SMEs’ corporate governance challenge

Aug 01, 2018
Gerry Gallagher explains how SMEs should approach corporate governance in their organisations.

Small and medium enterprises (SMEs) face many challenges while trying to survive in a competitive business environment. The lack of scale and resources available to SMEs often results in those running the organisation having to immerse themselves in a wide variety of the everyday operational functions, often to the neglect of the more strategic issues such as corporate governance. In addition, the directors and the managers are many times one and the same. However, good corporate governance is vital to the long-term success of any organisation, regardless of whether it is a multinational or a small, family-owned firm. 

The UK’s Financial Reporting Council (FRC), in its Corporate Governance Code, defines corporate governance as “the system by which companies are directed and controlled”. While the FRC’s Code is developed primarily for listed companies, many of the principles contained therein are relevant to all companies. Governance embraces many disciplines: law, accountancy, economics, political science, sociology and psychology. The main challenge for SMEs is to take those principles and tailor them for their own particular situation. This process can be simplified if we examine governance under three broad headings: accountability, strategy and performance.


All organisations are held accountable, but the level of accountability is more onerous for publicly-quoted companies where their actions are subject to minute scrutiny, not just by shareholders, but by a broad group of stakeholders. However, SMEs are also subject to considerable oversight. Sometimes different sectors have specific legislation governing their area. In recent years, many charities, for example, have found themselves open to a degree of scrutiny for which they were ill-prepared. 

There is also a great deal of legislation that applies to all companies, such as the 2014 Companies Act. This legislation consolidated all previous relevant acts, in addition to a number of new provisions. It is very detailed and, for the first time, it codified eight duties of company directors. For example, on taking up the role of director, a person must, under Section 223 of the Act, certify: “I acknowledge that, as a director, I have legal duties and obligations imposed by the Companies Act, other statutes and at common law”. That declaration makes clear to the director that they have an onus to be familiar with the provisions, not only of the Companies Act, but also other legislation such as health and safety, employment law and many others. GDPR is one example of legislation that has placed considerable pressure on all organisations to ensure compliance. In addition to specific legislation, there are many codes developed to ensure good governance, such as the UK Corporate Governance Code and the G20/OECD. These are principles-based codes which inform the development of more specific codes in different sectors such as the Central Bank’s Corporate Governance Code for Credit Institutions and Insurance Undertakings, or the Department of Public Enterprise and Reform’s Code of Practice for the Governance of State Bodies. These codes are based on a “comply or explain” approach which allows for flexibility in their implementation, depending on the specific circumstances. 

There are also voluntary codes that impact on all sectors such as those of the independent self-regulatory body for advertising, the Advertising Standards Authority of Ireland, which promotes high standards in marketing communication and advertising.
Apart from external accountability, firms must also have the appropriate internal systems in place to ensure accountability. Managers need to make decisions based on accurate data and, in particular, financial information. Here, the role of the Chartered Accountant is vital, not just by providing financial information, but by interpreting it in a manner that spells out the implications for the firm and can provide assurance to outside bodies. 


Accountability is only one part of the equation. The FRC definition also refers to how companies are “directed”. Each SME exists for a specific purpose and managers need to be clear on that purpose. The purpose is not to make a profit – that is the by-product of providing goods or a service that customers are willing to buy at a price greater than the cost of production. Such a purpose must be supported by organisational values, including ethical values. There are many examples where organisations have suffered financially, not because they had broken the law, but because consumers turned away due to unethical behaviour. Good reputations take years to build up, but can be destroyed in an instant, particularly in the age of social media. Such reputations need to be protected by ethical values that are an integral part of what the company does. 
A clear purpose and set of values will inform the development of the strategic goals and objectives. For small companies, it can be difficult for managers to set time aside from the day-to-day operational imperatives to focus on what the company should be doing and what is important for its long-term success. You can be busy cutting down trees, but there is not much point if you are in the wrong forest. The balanced scorecard is a useful tool to ensure that strategic goals are balanced between long-term development and short-term opportunities.

The company’s strategic goals need to be translated into policies and procedures that guide everyday decisions that provide consistency throughout the organisation. In particular, each company must develop a risk management policy to cover all aspects of its operations, covering financial decisions, health and safety, information technology, GDPR, human resource management and geopolitical risks such as Brexit.

Managers must be able to recognise each risk, assess its likely impact on the company, evaluate the probability of that risk, determine what the company’s policy should be and monitor how the risk is rolling out. In addition, the company also needs to develop policies on diverse issues from whistleblowing to corporate social responsibility.


Both accountability and strategy are required to work in tandem to ensure the effective performance of the company. Such performance is achieved through people – directors, managers, employees and other stakeholders who are committed, engaged and working together as a team. The company’s directors may also be the managers, and this poses a significant challenge as being a director requires a different skill-set from dealing with the operational issues facing the company on a daily basis. Managers and directors need training specific to their roles so combining the two can be a challenge for the individual and bring on challenges for the SME. 

Having the right team on board is essential. This requires careful selection of employees to ensure a good fit with the organisation’s values. Employee training is also important – initial training as part of induction as well as ongoing development. This should cover the technical aspects of their job, but also legal requirements, safety and other areas to ensure the effective performance of the employee and the company. Employees must have a clear understanding of what is expected of them, but they must also be free to make a contribution or to voice any concerns so clear, open communication between employees and management is essential.

All of this is underpinned by the organisation’s culture. Louis Gerstner, a former CEO of the computer giant IBM, described culture as what people do when no one is watching. The culture should be one of high performance but predicated on sound ethical principles that guide people in making the right decisions. Culture is the basis for everything that happens in organisations. This requires strong leadership and clarity of purpose.


In recent years, most aspects of Irish society have been impacted by poor governance, from how we regulated the banks to how charities were run. Across the board, we need to improve on how governance is conducted in all organisations, big and small, and in a manner that reflects the common good. Governance is a holistic approach to running organisations that ensures full accountability to all relevant stakeholders while achieving steady and sustained performance over the long-term. It requires strong leadership, teamwork, and a culture committed to both ethical and operational values. Governance is central to the success of every SME.

Dr Gerry Gallagher is a lecturer in governance and corporate strategy at IT Tralee and author of Corporate Strategies for Irish Companies.