Sistemi di controllo e doveri di vigilanza: considerazioni sulle nuove norme di comportamento del Collegio sindacale di società non quotate
Raffaele Marcello, Phd, assistant Professor and lecturer of Business economics at the “Pegaso” Online University.
Dal 1° gennaio 2021 saranno in vigore le nuove Norme di comportamento del Collegio sindacale di società non quotate redatte dal Consiglio Nazionale dei Dottori commercialisti e degli Esperti contabili. Il presente contributo analizza il nuovo set di Norme, che si sostituisce a quello precedentemente emanato nel 2015, con l’obiettivo di aggiornare i modelli comportamentali raccomandati ai membri del Collegio sindacale della s.p.a oppure al sindaco unico della s.r.l., per svolgere correttamente l’incarico di vigilanza.
From January 1st, 2021, the new rules of conduct of the Collegio sindacale (Board of Statutory Auditors) of unlisted companies, drawn up by Consiglio Nazionale dei Dottori Commercialisti e degli Esperti Contabili (CNDCEC), the National Council of Chartered Accountants and Accounting Experts in Italy, will enter into force. The present contribution analyses the new set of Regulations, which replaces the one previously issued in 2015, with the aim of updating the behavioural models recommended to the members of the Board of Statutory Auditors of companies listed on the stock market or to the sole member of the Board (sindaco) of a limited liability company, in order to correctly carry out supervisory duties
1. Introduction - 2. Structure and content of the new regulations - 3. I the main new elements - 4. The supervisory duties of the Board of Statutory Auditors not responsible for the statutory audit - 4.1. “Financial-business” supervisory activities of the Board of Auditors - 4.2. Monitoring the adequacy of the administrative and accounting framework adopted by the company - 4.3. Monitoring financial statements and the management report - 4.4. Board of Statutory Auditors Report pursuant to art. 2429 of the Italian Civil Code - 5. Participation of the corporate bodies in the meetings - 6. The activities of the board of statutory auditors in a business crisis - 7. Relations with the Organismo di vigilanza - 8. Concluding remarks - NOTE
Public consultation  of the “Rules of conduct of the Collegio sindacale of unlisted companies”  ended in November 2020. The new text, applicable from 1st January 2021, replaces the old rules previously established on the subject in September 2015 ; it outlines principles, accompanied by application criteria and comments that integrate provisions of a deontological nature compliant with the professional code of ethics. The rules are addressed to the statutory auditors of joint stock companies  that do not operate in sectors subject to specific primary or regulatory provisions  and, while configuring deontological rules of ethics, these rules are increasingly used as a parameter, even in case law, for assessing diligence in behavioural patterns among the members of the Board of Statutory Auditors. The 2020 update stems firstly from the need to take into account, on the one hand, the new functions attributed to the supervisory body by the Corporate Crisis and Insolvency Code introduced by Legislative Decree no. 14/2019  and, on the other, the further evolution of case law and procedures that have taken place in recent years. The document is also characterized by a renewed attention to the subject of organizational protocols and, specifically, information flows commensurate with the positions of the most accredited legal and economic doctrine which assume a central role, as a standard of action of the “good director”, as a guide of “traceability” of behaviour and as a means of reconstructing the profiles of responsibility. It has been definitively clarified that the Rules of Conduct apply to the Board of Statutory Auditors or to the sole auditor of a limited liability company who has not been appointed by the company itself for which the statutory audit is being carried out.
2. Structure and content of the new regulations
The Rules of Conduct of the Board of Statutory Auditors of unlisted companies suggest and recommend behavioural models to adopt in order to perform the duty of sindaco correctly; they are, therefore, of a technical and ethical nature and can function as a useful source of information with regard to the complex activity involved for all those who hold the office of member of the Audit Board of a non-listed company and as such, they are used for the following considerations: – in the context of the internal control system of non-listed companies, they define how the Board of Statutory Auditors must report to each of the subjects who perform a supervisory and administration function, what information flows it must implement with each of them, indirectly contributing to greater clarity with regard to the tasks and responsibilities of the various individuals that make up this system; – in the absence of detailed indications provided by legislation which, as previously mentioned, are more specific for the supervised sectors, they define which specific supervisory activities the Board of Statutory Auditors of an unlisted company must carry out with respect to the individual supervisory duties; – highlight the importance of planning control activities , of defining periodic as well as episodic information flows in the event that risk situations arise; – finally, they attach particular importance to the minutes of the meetings of the Board, including the reasons given for any dissenting opinions, as well as the traceability and documentation of all the control activities carried out. In this regard, the principles in question aim to offer guidelines, from an operational point of view, to the professionals called upon to hold the position of auditor, thus helping to fill the gaps deriving from the sometimes laconic rules dictated by the Civil Code and by the absence of specific principles of reference defined at an international level, contrary to what happens with statutory auditing . The way the document is structured confirms the previous formulation: it is divided into 11 standards, each of which contains a principle (principio) which describes the behaviour principle analysed by the standard. Each principle is accompanied by application criteria (criteri applicativi) which provide the statutory auditors with the operational tools for carrying out their duties. The standard concludes with the [continua ..]
