Responding to the new non-financial^^ £^ M « reporting regulations *W ju More for companies to do 1 m TnB! in year two Recently, there's hardly been a business headline that doesn't touch on accountability, and how companies and boards should be more focused on the long term and the impact on wider stakeholders of their operations. These themes are also woven through the FRC's newly published 2018/21 strategy and have been uppermost in the government's governance reform agenda. In this context the new Non-Financial Reporting Regulations ('NFRR') had the potential to be an opportunity for companies to provide more meaningful and insightful disclosures on how they relate to their stakeholders. However, from our early conversations with companies we had the sense that NFRR had to an extent passed under the radar and awareness came late for many - maybe too late. For quoted companies, already subject to the narrative reporting regulations that cover much of the same ground, the new regulations were often deemed to have already been addressed. There was also much discussion around what the differences in regulations might mean and what others would do in year one. Few felt that the time was right to major on the new requirements. The very fact that there is a wider debate underway in the UK around stakeholders and long-term sustainability meant that the new regulations were - it might be argued - ahead of their time, making it difficult for companies to respond without having the whole context. We understand this, and our strong view is that the new regulations will continue to gain in significance as the rest of the stakeholder agenda drops into place. Their importance and broader significance really should not be understated. "...disclosure of non-financial information is vital for managing change towards a sustainable global economy by combining long-term profitability with social justice and environmental protection. In this context, disclosure of non-financial information helps the measuring, monitoring and managing of undertakings' performance and their impact on society" [Extract from recital to the EU Directive on which the new regulations are based]. With all of this in mind we reviewed a sample of the first batch of reporters caught by new regulations to see how far the spirit of the regulations and the wider agenda would be taken on board. What we found was somewhat of a mixed picture - not surprising given the messages that we heard in the lead-up to the reporting season - and leading us to believe that the new regulations have not so much been an opportunity missed as an opportunity turned down, at least in this firstyear. The impact areas covered by NFRR Environmental pwc We found that it was often not clear whether a company had or had not responded to the new requirements. Only 30% of companies within our review included an explicit reference to NFRR -all of these claimed compliance. But the vast majority of companies made no reference at all, meaning it was down to the reader to work out whether the company had taken the regulations on board. Explicit response to NFRR Two of the companies in our review indicated that an area was immaterial (human rights in both cases), and therefore required no further development. Of those companies who did refer to NFRR, some chose to include a separate non-financial information statement (i.e. a confirmation of compliance with the regulations). Others went further and signposted across the annual report where the content could be found. For the majority however, changes were merged into existing content and required the reader to be eagle-eyed or review the prior year report if they wanted to see what - if anything- had changed. We recognise that not every user will be focused on changes but some will be, especially in the early years of the new requirements. This approach creates a reporting conundrum for us: while we encourage integration of non-financial content into the rest of the strategic report, this makes it difficult for a reader to interpret if the regulations have been addressed. Our view is that a statement of compliance and/or signposting to the detail (be it within the Annual Report or elsewhere - though all information that is necessary for compliance must be within the strategic report itself) is the approach to take. In the early years of adoption this will make it clear the company is aware of the change in legislation. This approach is sensible in itself and it also addresses the ongoing debate about whether a separate non-financial information statement is a legal requirement. Although the FRC has stated that a separate statement is not required (in their FAQ's issued in December), there has notyet been formal legal confirmation of this view. 23% Statement of Statement of compliance No mention of compliance - with immaterial NFRR elements indicated Non-financial information statement We aim to comply with the new Non-Rnancial Reporting requirements contained in sections 414CAand 414CB of the Companies Act 2006. The below table, and information it refers to, is intended to help stakeholders understand our position on key