Director
If you are a registered provider of social housing, a number of key questions should be at the front of your mind when it comes to regulation and governance.
How can we ensure we are compliant? How can we avoid being deemed non-compliant? And how can we properly address issues which might be of concern to the regulator?
Since the introduction of In-Depth Assessments in 2015, we have definitely seen an enhanced approach from the regulator. It has poor governance in its sights and has been clear about its intention to deal with issues both at the individual and sector level.
Providers which have fallen short of the expected standards have found themselves regraded from a G1 to G2 rating or, in the worst cases, downgraded to G3 (non-compliant) status.
Not all providers which have been downgraded share the same characteristics – however currently there is an over representation among RPs which operate a lease-based model. Complex group structures and diversification into risky and more complex activity can also cause difficulties. But this does not mean that traditional providers can take assurance from a simpler model of business.
The truth is there is no magic formula to work out which organisation might be more at risk than another. It requires careful and bespoke analysis of each provider to identify weaknesses and address these with robust solutions.
Often, one specific issue might emerge which then proves to be an indicator of wider systemic problems.
Examples might include failures in processes or controls – such as around asset related health and safety compliance. A failure to properly understand the risks around non-core activity is another. Shortcomings in stress testing and associated resilience planning also crop up time and time again.
At the heart of many governance failures is often a loss of focus on an organisation’s core purpose and values. It’s important to pay particular attention to this when setting out to do something new. Never forget your constitution and question everything you do against the markers it has put in place.
Much also comes down to having the right structure in place, with a clearly agreed purpose and a sound approach to risk management and mitigation. Robust assurance and a critical and comprehensive review of your internal audit report outcomes is also crucial. And finally, you should expect and maintain the highest standards of conduct and probity from executives and non-executives at all times. Never forget you operate in a regulated sector and good standards are the glue which holds everything together.
There is a lot more detail to work through for each provider based on their own unique circumstances – but these basics should prove a good starting point for ensuring you retain that coveted G1 status.