3. I the main new elements
Among the most innovative regulations, we highlight those relating to independence (Regulation 1.4)  and the causes of ineligibility, adequacy checks and operation of the organizational structure of the company (Regulation 3.4) which is of fundamental importance, as highlighted in Standard 11.1, in order to intercept going concern risks and signs of crisis. Regulation 6.3 has also been implemented which clarifies the role of the sindaci in alleged cases of “bad management” on the directors’ part reported by the shareholders pursuant to art. 2408 of the Italian Civil Code, and Rule 6.4, relating to judicial control, has been amended to take into account the changes made by the Crisis Code regarding the recourse tool pursuant to art. 2409 of the Italian Civil Code, also extended to limited liability companies . Further changes were introduced to regulations 3.7 and 7.1 to better clarify, with regard to financial statements, the specific duties and the various different responsibilities attributable to sindaci and statutory auditors. In rule 7.1, in particular, the sindaci are allowed to not submit a proposal regarding the approval of financial statements in the event of the auditor’s “no-opinion” . It should be noted that in addition to the significant changes and additions made to many extant regulations, 10 new ones have been introduced with respect to the regulations in force since 2015. Among them, two which stand out are regulation 4.3, aimed at clarifying the role of the Board of Statutory Auditors in those cases in which the companies are managed by a sole director , as well as Rule 3.9, aimed at emphasizing the confidentiality which sindaci are required to maintain with regard to information acquired as part of their control functions . Regulation 8, relating to the approval of the decisions and opinions of the Board of Statutory Auditors, has also been completely renewed. It includes the approval of the decision of the Board of Directors in case there is a co-optation of directors , the mandatory opinion in cases of capitalized costs pursuant to art. 2426 of the Italian Civil Code , the opinion regarding the remuneration of directors who hold particular offices provided for by art. 2386 of the Italian Civil Code, the motivated proposal for the assignment of the statutory audit and the opinions expressed by the supervisory body [continua ..]
4. The supervisory duties of the Board of Statutory Auditors not responsible for the statutory audit
Matters concerning company control have been considerably modified in recent years . At this point, it would be beneficial to our discourse, which will be further developed below, to anticipate what the conclusions should be: the general regulatory framework highlights that, despite strong pressure on some parts for a resizing of the concept and, more precisely, of the control framework, relegating these two maters solely and exclusively to the ex post verification carried out by the auditor, the legislator continues to rely heavily on the Board of Statutory Auditors which, presumably, continues to prove itself well. And indeed, it does not seem a mere coincidence that the Legislative Decree no. 39/2010 (art. 19) has identified the Board of Statutory Auditors of public interest entities – or the other supervisory bodies of alternative governance systems – as the committee for internal control and account auditing, and that Law no. 183/2011 established that the functions of the Supervisory Board (SB) can be carried out by the Board of Statutory Auditors (or by one of the supervisory bodies of systems alternative to the traditional) . Within this perspective and dwelling further upon the interference with statutory audit, it is appropriate to highlight right from the start, that the internal control and audit committee established pursuant to art. 19 Legislative Decree no. 39/2010 is required by law to supervise: – the financial reporting process; – the effectiveness of the systems of internal control, internal audit (if applicable) and risk management; – the statutory audit of annual accounts and of consolidated accounts; – the independence of the statutory auditor or statutory audit firm, with particular regard to the provision of non-auditing services to the audited entity. Nor should it be overlooked that the statutory auditor or the audit firm submits a report to the internal control committee (according to Legislative Decree no. 39/2010, the deadline for the presentation of the report coincides with the end of the financial year) on the fundamental issues that emerged during the legal audit and, in particular, on the significant deficiencies found in the internal control system in relation to the financial reporting process consistent with the working practices of auditing companies. Although it would be necessary to provide proof of the statement, it can [continua ..]