non-financial matters. This builds on existing reporting that we already do under the following frameworks: CDP, Global Reporting Initiative, Guidance on the Strategic Report {UK Financial Reporting Council), UN Global Compact, UN Sustainable DovelopmentGoals and UN Guiding Principles. Reporting requirement Policies and itandardi which govern our approach Risk manage mem; and additional information Environmental 0 Environmental statement matters Environment, pages 26-27 Environmental risk management, page 133 Employees O Ethics and Responsible: Business Policy1 O Ethical Pol icy Statement O Colleague Policy' 0 Code of Responsibility 0 Health and Safety Policy1 Equality, inclusion and divinity, page 21 Health, safety and wellbeing, page 22 Learn in g and development, page 22 Responsible conduct and culture, page 24 Diversity, skills and composition, page 58 Board Diversity Policy, page 72 People risk, page 136 Governance risk, page 150 Human rights 0 Human Rights Policystatement O Colleague Policy' O Pre-Employment vetting standards' O Data Privacy Policy' O Anti-Slavery and Trafficking Statement O Information and Cyber Security Policy Human rights, page 22 Responsible and eth ical lending, page 24 Working with suppliers, page 25 Social matters O Volunteering standards' 0 Matched giving guidelines' Helping communities, page 19 Communities, page 25 Antl-corruption O Anti-bribery Policy1 and anti-bribery O Anti-bribery policy statement O Anti-money laundering and counter terrorist financing Policy1 O Fraud Risk Management Policy' Customer privacy and data security, page 23 Responsible conduct and culture, page 24 Operational risk, pages 135-136 Policy embedding2, due diligence and outcomes Risk crverview, pages 32-33 Risk management, pages 107-156 Description of principal risks and Impact of business activity External environment, pages8-9 Creating value for our stakeholders, page 11 Addressing the issues that matter most, page 21 Direct and indirect economic contribution, page 24 Risk overview, pages 32-33 Principal risks, pages 34-37 Description of the business model Our business model, pages 10-11 Ou r next chapter, page 14 Non-financial key performance Indicators Key performance indicators, page 7 What we have achieved over the past three years, page 12 Doin g business responsibly, page 18 Helping Britain Prosper, pages 19-20 Running a responsible business, pages 21-25 Environment, pages 26-27 Lloyds Banking Group pic-Annual report and Accounts 2017 In a large number of cases we found that companies listed relevant information for most of the content areas, but didn't expand further. While the names of policies were included, the objective and significance of these was ultimately unclear. In ourview a meaningful summary of the more important policies is often sufficient, as long as there is adequate disclosure to allow an understanding of how they operate. However, where a policy relates to an area where the business has a significant impact on stakeholders, further discussion will often be needed. Many companies point to policies or statements on theirwebsite, such as the Modern Slavery statement. If this isn't material and/or the level of detail would clutter the report this can be appropriate. Although the regulations require reporting on the outcomes of policies, this was rarely in evidence. Outcomes relate directly to the impact of companies' activities and therefore this is a fundamental to address the aim of the regulations. Activities during the year were disclosed on most occasions, but their relation to the objective or significance of the policy was usually unclear or difficult to ascertain. By far the least commonly addressed aspect of the new regulations was any 'due diligence' carried out to ensure the effectiveness of the company's policies. Discussions we had with companies revealed a lot of confusion over what this requirement meant, leading the FRC to provide some additional guidance in its FAQs ('due diligence' can in fact cover anything from management rev ew/board oversight to external assurance) Many companies in our sample risked giving the impression that they did not have any arrangements in place to track the effectiveness of their policies. In reality this is unlikely to be the case and many at least imply the existence of these processes elsewhere in their annual report, whether in their risk management disclosures, strategic narrative or corporate governance statement. We identified a number of opportunities to consolidate, or provide clearer linkage between, existing content in this way. óu.