Legal development

Ashurst Governance & Compliance Update – Issue 74

By Will Chalk

18 November 2025

Share Share
spiral background
Share

    Narrative and Financial Reporting

    1. FRC publishes Annual Review of Corporate Governance Reporting 2025

    The Financial Reporting Council has published its Annual Review of Corporate Governance Reporting in which it analyses how a sample of 100 FTSE 350 and Small Cap companies reported in 2025 against the 2018 iteration of the UK Corporate Governance Code (2018 Code), highlighting examples of good practice and identifying areas for improvement. The review follows the publication of the FRC's Annual Review of Corporate Reporting in September (see AGC Update, Issue 71 – Item 8). For ease of reference, the FRC's Annual Review of Corporate Governance Reporting in 2024 can be found here.

    Key findings

    The FRC believes that there have been many positive developments over the past five years, including increasingly clear and transparent reporting in areas such as company purpose, culture and values, shareholder and stakeholder engagement, and diversity and inclusion. It finds that companies are moving towards more outcomes-based reporting, focusing less on the inclusion of lengthy policies and more on describing the actions taken during a given year, and the impact those actions have had.

    The FRC also believes that there needs to be greater focus on ensuring annual reports are as concise as possible. Companies are encouraged to assess the volume and relevance of their disclosures, streamlining the content to the most material strategic and governance considerations while removing boilerplate language, repetitive content and generic statements which add little value.

    Areas which the FRC suggest should be considered in this context are:

    • Focusing on board actions and outcomes: For meaningful governance reporting, annual reports should focus on board actions, cutting down reporting on matters where there is no board involvement.
    • Avoiding narrative without purpose: Before including any content, reporting teams should consider whether the information is necessary and whether any group of readers would find it useful. If the answer is unclear, it may be worth removing or refining the content.
    • Eliminating boilerplate language: Companies should avoid generic statements that offer little or no insight, such as: “People are central to our success”. While well-intentioned, the FRC suggests that these phrases are often repeated by many companies and do not reflect tangible actions or outcomes.
    • Avoiding duplication: Disclosures in some areas, for example, stakeholder engagement or risk management, are frequently dispersed across multiple sections of the annual report, resulting in duplication and fragmented narratives. Consolidating related content or using appropriate cross-referencing can significantly enhance coherence and improve readability.
    • Minimising regulatory repetition: The FRC observes that some reports reiterate language from the 2018 Code or other regulation or guidance without offering context or practical insight. Rather than verbatim repetition, companies should focus on demonstrating how the principles are applied in practice.

    Code compliance

    A key finding of the review was that companies reporting departures from 2018 Code provisions are increasingly providing clear, meaningful and context-specific explanations for their approach. The FRC sees this flexibility as a core strength of the Code, enabling companies to tailor their governance arrangements to suit their individual circumstances while maintaining transparency and confidence.

    This year’s analysis continues to show a broadly consistent approach to reporting compared to last year, with many companies offering high-level commentary under the relevant sections of the 2018 Code, often supported by signposts to other parts of the annual report where further detail is provided. The FRC see this as an effective way to communicate governance practices without adding unnecessary length.

    Specifically, the FRC continues to highlight the value of including a dedicated statement that confirms whether all principles of the 2018 Code have been applied and the extent that individual provisions have been followed. This approach not only enhances users’ understanding of how companies interpret and implement the Code, but also aids concise reporting, contributing to greater transparency and insight, which supports informed stakeholder engagement.

    25 companies in the sample disclosed a departure from at least one provision of the 2018 Code, with the most common relating to audit committee composition, chair independence and tenure. The FRC felt that many organisations demonstrated good practice by providing comprehensive explanations that outlined their reasoning for a departure and described alternative governance arrangements in place.

    Key FRC messages in specific areas of corporate reporting are as follows:

    • Corporate culture:

    The FRC's view is that an explanation of how directors promote the desired culture does not need to add unnecessary length to the annual report. Instead, the FRC suggests that reporters could consider the ways their directors already engage with their workforce and other stakeholders to understand the current company culture and how they model the behaviours that reflect the company’s values.

    • Stakeholder engagement: 

    The FRC believes that reporting on shareholder activities carried out and outcomes achieved provides greater clarity for readers on the work undertaken by the board during the year rather than simply listing the existing policies and procedures.

    Reporting on board engagement with shareholders, including outside of formal general meetings, provides insight into the board’s ongoing dialogue with investors and how their perspectives inform decision-making.

    To comply with provision 5, annual reports should include relevant information on how all section 172, Companies Act 2006 factors were considered by the board, not just those relating to stakeholder interests.

    • Reporting on outcomes: 

    Effective reporting should show how stakeholder considerations have influenced board discussions and decision-making, and whether any tangible actions were taken as a result.

    Even where outcomes are reported, the FRC notes that they typically reflect operational responses by management or other teams, such as reacting to customer reviews or complaints, without any indication of board involvement. The intent of the 2018 Code is to promote stakeholder consideration by the board, therefore, outcomes-focused reporting should concentrate on actions that stem directly from board engagement or consideration.

