Common governance reporting pitfalls (and fixes)

Common governance reporting pitfalls (and fixes): the ultimate guide to ensuring your organisation is prepared for as the burden of reporting gets bigger. 

Reporting has always been one of the core responsibilities in the governance landscape, but as you may know already, regulators consistently seek tougher standards. Historically, they haven’t been happy with how common the “tick-box” approach has become. Because of that, they’ve tried as far as possible to move away from compliance that’s only on paper. Now, they’re far more focused on demonstration. They want reporting to show how their rulebooks are followed in practice. What’s working? What’s not? What’s being done to fill the gaps? 

It’s a change that’s also fuelled by stakeholder engagement. Groups like investors also want to see more transparency, and so failing to evolve beyond generic disclosures in your reporting now carries significant risks, including reputational erosion, shareholder dissent, and regulatory sanction.

In this guide, we’re going to unpack the most common reporting pitfalls and give a framework for transforming them into strategic assets.

One of the most persistent issues in modern reporting is “boilerplate fatigue”. In a governance context, this refers to reporting where the subject matter is dealt with in repetitive, overly jargonistic language, making it obvious to stakeholders that the report fails to offer meaningful impact assessments. In other words, the reports describe the structures, but offer few insights into how effective they are. 

Many organisations continue to use this approach. It reduces their reports to generic documents which could be about any company, and which often look promotional or CV-like rather than what they’re meant to be: statements of capability. 

As an organisation which continues to be at the forefront of innovative governance rules, the UK’s Financial Reporting Council (FRC) has explicitly critiqued reports that list board activities without explaining further. For example, stating that the board “reviewed the risk register” without going into detail about key findings, outcomes, and decision-making rationale that followed. 

This is now a huge pitfall in governance reporting; outcomes-based conclusions are simply not as common as they need to be. 

While it might have gotten companies across the line fifteen or twenty years ago, it’s not enough anymore. Today’s top reports go heavy on the “less telling, more showing” approach. It doesn’t necessarily mean more details to the point of being overwhelming; it just means targeted explanations for the board’s role in crucial decisions like crisis response or strategy shifts. 

In this day and age, substance is everything.

For the longest time, corporate culture was viewed as a “soft” topic that started and ended with HR. That view doesn’t really stack up when you consider the impact culture ends up having on organisational fortunes. Think about it: the number of corporate scandals where culture ended up being the main story, because it underlined every other thing that went wrong. Boeing, FTX, the UK Post Office, the list goes on. 

Most companies with good governance will certainly have no problem saying what their goals for culture are. However, many will have problems putting them into practice. This “say-do” gap gets exposed in reporting more easily than ever before. 

Documents which praise “purpose-driven culture” while simultaneously disclosing significant control deficiencies will make it clear as day that ideals don’t translate to action. Investors and regulators are increasingly sophisticated in spotting this too; they know the value of metrics like workforce engagement scores, especially when compared with others like whistleblowing statistics and internal audit findings.

The solution is in the framing: You’ve got to treat culture as a critical component of your internal control reporting because, in truth, that’s where it should be in reality. 

Admittedly, culture is sometimes harder to measure from a goal-setting and reporting perspective, but there are tried and tested ways of doing it. Concentrate on things like turnover rates and whistleblowing substantiation, alongside qualitative narrative. When failures occur, boards should provide a root cause analysis to explain whether cultural factors contributed (they usually do somewhere along the line).

A frequent failure in corporate reporting is the lack of alignment between what a company wants to do, what might stand in the way of that, and how leaders are incentivised to achieve the goals. This is the crossover between strategy, risk and pay, and many companies simply won’t both to link them as strongly as required. 

Here’s an example: a company emphasises long-term sustainability as part of its strategic report. However, its remuneration report will reward only short-term targets with no weighting on sustainability/ESG metrics. The problem isn’t the goals – every company will decide on their own with careful reasoning – the problem is that the goals don’t see follow-through, and the reports show it. 

Ultimately, you need a golden thread linking strategy, risk and pay together. It ensures that every priority has some concrete foundations: risk to contextualise it, controls to mitigate the risk, and performance metrics to reward completion. This creates a seamless narrative of value creation

It’s a no-brainer that stakeholders want to know what your company’s risks are, but a major reporting downfall is stopping there. 

Your ultimate goal should always be to explain the specific impact of each risk on your business model. This is what provides information that’s crucial in decision-making. 

In all cases, your reports should clearly state the cause, the business impact, and the specific preventative and detective controls in place.

It’s a common belief among directors to think it’s enough to simply describe structures and practices in your governance reporting. While that’s essential, it’s not the full picture. The other half of your equation is assessing those structures and practices. 

This is what modern reporting depends on, and you’ll see this running through all of the themes above. For the modern board, it’s essential to appreciate this principle and apply it from the beginning to the end of the reporting cycle.

• UK Corporate Governance Code 2024 – Financial Reporting Council
• Corporate governance reporting under spotlight in FRC review – ICAEW.com
• Provision 29: A practical guide to board declarations on internal controls – Diligent
• ANNUAL PERFORMANCE REPORT – Severn Trent Water
• Halma ARA24 Corporate Governance – Halma plc
• Review of corporate governance reporting – KPMG International
• S.172 Statements – Marks & Spencer – M&S
• 2025 was a record year for shareholder activism | Barclays IB