-jac-nŕ* Our policy Is that all RB companies, employees and contractors must comply with the anti-bribery, anti-corruption and competition laws of the UK and all countnes in which they conduct business. Directors, managers and others wrth supervisory responsibility must ensure-that the employees and contractors they supervise are aware of and comply with this policy. Alt employees and contractors must also certify annually that they have complied with our Code of Conduct and the Audit Committee periodically reviews Internal Audit findings in relation to this. R8's Code of Conduct governs standards of conduct in relation to our employees, as well a; all our other key stakeholders. In addition. RB has policies setting out our commitment to equal opportunities at work and to providing a safe and healthy working environment We relaunched the Code of Conduct and the associated policies in 2013. Reckitt Benckiser Group pic-Annual Report andFinancial Statements 2017 Our policy on human rights and responsible business sets out our commitment to upholding the rights expressed in the International Bill of Human Rights and the International Labour Organisation's Declaration on Fundamental Principles and Rights at Work. RB is also committed to following the UN Guiding Principles on Business and Human Rights and the Organisation for Economic Co-operation and Development fOECD) Guidelines for Multinational Enterprises. We have established a proactive compliance monitoring programme to enable us to identify and remediate any vinlations within our operations and supply chain. Go.-i'.'rÄt-íaftV -'.-•sjQý RB'5 consumer safety policy covers our commitment to producing products which are safe for consumers to use. Among other things, it requires us to comply wrth all relevant laws and regulations, to continually assess our products, packaging, labelling and ingredients, and potential consumer safety issues, to apply consistenl global standards; and to freely disclose consumer safety information. We check our products comply with our Restricted Substances List(RSU and take action where necessary to ensure compliance The addition of 'impact' as one of the indicators that an area needs to be addressed in the strategic report is one of the more challenging changes between the non-financial reporting regulations and the existing narrative reporting regulations. In the four pre-existing areas of content (environmental, employees, social matters and human rights) we were confident of finding disclosures but would they also take into account 'impact'? Our results showed that there was indeed mention of 'outcomes' and 'impact' but, to an extent, the statistics (and the chart below) are misleading. The disclosures we found were not often very insightful - few went beyond recognising that there were impacts in these areas. Content showed minor changes from the prior year, but these felt shoe-horned in rather than integrated with the narrative. Most of the companies in our review included some quantified data e.g. reduction in energy usage or activities with charities, but the wider significance of these areas (if any) was often not made clear. Generally, content didn't really discuss the actual impact of activities on key stakeholders. For example, investment in training, or average number of training days measures the input/investment but doesn't measure the actual impact of these activities - how much better qualified were employees in areas that are strategically important. No one company reported their impact on all five content areas. This is not a requirement, but there should be an explanation where this is omitted because impact is deemed material. Our review confirmed to us that companies are still grappling with what the term 'impact' means and how to deal with it. The references we saw to outcomes and impact are only the start of reporting on impact and there is a long way to go. Notably, very few companies explicitly disclosed negative impacts and what they were doing to counter them - something which potentially could add more value and insight. In an age of growing distrust in business it is narrative such as this which can combat bad press and truly demonstrate the positive actions and company is taking to make changes. We think there is scope for more guidance to be produced for companies in the area of impact. What is clear is that, with the continued push on the 'stakeholder agenda', reporting on the impact of activities is here to stay and will need to be addressed. Response to impact on content areas Environmental Employees Social matters Human rights Anti- cor ruption/ bribe ry 100% Howdens Joinery Group pk-Annual Report and Accounts 2017 In light of the growing pressure on companies to demonstrate how they consider stakeholder interests in their long-term decision-making, we believe that many companies will need to look again at the non-financial reporting regulations. Whilst the Annual Report should still be written using a 'shareholder lens', stakeholders and the non-financial measures that matter to them now need to be front and centre in company reporting. It's clear from our conversations with companies that more guidance on what is meant by some of the new terms such as 'impact' and 'due diligence' could help. However, we also believe there are some simple steps companies can take without new regulatory guidance and we hope this paper and our three key areas of focus provide a useful starting point. The reality is that this is a new type of reporting which will require quite a shift in the mindset of companies if it is to be done well. For some reporters there is still a long way to go. Further reading Navigating the ■ fnkcftoMcr agenda 7»tkli»Jt lltr if puriiiijf