You’re probably here because governance feels like a foggy mess of “oversight”, “accountability”, and meetings that somehow produce… more meetings.
The problem is simple: people mix up who decides, who executes, and who gets blamed when it goes wrong. That confusion is how risks slip through gaps and how junior professionals end up doing “governance admin” without understanding what it’s actually for.
This guide gives you a clean, role-by-role map (UK + US): what each role does, what it doesn’t do, and where accountability really sits. The goal is clarity, not theory.
Governance vs management: the distinction that fixes most confusion
Governance = direction, oversight, accountability.
Management = execution, operations, delivery.
In the UK, this split is explicit in the UK Corporate Governance Code, which states that the board is responsible for the long-term success of the company and for establishing purpose, strategy, and oversight.
If you remember one line, remember this:
The board owns the “what and why”. Management owns the “how and when”.
Most governance failures aren’t about bad intentions — they’re about blurred lines.
The roles and responsibilities in governance at a glance
| Role | What they do (accountable for) | What they don’t do | UK / US anchor |
|---|---|---|---|
| Board of Directors | Set direction, approve strategy, oversee risk and controls, appoint/remove CEO | Run daily operations, manage staff, execute controls | UK Corporate Governance Code |
| Chair | Lead the board, ensure effective challenge and decision-making | Act as CEO or manage the business | UK Code: division of responsibilities |
| CEO | Execute strategy, lead management, deliver performance | Override the board or govern themselves | Board/management separation |
| Company Secretary (UK) | Governance process, board support, compliance rhythm | Own governance decisions | UK governance practice |
| Audit Committee | Oversee financial reporting, audit, internal controls | Prepare accounts or perform audits | US: SOX / SEC rules |
| Internal Audit | Independent assurance and control testing | Design controls or run operations | NYSE / listing standards |
| Risk & Compliance | Frameworks, monitoring, advice, escalation | Own all risk or make business decisions | UK Code (risk & controls) |
| Remuneration Committee | Executive pay policy and outcomes | Run HR or payroll | FRC remuneration guidance |
| Nomination Committee | Board composition and succession | Recruit operational staff | UK governance guidance |
| Shareholders | Appoint directors, vote on key matters | Run the company | Companies Act / listing rules |
Board of Directors: where accountability ultimately lands
The board is responsible for the governance of the company — not the paperwork, but the outcomes.
In the UK, directors also have statutory duties under the Companies Act 2006. The most cited is section 172: the duty to promote the success of the company while having regard to employees, suppliers, community impact, and long-term consequences.
That doesn’t mean directors do everything. It means they are accountable for ensuring the right things are done.
What the board is not responsible for
- Running day-to-day operations
- Designing or executing controls
- Managing staff performance
- Fixing issues personally
Practical rule: if it needs weekly coordination, task lists, or line management, it’s management — not the board.
The Chair: governance effectiveness lives or dies here
The chair’s role is to make the board work: setting agendas, encouraging challenge, balancing voices, and ensuring decisions are made with the right information.
The UK Corporate Governance Code is explicit that the chair is responsible for leadership of the board and for ensuring its effectiveness.
Common junior mistake: assuming the chair “does governance”. In reality, the chair ensures others do governance properly.
CEO and executive management: execution with accountability
The CEO and executive team are responsible for execution:
- Turning strategy into plans and budgets
- Building systems and controls
- Managing risk day-to-day
- Reporting honestly to the board
They are accountable to the board, not equal to it.
This separation exists to prevent management from overseeing itself — a core governance failure pattern.
Company Secretary (UK): governance infrastructure, not authority
In UK practice, the company secretary is the governance enabler: board processes, minutes, compliance calendars, regulatory filings, and procedural advice.
They are critical — but they do not own governance outcomes.
The trap: organisations treat the company secretary as “the governance owner”, which quietly weakens accountability at board level.
Committees: depth without losing accountability
Committees exist to handle detail so the board can govern effectively. They do not replace the board.
Audit Committee (UK + US)
In the US, audit committees have explicit legal responsibility for the appointment, compensation, and oversight of the external auditor under securities law.
In the UK, audit, risk, and internal control oversight are core parts of the Corporate Governance Code.
What audit committees do not do:
- Prepare the financial statements
- Run finance
- Perform audits
Remuneration Committee
Sets executive pay policy and evaluates outcomes against performance and risk.
It does not manage HR operations or negotiate individual contracts.
Nomination Committee
Focuses on board composition, succession planning, and board evaluations — not operational hiring.
Internal Audit: assurance, not operations
Internal audit exists to provide independent assurance.
If internal audit designs controls, it loses independence. If it executes fixes, it audits itself.
That separation is intentional and fundamental to governance.
Risk and Compliance: guardrails, not ownership
Risk and compliance functions:
- Design frameworks and policies
- Monitor and report
- Advise and escalate
They do not own risk. Risk is owned by the business. Governance makes that ownership visible.
UK vs US governance: same goals, different mechanics
- UK: principles-based, “comply or explain”
- US: rules-based, enforced through law and listing standards
The outcome is similar. The evidence required to prove good governance is not.
Real-world accountability examples
Example 1: Control failure
- Management identifies and fixes the issue
- Internal audit tests effectiveness
- Audit committee challenges and oversees
- Board ensures governance adequacy
Example 2: Strategic restructuring
- Management builds options
- Board decides, considering long-term and stakeholder impacts
The fastest way to cut through governance confusion
- Who decides? → Board / committee
- Who executes? → Management
- Who assures? → Internal audit
If those answers aren’t clear, you don’t have a governance problem — you have an accountability gap.
Conclusion
Roles and responsibilities in governance only feel complex when accountability is blurred.
Once you see who decides, who executes, and who assures, governance stops being abstract and starts doing its real job: making responsibility unavoidable.