Skip to main content
Marsh logo

Article

Understanding the 2024 UK Corporate Governance Code changes

Understand key changes in the 2024 UK Corporate Governance Code, focusing on accountability, risk management, and effective governance practices.

20/03/2025 · 4 minute read

The 2024 UK Corporate Governance Code signals a shift towards a more outcomes-focused and transparent approach to corporate governance, anchored in a "comply or explain" framework. Effective from 1 January 2025, the revised Code aims to promote accountability, improve risk management, and enhance stakeholder confidence.

The changes require organisations to provide clear declarations on the effectiveness of their control frameworks and demonstrate a proactive approach to addressing deficiencies. These updates will significantly impact governance and business reporting, requiring greater engagement from senior management to foster trust among investors, employees, and other stakeholders.

By adopting these principles, organisations can demonstrate a strong commitment to governance practices that enhance resilience and long-term sustainability, rather than merely focusing on regulatory compliance. Below, we summarise the implications of these new provisions and opportunities for organisations to not only adapt but build lasting resilience amid regulatory change.

Important changes in the 2024 Code

Organisations are now required to align governance practices more closely with their own strategic objectives, to go beyond solely meeting requirements to developing a more holistic and integrated approach to corporate governance, risk management, and internal control.

The updates to the Code reinforce the need for greater accountability, transparency, and resilience among corporate operations, driven by recent corporate failures, economic uncertainty, and evolving stakeholder expectations. The most significant amendments to the Code include the following:

  1. Provision 29 – Declaration of control effectiveness: Unlike other new requirements that went into effect 1 January 2025, Provision 29 will affect financial years beginning 1 January 2026. Boards must include a declaration in their annual reports regarding the effectiveness of material controls at the balance sheet date. Material controls refer to those critical to the organisation's ability to achieve its objectives, encompassing financial, operational, compliance, and reporting controls. Boards must also disclose deficiencies and outline remedial actions, instilling confidence in stakeholders regarding risk management and governance.
  2. Outcomes-based reporting: Boards are encouraged to demonstrate how their decisions support long-term strategic objectives and contribute to the company's overall performance. This reporting style ensures that governance is not just a compliance exercise but a meaningful contributor to value creation.
  3. Risk management and viability testing: Boards are tasked with conducting rigorous evaluations of both emerging and principal risks, including stress and viability testing, to assess long-term prospects. Emerging risks refer to new or evolving threats that may not yet be fully understood but could have a significant impact on the organisation if not monitored — such as cybersecurity threats from AI-driven attacks or regulatory changes affecting industry operations. Principal risks, on the other hand, are well-established threats that are already recognised as having the potential to affect business performance — such as supply chain disruptions, financial risks, or legal and compliance risks.
  4. Integration of broader control frameworks: Companies must now ensure a robust governance structure that goes beyond financial controls to encompass operational and compliance systems. Adjusting to this broader framework may involve investments in new technologies, workforce training, and process improvements.
  5. Diversity and inclusion policies: The Code promotes actionable diversity policies tailored to the organisation's context. Companies are encouraged to develop frameworks for integrating diversity into recruitment and decision-making while defining success metrics to measure progress effectively.

Anticipating future enhancements to governance regulation

The UK government has outlined additional measures to strengthen corporate governance further, including:

  • A new accounting regulator the Auditing, Reporting, and Governance Authority (ARGA) — which will replace the Financial Reporting Council (FRC) and provide enhanced oversight and enforcement powers.
  • Stronger stress and viability testing rules to improve resilience against economic uncertainties.
  • Scope expansion to include large private enterprises, ensuring accountability extends beyond publicly-listed companies.

These recommendations were endorsed in the King's Speech on 17 July 2024, signalling the need for legislative approval through a new Audit Reform and Corporate Governance Bill. These changes reflect an ongoing commitment to restoring trust in corporate governance and enhancing protections for stakeholders.

Challenges in adapting corporate governance strategies

Considering the new provisions under the 2024 Code, organisations may face the following challenges when adapting their corporate governance strategies:

  • Identifying what constitutes "material" controls can be complex, as it requires organisations to tailor assessments to their unique risks and circumstances. This adjustment often necessitates investments in technology and the redesign of internal frameworks.
  • Establishing reliable metrics and systems to track and report outcomes effectively is often challenging, as this requires integrating strategic goals into governance processes.
  • Developing comprehensive risk management frameworks and advanced stress testing models may require significant investments in expertise and technology, particularly for smaller or less mature organisations.
  • Cultivating a governance structure that goes beyond financial controls to encompass operational and compliance systems can be resource-intensive, requiring organisations to balance immediate costs with long-term benefits.
  • Creating and embedding meaningful diversity policies can be challenging. It requires thoughtful consideration, commitment, and ongoing effort aligned with other strategic goals.

Building a resilient risk framework: Strategies for adapting to new provisions

Organisations can adopt the following strategies to adapt to the new requirements and strengthen their broader approach to corporate governance:

  1. Control environment review: Evaluate leadership's role in promoting ethical behaviour, accountability, and effective governance, ensuring alignment with the updated Code.
  2. Risk assessment: Conduct thorough identification, evaluation, and mitigation of risks to support strategic objectives while ensuring governance compliance. Addressing risks associated with new provisions to the Code should not be a siloed effort, but rather integrated into an organisation’s broader risk management approach.
  3. Design and controls testing: Evaluate the design and operational effectiveness of internal controls through walkthroughs, policy reviews, and testing to ensure alignment with the company's risk mitigation strategy.
  4. Information and communication assessment: Assess the adequacy of the information systems supporting the internal control framework by evaluating data entry processes, validation procedures, and reporting formats to ensure information reliability and enhance control monitoring.

Marsh is uniquely equipped to help organisations adapt to the revised Code and strengthen their governance frameworks with tailored risk recommendations, testing, and ongoing advisory support. Engaging with governance experts can help organisations enhance resilience, foster stakeholder trust, and confidently navigate the challenges of the evolving regulatory landscape.

For more information on the above, please contact your Marsh advisor.

Our people

Cihan Yildirim

Cihan Yildirim

Managing Consultant – Controls Assurance, Marsh Advisory

  • United Kingdom

Related insights

young family on a road trip

Article

Transforming fleet risk management

26/02/2025
Key trends speakers

Article

Key trends facing UK business in 2025

14/02/2025
Retail Warehouse full of Shelves with Goods in Cardboard Boxes, Workers Scan and Sort Packages, Move Inventory with Pallet Trucks and Forklifts. Product Distribution Delivery Center.

Article

Anticipating trade uncertainty with supply chain resilience

05/02/2025
Placeholder Image

Article

EU Digital strategy

07/01/2025
View more