenging external environment. So to me it’s really important that we carry on evolving how we manage risk - it’s not a static subject.

IG: I think one of the key lessons for any business to learn is that whatever you do today will probably not work correctly in the future, so everything is always todays mechanism and it can be improved - that’s what continuous improvement means. And if you are talking (as we are) about risk: (a) the risk world is changing - not just for PwC but for everybody; and (b) the way you then deal with that has to change. So you are looking at it from both an external lens in, and an internal lens out. That means we’ve got a good solution now - but its for now.

Contact us

Annual Review enquiries

Corporate Affairs, PwC United Kingdom

Follow us