As we covered here, the IASB recently issued for comment a new framework for management commentary.

The document describes management commentary as “a report that complements an entity’s financial statements. It provides management’s insights into factors that have affected the entity’s financial performance and financial position and factors that could affect the entity’s ability to create value and generate cash flows in the future.” For Canadian entities, this isn’t so different from the existing regulatory definition of a management discussion and analysis. However, the consensus on what those words should actually mean has broadened over time, reflecting among other things an expanded concept of what it means to create value, and of providing a true forward-looking perspective (because what’s the point of examining the past and present, if not to craft a better sense of the possible future?)

The proposed framework lays out six “areas of content,” including “risks that could disrupt the business model, strategy, resources or relationships.” The document notes: “The source of such risks could be external—for example, political instability— or internal—for example, the failure of a business process or an unintended consequence of a change in strategy. The source of a risk could be a one-off event, gradually changing circumstances or a group of events or circumstances that would cause disruption if they were all to occur.” Disclosure objectives in this area include providing “a sufficient basis for investors and creditors to assess: (a) the extent of the entity’s exposure to risks; and (b) how effectively management monitors and manages the entity’s exposure to risks.”

The framework requires focusing on “key risks,” defined as “risks of events or circumstances that could fundamentally disrupt the entity’s ability to create value and generate cash flows, including in the long term.” It goes on:

• Risks that management identifies as key could include risks of events or circumstances that in the short, medium or long term might:
• (a) fundamentally disrupt the entity’s business model—for example, cause the entity to lose a competitive advantage;
• (b) fundamentally disrupt management’s strategy for sustaining and developing the business model—for example, prevent the entity from fulfilling its purpose;
• (c) fundamentally disrupt a resource or relationship—for example, disrupt the entity’s supply chains for essential components or damage the entity’s reputation; or
• (d) threaten the entity’s existence—for example, cause a permanent collapse in demand for the entity’s product range.

As for other areas of content, the framework also addresses relevant metrics:

• Material information about risks is likely to include metrics that management uses to monitor key risks and to measure progress in managing them. Such metrics could include measures relating to:
• (a) the entity’s exposure to a risk—for example, its level of reliance on a raw material;
• (b) the effectiveness of management’s actions to reduce the entity’s exposure to a risk—for example, numbers of safety incidents; and
• (c) management’s plans to mitigate the effects of potential disruption— for example, quantities of buffer inventories held.

For Canadian preparers, this all constitutes something of a leap from the current Form 51-102F1. The form includes the overall instruction that the MD&A should “discuss important trends and risks that have affected the financial statements, and trends and risks that are reasonably likely to affect them in the future,” but provides little more detail on what’s required. Regulatory staff have regularly tried to push further, for example commenting as follows as far back as 2004 that an illustrative company “should describe all material risks. The company should also explain how each risk has affected results of operations and financial condition in the past or how each risk is expected to affect future results of operations and financial condition. The company should also quantify, if possible, the past and expected future impact of each risk to facilitate the analysis of each risk’s relative impact. Finally, the company should disclose any steps it has taken, or plans to take, to mitigate the impact of any risk.”

The issue was also highlighted in the CPA Canada preparer guide that I cited last time:

• Risk encompasses exposure to negative consequences (“downside”) and the possibility that positive consequences (“opportunities”) will be missed. Risk can be viewed as the variability around an outcome where there is uncertainty about timing and the consequences if the risk materializes. For the most part, risk reporting in the MD&A tends to focus on the exposure to negative consequences, such as incurring losses or reduced revenues or profit
• … While a full reporting of the risk management process helps readers assess the quality of the company’s risk management, it is important to have balanced disclosure to ensure readers are not misled to believe a risk is fully mitigated or not ever likely to materialize. This disclosure must also be candid. Extensive risk mitigation disclosure could impede a company’s defense in response to a legal action for misrepresentation in its continuous disclosure. Consequently, reporters need to carefully consider and determine their detailed risk mitigation disclosure.

That last section links to the common suspicion that the sections of the MD&A dealing with risk are more likely written by lawyers, primarily with a view to avoiding the downside. That’s never been a great way of meeting the underlying objectives though, and will only become less so…

The opinions expressed are solely those of the author.