Most organisations lack effective authorised signatory management
We recently surveyed 40 governance executives to explore their sentiment towards the management of delegated authorities and authorised signatory registers. This blog provides a brief overview of the survey's key results.
Earlier this year, during the Chartered Governance Institute’s annual summit, we completed market research on executives' general sentiment towards the management of delegated authorities and authorised signatory registers. The research involved surveying 40 governance executives who attended the event and looking at key issues like:
Who owns authorised signatory management within organisations?
What are some of the most common practices for managing authorised signatories and delegated authorities?
How effective are the existing processes and practices?
And should they be part of an organisation’s formal ESG policy framework?
In this blog, we’ve provided a brief summary of the research results.
Who owns authorised signatory management?
In most organisations (43%) the process of managing authorised signatories and delegated authorities is owned by the Company Secretariate.
In 20% of the surveyed companies, the process falls within the control of the Governance/Compliance department and in 17% it’s managed by Legal.
On the evolution of the company secretary role and its increasing focus on governance over the past few years, David Venus, Past President of The Chartered Governance Institute UK & Ireland (formerly ICSA), has commented:
“There has been a marked shift within the company secretarial profession in recent years from compliance to governance. Of course, compliance remains a core responsibility and indeed forms part of the governance panoply, but the widespread recognition of the need for robust corporate governance and the central role it plays in the long-term success and sustainability of any organisation, has meant that the company secretarial function has expanded and has become a key part of strategy.
Corporate governance is all about the management of risk, whether it be board composition and effectiveness or corporate culture and communication. The company secretary plays a huge part in ensuring effective board oversight, the dissemination of information throughout an organisation and the cascade of culture from the boardroom.”
How UK organisations are handling authorised signatory management
In only 15% of surveyed organisations, authorised signatory data is updated in real-time. The rest update their records periodically (39%) and ad-hoc or whenever it’s deemed necessary (46%).
When it comes to approval practices, in the majority of companies (55%), the Board is responsible for approving any changes to the authorised signatory data.
In terms of ways to improve their organisations’ existing processes of managing authorised signatory data, respondents identified efficiency and automation as the top two most critical areas.
Interestingly, whilst only 58% of organisations maintain historical records of their signatory data, over 90% of the survey respondents agreed that keeping a historical record of any changes made to the data would enhance governance.
“A robust signatory management system and clear policy are essential to driving a robust governance framework and risk management process within a company. It is essential that the policy and signatory management system work hand in hand to ensure an efficient process for the execution of documents in a correct and efficient manner. Copies of paper-based signatory lists and a lack of a clear signatory policy means the company is exposed and at risk from an authority and execution perspective.
From an audit perspective, a robust audit trail of signatory data is essential to ensure correct oversight and process in place. An efficient signatory management system can drive ‘Sustainable Governance’ in a company.”
The use of POAs
According to our survey, only half of the respondents use POAs (Power of Attorneys / Delegated Authorities) on a regular basis and a third of them do not use them at all. 44% of those who don’t use them or use them occasionally believe that this would not be the case if signatory lists were up-to-date.
POAs are used in business continuity planning and risk management as to allow organisations to delegate authority to key personnel to perform core activities needed to keep the business running on specific, critical occasions like accessing financial accounts or placing/approving orders.
Should managing authorised signatory registers be part of ESG?
Currently, millions of organisations are still maintaining their signatory data on paper which involves paper production, procurement, transport and storage. The process requires regular updating, often several times every year which means repeated paper production and consumption. And it doesn’t stop there, once updated, signatory records need to be re-distributed, in many cases, this is done physically over mail which generates further waste and costs.
Manually managing authorised signatories and delegated authorities further increases the risk of signatory data breaches and the occurrence of signatory fraud, which often leads to financial fraud.
So, it’s not surprising that over 70% of the surveyed professionals agreed that keeping authorised signatory registers up-to-date should be incorporated in their companies’ formal ESG policy and goals.
Conclusion
It’s interesting to note that there is still no consistency in the market when it comes to managing authorised signatories and delegated authorities. In various organisations, the responsibility is spread across the Company Secretariate, Compliance, Governance and Legal functions.
The vast majority of organisations also seem to be lacking effective internal signatory management procedures as only 15% are updating their data in real-time and 58% are keeping historical records of any changes made. This means that most companies are potentially exposed to an increased risk of signature fraud, fines and reputational damage.
However, it’s encouraging to see that most governance executives are realising the importance of the issue and agree that signatory management should be formally incorporated in an organisation’s internal ESG policy frameworks.
At Cygnetise, we have developed an application that helps you reduce the risk of fraud, facilitate business continuity and contribute to ESG by digitising the process of authorised signatory management. Our technology enables users to update their signatory data in real-time and has a variety of sharing mechanisms so that the counterpart can always have access to the most up-to-date information without having to recompile and redistribute.
It may be only one component but by replacing a cumbersome, paper-based and risky procedure and adopting the secure, digital and flexible Cygnetise solution for Authorised Signatures, organisations will be able to demonstrate their journey to enhanced governance protocols.
The Governance Side of Authorised Signatory Management: Market Research Results 2022
Download the complete results report below.
