Ultimate guide to governance: Best practices for directors

As a company director, whether an executive or non-executive director, you are subject to seven statutory duties as set out in sections 171 – 177 of the Companies Act 2006.

• a duty to act within your powers

• a duty to promote the success of the company

• a duty to exercise independent judgment

• a duty to exercise reasonable care, skill and diligence

• a duty to avoid conflicts of interest

• a duty not to accept benefits from third parties

• a duty to declare any interest in a transaction or arrangement

While the Financial Reporting Council has issued guidance to support the largest listed companies, when it comes to individual directors fulfilling their statutory duties and micro and SMEs seeking to implement best-practice corporate governance, directors have had little guidance. That is, until now.

On 23 October 2024, following high-profile corporate governance scandals, including the Post Office Horizon IT scandal, the Institute of Directors launched its 'Code of Conduct for Directors', establishing a baseline for good industry practice which could be taken into account by shareholders, regulators and the courts in the event of an investigation or dispute.

The code is comprised of the following six principles of director conduct:

Principle 1: Leading by example

Demonstrating exemplary standards of behaviour in personal conduct and decision-making.

• Exhibit high standards of personal conduct and professionalism

• Consider the impact of my behaviour on employees, fellow directors and other stakeholders

• Avoid behaviour which might adversely affect the reputation of my organisation, or which contradicts its values

• Treat everyone with respect, dignity and consideration and demonstrate concern for their wellbeing and mental health

• Devote sufficient time and attention to my role as a director

• Strive to develop my own competency through continuing professional development and encourage that in others

Principle 2: Integrity

Acting with honesty, adhering to strong ethical values and doing the right thing.

• Comply with the letter and spirit of applicable law and be willing to cooperate fully with regulatory authorities

• Deal honestly with all parties

• Place the interests of the organisation and its societal impact above my personal interests

• Be alert to perceived conflicts of interest and manage them when they arise

• Voice constructive challenge and disagreement on matters of concern

• Challenge words, behaviour or attitudes that fall below expectations

• Adhere to collective responsibility for agreed decisions

• Be prepared to resign from the board if a matter of conscience, judgment or good governance cannot be remediated through good business practices

• Safeguard confidential information unless appropriate disclosure has been authorised, and not make improper use of information

Principle 3: Transparency

Communicating, acting and making decisions openly, honestly and clearly.

• Be open and transparent to the rest of the board and relevant stakeholders with respect to anything that might be perceived as affecting my objectivity, such as a conflict of interest

• Promote an open business culture which does not cover up wrongdoing or mistakes

• Encourage the adoption of ‘speak up’ mechanisms, which enable employees and other relevant stakeholders to report concerns about any misconduct or actions that are not aligned with the organisation’s values

• Ensure that all communications with stakeholders are undertaken in a straightforward and accessible manner, providing accurate, relevant and timely information

• Be candid with stakeholders about the limits of transparency, such as when information is of a commercially sensitive nature or subject to legal restriction

Principle 4: Accountability

Taking personal responsibility for actions and their consequences.

• Comply with my legal duties to the organisation, take personal responsibility for my actions and share collective responsibility for the decisions of the board

• Be open to feedback and where applicable, make improvements based on that feedback

• Oversee and hold the organisation to account with respect to its performance and embodiment of the organisation’s values

• Understand the legitimate expectations of shareholders and other relevant stakeholders and engage appropriately with them

• Seek independent advice on matters of concern at an early stage and where appropriate, call for action to protect the interests of creditors if the organisation is struggling financially

• Reflect on whether I have the knowledge and skills required to fulfil my role as a director and if any material gaps cannot be remedied through appropriate training, decline to serve on a board

Principle 5: Fairness

Treating people equitably, with no discrimination or bias.

• Make decisions as objectively as possible and be alert to the risk of bias or groupthink

• Recognise and respect the legitimate interests of relevant stakeholders – including customers, employees, investors and suppliers

• Promote equality of opportunity in all business activities

• Encourage the fair treatment of suppliers and customers

• Champion diversity of thought by being open to differing ideas and views

• Engender an inclusive culture where all employees can bring their best selves to work and concerns they raise will be investigated without fear of adverse consequences

• Share credit with those contributing to successful outcomes and provide constructive feedback where performance does not meet expected standards

• Advocate for reward and recognition structures that are fair, encourage ethical behaviour and support a longer-term perspective

Principle 6: Responsible business

Integrating ethical and sustainable practices into business decision-making, taking into account societal and environmental impacts.

• Consider the consequences of my decisions for society, communities and the environment

• Manage risk in a responsible manner and avoid prioritising the short-term financial interests of shareholders over the longer-term resilience and strategic objectives of the organisation as a whole

• Promote high business standards across the supply chain, particularly with regard to employment conditions and environmental impact

• Ensure that artificial intelligence and other technological innovations are utilised by the organisation in an informed and responsible manner

• Reject corrupt business practices

• Advocate for an organisational culture which values diversity and inclusion

While the obligation to manage risk and prioritise business resilience might have been considered to have been implied by the statutory duties to promote the success of the company and exercise reasonable care, skill and diligence, these are now explicit and require directors and boards who sign up to the code to have regard issues such as cyber security and supply chain risks.

What can micro and SMEs do?

Practical measures that directors and boards of micro and SMEs can take if they want to sign up to or align their practices with the Code of Conduct include:

• Identify and map the risks to your organisation, which could include legal and compliance, people, cyber, financial, third party/supplier and reputational risks and establish mitigation for each

• Periodically revisit the risks and the implementation of identified mitigations, e.g. quarterly, bi-annually or annually

• Establish factors that will be taken into account in all decision-making, including purchasing and procurement, including the environmental/sustainability and wider social impact of decisions and potential alternatives and their contribution to achieving the company’s objectives

• Promote fair recruitment practices and require completion of training for all recruitment panel members and managers

• Review standard terms of business and consider whether these could be amended to promote legal and regulatory compliance and CSR / ESG objectives, e.g. anti-bribery and corruption, cyber security, business resilience, minimum and/or living wage compliance, environmental protection and sustainability, such as by requiring a supplier to commit to reducing their own emissions and/or only using recycled products

• Before allowing artificial intelligence to be used, understand its limitations and follow guidance to ensure it is used responsibly, safely and ethically

Download our free primer on your statutory duties as a director.

Relevant resources

• How to use generative AI responsibly: Key considerations for small businesses

• Five tax mistakes to avoid as a company director