4.1. “Financial-business” supervisory activities of the Board of Auditors
As part of the powers attributable to the supervisory activity referred to in art. 2403 of the Italian Civil Code, there are areas of intervention on the part of the Board of Statutory Auditors in which the financial-business aspects and competencies are more prevalent compared to those of a typically legal nature. In particular, we refer to: supervising the adequacy of the accounting framework adopted by the company and its efficient functioning; evaluating the possibility of entering on the balance sheet, through the expression of consent, costs of installation and expansion and development costs, in accordance with art. 2426, first paragraph, n. 5, of the Italian Civil Code, as well as the goodwill pursuant to art. 2426, first paragraph, n. 6 of the Italian Civil Code; supervisory activity in compliance with the law and the bylaws and with the balance sheet. Points 1 and 3 focus on the annual report drawn up pursuant to art. 2429 of the Italian Civil Code. In addition to those mentioned above, there are also other specific tasks that are carried out in the event particular circumstances occur in the company, such as: – expressing an opinion on the fairness of the issue price of shares in the event of excluding or limiting option rights (in accordance with art. 2441, sixth paragraph, of the Italian Civil Code); – expressing observations on the situation of the company in the event that the capital appears to have decreased by more than one third as a result of losses (in accordance with art. 2446, first paragraph, of the Italian Civil Code); – preparing the accompanying report to the final statement of assets intended for a specific business activity (in accordance with art. 2447-novies of the Italian Civil Code).
4.2. Monitoring the adequacy of the administrative and accounting framework adopted by the company
With reference to the adoption and monitoring of the frameworks, art. 2403, first paragraph, of the Italian Civil Code provides for a triplicity of obligations, in the sense that the delegated bodies ensure the use of adequate frameworks, the Board of Directors assesses the adequacy on the basis of the information received and finally, the Board of Statutory Auditors supervises this adequacy and the efficient functioning of the frameworks . In addition to specifying the activities that need to be carried out to monitor the frameworks, the code of conduct 3.6. (Monitoring the adequacy and functioning of the administrative-accounting system) interprets the definition of the administrative-accounting system as follows: “The administrative-accounting system can be defined as the set of directives, procedures and operational practices aimed at ensuring the completeness, accuracy and timeliness of reliable corporate information, in accordance with the accounting principles adopted by the company. An administrative-accounting system is adequate if it allows for: – complete, timely and reliable accounting recognition and representation of management operations; – valid and useful information to aid in management decisions and in the protection of company assets; – reliable data for the preparation of the annual financial statement”. Therefore, monitoring activity carried out by the Board of Statutory Auditors, even through justified sampling techniques, takes the form of compliance analysis in order to check the efficient functioning of the administrative-accounting framework , and it makes use of the exchange of information with the person in charge of the statutory audit who functions as an important external and independent reference, especially with regard to the aspects concerning the reliability of the administrative-accounting system. The supervisory activity of the Board of Auditors is, therefore, aimed at verifying the existence of a suitable system to ensure the completeness and accuracy of the financial data. It should be remembered that this is not a value judgement of the results of the administrative and accounting activities, but a summary judgement on the efficiency and functionality of the system, carried out in light of the significant risks that may have emerged in these operational areas. For the mere purpose of recognition, with regard to the monitoring activities of [continua ..]
4.3. Monitoring financial statements and the management report
Even if it is not in charge of the control, the Board of Statutory Auditors retains some supervisory tasks related to the preparation, approval and publication of the financial statements which are far from being considered residual tasks. This activity is summarized in both the Code of Conduct 3.7. (Supervision of the financial statement and management report) and 3.8. (Supervision of the consolidated financial statement and the management report). In all the cases considered above, the Code of Conduct highlights the general principle according to which the Board of Statutory Auditors is required to ensure that the directors comply with the procedural rules relating to the preparation, approval, filing and publication of the financial statements (also consolidated). Furthermore, the listing of the company on the markets will necessitate compliance with the specific rules provided for in the reference standard. As regards the subject of this contribution, the so-called ‘closed’ companies, in addition to specifying the above, Regulation 3.7 highlights that the Board not in charge of the statutory audit is not required to carry out analytical checks on the content of the financial statements, nor is it required to express an opinion on its reliability. It is, however, required to verify: – the correspondence of the financial statements and report to the facts and information of which the Board of Statutory Auditors is made aware subsequent to participating in the meetings of the corporate bodies, carrying out its supervisory duties and its powers to monitor and control (artt. 2403, 2403-bis, 2405 of the Italian Civil Code); – that the budgetisation of operating costs and goodwill, as well as research, development and advertising costs comply with the requirements of art. 2426, first paragraph, n. 5 of the Italian Civil Code; – that the budgetisation of goodwill complies with the requirements of art. 2426, first paragraph, n. 6 of the Italian Civil Code ; – the accuracy and legitimacy of any departure from art. 2423, fourth paragraph, of the Italian Civil Code that the directors have made use of. The Board of Statutory Auditors summarizes the conclusions of its supervisory activity in a specific paragraph of the report and presents it to the assembly meeting in occasion of the approval of the financial statements.
