Beyond the Labour Law Comfort Zone
As labour law specialists, we often notice that HR and IR colleagues have a firm grasp of employment legislation but may be less familiar with broader corporate governance requirements that significantly impact their roles. This regulatory ecosystem extends far beyond traditional HR territory but increasingly requires HR expertise to navigate effectively. Corporate governance in South Africa is regulated through a complex web of legislation and guidelines designed to ensure ethical business practices, transparency, and accountability. While certain departments may “own” specific regulations, their implementation almost always has people implications that fall squarely within HR’s domain.1. Companies Act 71 of 2008
The Companies Act establishes the foundation for corporate governance in South Africa, covering:
- Director duties and liabilities
- Board composition and functioning
- Shareholder rights and responsibilities
- Business rescue proceedings
- Financial reporting and disclosure
HR implications: The Act places significant personal liability on directors, creating important considerations for executive employment contracts, directors and officers insurance, and performance management systems. HR must also implement whistleblowing mechanisms required under Section 159, which protects employees who disclose irregularities.
2. Financial Intelligence Centre Act 38 of 2001 (FICA)
FICA establishes measures to combat money laundering and terrorist financing. Under Section 42A, the board or senior management must ensure compliance with:
- Customer identification requirements
- Record-keeping obligations
- Suspicious transaction reporting
- Risk management and compliance programmes
HR implications: Section 43 specifically mandates employee training programmes, while Section 42A(2) requires establishing compliance functions with competent and senior staff—directly affecting organizational design, job descriptions, and performance management.
3. Protection of Personal Information Act 4 of 2013 (POPIA)
POPIA regulates the processing of personal information and applies to virtually all organizations. It requires:
- Appointing an Information Officer
- Developing and implementing a compliance framework
- Conducting impact assessments
- Securing personal information
HR implications: HR departments process significant volumes of personal information and must redesign their processes to comply. HR also typically supports the Information Officer role and must train all employees on POPIA requirements.
4. King IV Code on Corporate Governance
While not legislation, the King IV Code provides principles and recommended practices for effective corporate governance and has become the de facto standard. It emphasizes:
- Ethical leadership
- Stakeholder inclusivity
- Integrated reporting
- Risk governance
- IT governance
HR implications: King IV contains specific recommendations on remuneration governance (Principle 14), performance evaluation processes, and organizational ethics management—all core HR responsibilities.
The Governance-HR Intersection: Key Responsibility Areas
When these governance frameworks intersect with HR responsibilities, several critical areas emerge.
- Executive Accountability and Performance Management
HR actions required:
- Incorporate governance responsibilities into executive job descriptions
- Design performance frameworks that include compliance metrics
- Implement board and executive evaluation processes
- Establish appropriate consequence management approaches
- Organizational Design for Compliance Functions
HR actions required:
- Design organizational structures that incorporate required compliance functions
- Develop job profiles with appropriate authority and independence
- Create reporting lines that support effective governance
- Ensure appropriate grading and remuneration for compliance roles
- Training and Development for Governance
HR actions required:
- Develop comprehensive governance training programs
- Integrate compliance training into onboarding processes
- Create specialized learning paths for high-risk roles
- Track and document training completion for regulatory evidence
- Whistleblower Protection and Ethical Culture
HR actions required:
- Develop comprehensive whistleblowing policies
- Implement anonymous reporting mechanisms
- Train managers on handling protected disclosures
- Design performance systems that reward ethical conduct
The Consequences of Non-Compliance
The penalties for governance failures extend beyond organizational fines to significant personal consequences:
- Personal Liability
- Directors can be personally liable under the Companies Act
- FICA allows penalties up to R10 million for natural persons
- POPIA creates criminal liability for Information Officers
- Competition Act violations can result in personal imprisonment
- Administrative Sanctions
- Financial sector regulators can impose restrictions on business activities
- B-BBEE verification agencies can downgrade ratings
- Regulatory bodies can issue public censures affecting reputation
- Licenses and authorizations can be suspended or revoked
- Employment Consequences
- Executives can face termination for failure to ensure compliance
- Regulatory findings can affect “fit and proper” status for certain roles
- Non-compliance can trigger malus and clawback provisions in remuneration
- Professional bodies may impose sanctions affecting employability