    • Director time commitments: 

    While the majority of companies in the sample provided some explanation of how they assess directors’ time commitments, the FRC believes that annual reports could be made more informative if companies disclosed the specific factors they consider during this evaluation, therefore moving away from a purely numerical approach to overboarding.

    The FRC does not not believe a prescriptive or ‘one size fits all’ approach to the issue of overboarding is appropriate. The suitability of a director’s external commitments should be evaluated on a case-by-case basis, considering the nature, scope and time demands of each role, as well as the individual director’s capacity to manage their responsibilities effectively.

    • Role of the SID: 

    The FRC encourages companies to provide company-specific and time-relevant information on the role of the SID and to explain the activities of the SID during the year.

    • Diversity: 

    The approach to diversity and inclusion reporting across the sample was seen as consistent with previous years: companies report on the value diversity has in the workplace, with some outcomes-based reporting on initiatives and actions taken to ensure the reporting is meaningful.

    • Audit Quality Reviews and interactions with the FRC's Corporate Reporting Review team: 

    Overall, the number of entities disclosing AQR results, and the quality of that disclosure, continues to increase. The FRC believes that there remains room for improvement within disclosures particularly when it comes to including the scope of the review and how findings were addressed. Audit committees are asked to remember that their work, and that of the FRC, is to support improvements in audit quality and therefore effective use of regulator reporting is important.

    The FRC reminds reporting teams that disclosure of interactions with the FRC’s CRR team provides valuable transparency to investors with the appropriate length and detail of the disclosure depending on the nature of the interaction.

    • Provision 29 of the 2024 Code: 

    The review examines preparations for the implementation of Provision 29 of the 2024 iteration of the UK Corporate Governance Code (2024 Code), which comes into force for financial years starting on or after 1 January 2026. More than half of the sample companies mentioned the forthcoming provision, with many providing details of their preparation activities. Examples of good reporting are included in the review.

    • Cyber risk and AI governance: 

    66% of sample companies highlighted board-level oversight of cyber risks, which the FRC sees as an encouraging sign amid increasingly sophisticated threats from cyber criminals and state actors. 85% of sample companies included cyber security as a principal risk and a further 12% outlined it within their principal operational risks.

    AI governance is rapidly emerging, with 86% of companies mentioning AI, often providing detailed insights into governance arrangements.

    • Remuneration: 

    The FRC noted a trend of cautious use of discretion in amending variable awards, widely adopted but rarely invoked malus and clawback arrangements and a majority of companies having post- employment shareholding guidelines.

    Further information

    The FRC has also published a series of podcasts to support companies in strengthening their reporting across areas covered by the 2024 Code and will be holding a webinar on 20 November 2025 to discuss the findings of the review.

    In future, the FRC will undertake reviews against the 2024 Code which applies to financial years beginning on or after 1 January 2026.

    Economic Crime and Corporate Transparency

    2.  Companies House publishes guidance on non-compliance with mandatory verification requirements

    Companies House has published guidance on its approach to non-compliance with mandatory identity verification which commenced on 18 November 2025 – for a reminder of the requirements, see AGC Update, Issue 73 – Item 1. Companies House guidance states that its approach to enforcement includes:

    • Informing people of their obligations: Companies House will use a range of communication content and channels to inform its audience about how to comply with IDV requirements, including through its website and newsletters and by emailing and sending letters to companies.
    • Guiding people to comply: Companies House intends to 'nudge and guide' people to comply with IDV. Depending on the circumstances, if Companies House receives a representation, it may pause pursuit of non-compliance for a temporary period for up to two months.
    • Action against non-compliance: Companies House has three main routes for enforcement action: prosecution; referral to The Insolvency Service; and the imposition of financial penalties (which may be issued to the company or individual officer). Non-compliance is likely to be deemed serious and lead to prosecution if a person or company has committed three or more offences over a five year period.
    • Addressing fraud and criminal activity: Where there is evidence of aggravated, fraudulent or criminal offences, Companies House will use its strongest powers and work with law enforcement partners to deter, disrupt and ultimately convict criminals. 

    A range of other enforcement methods are available to Companies House, including directing a company to take or refrain from taking an action, annotating the register, issuing penalties to companies and PSCs, seeking a court order and disqualifying directors.

    Where cases are not selected for prosecution, directors (and equivalents) may still be committing an offence by continuing to act without IDV. In these circumstances, Companies House will send the company a letter outlining these offences and the need to comply.

    The Registrar notes that it has discretion to extend the identity verification due date for a PSC by up to 14 days. By extending the due date, the PSC does not fall into non-compliance, but instead remains compliant.

    Authors: Will Chalk, Partner; Shan Shori, Expertise Counsel; Becky Clissmann, Sustainability Counsel; John Papadakis, Counsel; Marianna Kennedy, Senior Associate

    If you would like to receive future Ashurst Governance & Compliance updates, please click here to sign up.

    The information provided is not intended to be a comprehensive review of all developments in the law and practice, or to cover all aspects of those referred to.
    Readers should take legal advice before applying it to specific issues or transactions.

    Key Contacts