4.4. Board of Statutory Auditors Report pursuant to art. 2429 of the Italian Civil Code
In terms of content, among the many innovations previously mentioned, Regulation 7 particularly stands out, concerning the report of the Board of statutory auditors at the shareholders’ meeting , where the supervisory board is granted for the first time the possibility not to comment on the approval of the financial statements in case the auditors do not express an opinion . As mentioned, the legislator has used rather broad and generic terms to indicate the content of the report pursuant to art. 2429 of the Italian Civil Code . Although the statutory audit has been removed from the powers of the Board of Statutory Auditors, with the exception of the express statutory provision of the cases indicated in art. 2409-bis of the Italian Civil Code, the observations made pursuant to art. 2429 of the Italian Civil Code could in principle be in conflict with the conclusions of the person in charge of the statutory audit regarding the correct application of the law and auditing standards. The observations expressed at the moment of derogation from the criteria identified for the drafting of the financial statements and the budgetary structure must therefore not be limited to indicating the reasons that motivated the derogation which have already been indicated in the explanatory notes, but must focus on the validity and rationality of it: in this case it must be an analytical control. On a systematic level, the greater flexibility introduced by the new rules would make it possible to offset the gap between the provisions of art. 2429 of the Italian Civil Code and the provisions of art. 153 TUF, pursuant to which the Board of Statutory Auditors “can express” and not “must express” an opinion on the approval of the financial statement . In addition to regulating the filing of the draft budget and any attachments at the registered office, art. 2429 of the Civil Code describes the content of the report drawn up by the Board of Statutory Auditors . In regulating the procedure for filing the draft budget and the attached reports, the legislator has set two deadlines. Art. 2429 of the civil code, in fact, first specifies that the draft budget must be disclosed to the statutory auditors as well as to the professional in charge of the audit at least 30 days before the date set for approval, and the draft budget together with the reports from the monitoring bodies must remain deposited at [continua ..]
5. Participation of the corporate bodies in the meetings
Among the most significant changes, there is the revision of the regulation regarding participation in meetings of the Board of Directors or of the Executive Committee (Rule 4.2), with the express provision for the Chairman of the Board of Directors to provide adequate information  to the statutory auditors on the matters that will be subject to evaluation and deliberation by the advisors . As is well known, in art. 2381 of the Italian Civil Code, the legislator prescribes that adequate information on the items on the agenda be provided to all directors however it does not mention the statutory auditors; the principles of the Code of Conduct therefore fill this particularly important void. Among the application criteria, it is also considered appropriate that the statutory auditors, even on an individual basis, request that the Chairman of the Board of Directors send the directors and the Board of Statutory Auditors the supporting documentation for the decisions on the agenda concurrently with the notice of call of the Board of Directors. In the event the President refuses to comply with the request, the statutory auditors proceed to inform all the members of the Board of Directors for the purpose of requesting a resolution. Sindaci are always permitted, even on an individual basis, to request further information, documentation and clarifications from the chairman and the delegated body in addition to those sent to them prior to or at the same time as the board meeting. It would also appear appropriate, if applicable, for the sindaci to note in the minutes of the meeting the lack of prior information that prevented the exercise of a timely and concurrent supervision of the items on the agenda. In particular, the sindaci are required to intervene in the course of the debate if they identify any violations of the law or of the company bylaws or of the principles of appropriate management by expressing their motivated reasons for dissent or their reservations and requesting the recorded minutes, if necessary, even an analytic review of them. The Regulations, therefore, place the Board of Statutory Auditors at the centre of the system of corporate information flows. In particular, within the Board, in addition to the information flow generated by the items set out on the agenda and by the related requests for details and clarifications, even those relating to the performance of company operations or specific [continua ..]
6. The activities of the board of statutory auditors in a business crisis
In the new Code of Conduct, particular attention is placed on the function undertaken by the Board in the area of crisis prevention and emergence . In anticipation of a definitive regulatory framework of reference related to business crises and insolvency, alongside the remaining regulations up to now unchanged, it is our aim to highlight the new appendices with regard to the statutory auditors’ oversight activities intended for the timely detection of the losses on a going concern basis and of company crisis (Regulations 11.1. and 11.2.)  derived directly from the provisions contained in art. 2086, paragraph 2, of the Italian Civil Code. The reform of the Crisis Code brings out the versatility of the functions of the internal control body within the corporate organization . According to art. 2403 of the Italian Civil Code, aside from the traditional supervisory task the internal control body has, it becomes a driving force for the directors and, in the event of inaction on the part of the latter, it will take appropriate initiatives in its place. The functions that this body is called upon to perform in the emergence of the first signs of crisis require continuous monitoring of management activity in order to promptly intercept the existence of a crisis; moreover, if the control and reporting activity is timely, the alert function carried out by the internal control body can turn into an alternative corporate recovery tool that ultimately avoids recourse to insolvency procedures. However, this broad spectrum of power attributed to Collegio sindacale entails a considerable amount of responsibility. On the one hand, to encourage the use of the alert procedure, the legislator provides for the possibility of exempting the supervisory body from joint and several liability with the administrative body for damages deriving from actions taken subsequent to the alert warnings, on the other hand this mechanism would constitute a “green light” to unchecked and premature reports that do not include a clear assessment of the crisis indices and an effective application to entrepreneurial activity. More specifically, the legislation has been intent on identifying and investing a specific responsibility on the entrepreneur and the bodies in charge of governance and control functions, attributing to each of them specific functions aimed at dealing with and promptly identifying any situation of crisis. Among the [continua ..]
7. Relations with the Organismo di vigilanza
In the context of the Code of Conduct for the Board of Statutory Auditors, the Rule 5.5 that addresses relations with the Organismo di vigilanza (Supervisory Body) certainly deserves some reflection, particularly in light of the new duties placed on the supervisory body by both the business crisis code as well as, albeit indirectly, the growing list of predicate offenses in terms of partial inclusion of tax offences covered by the liability of the entities. The reform of the Crisis Code is inspired by the logic of the risk approach, already typically used in the drafting and evaluation of Model 231 where the prevention of corruptive acts and the sharing of information become functional and effective for a sound and adequate company management . It is well known that the efficiency and adequacy of Model 231 will depend on its being constantly and continuously updated . Furthermore, the adequacy assessment  constitutes the central element of the whole system provided for by Legislative Decree n. 231/2001, since it is on this that effectiveness depends exempting the entity’s liability. The organizational model is part of the protocols set out in the new art. 2086 of the Italian Civil Code and imposed on all companies and must be, as mentioned, adequate to the nature and size of the company, with respect to which the need arises to make an assessment of the adequacy of the organizational, administrative and accounting framework in relation to the specific corporate reality. Adequacy is a requirement that must necessarily be implemented in a practical manner , characterized by a proactive collaboration between the various bodies and, in this sense, information flows are of central importance as they should avoid “the sudden onset of a crisis”, since they are able to support the management bodies in adopting a conscious and timely conduct. In the system outlined by the 2001 Decree, the engine of the overall structure of the framework is the Supervisory Board, which is entrusted with the function of adequacy control, albeit over different corporate aspects. It should be noted that in order to exercise its duties, the Supervisory Board is “forced” to constantly interact with the supervisory and inspection bodies and the various corporate functions responsible for internal control, especially internal auditing . The Rule 5.5 redefines the relationship between the Board of Statutory [continua ..]
8. Concluding remarks
The issue of the Code of Conduct of the Board of Statutory Auditors of unlisted companies is part of a constantly moving legislative framework which over time has deeply reshaped the role of the Board of Statutory Auditors, directly and indirectly redefining the information profiles (both active and passive) at times even its contents, at other times only in the direction of the information flows. Therefore, the need was felt, as requested by several parties, for a rationalization of controls, which does not mean merely strengthening the “procedural apparatus”, but rather paying attention to the operational and concrete (and efficient) application of the regulatory data. In this context, one of the main reasons behind the new standards was the institutionalization of a system of interorganic and intraorganic information flows with desirable and much-needed virtuous consequences not only within the company, but also on the market, for the benefit of all stakeholders. Indeed, the effectiveness and efficiency of a company are strongly conditioned by the sharing of information on which the decision-making process in its various articulations is based. Moreover, the concept of “control” undeniably rotates in a central and decisive way around the circulation/acquisition of information relating to the functions subject to supervision as well as the activities and/or the acts and operations performed by monitoring the exercise of certain functions and the consequent carrying out of certain activities and/or the carrying out of certain acts and operations.