ARTICLE
4 July 2025

COSO's New Corporate Governance Framework: A Strategic Approach To Modern Governance

Boege Rohde Luebbehuesen

Contributor

Boege Rohde Luebbehuesen logo
BRL is an internationally oriented partnership of lawyers, auditors and tax consultants that was founded in 2006. Today, we have around 400 employees at eight offices in Hamburg, Berlin, Bochum, Hanover, Dortmund, Essen, Munich and Bielefeld. Through Moore BRL GmbH, BRL is a network partner of Moore Global in Germany, a global network of independent audit and accounting firms. BRL is therefore ideally positioned to provide reliable and efficient solutions for cross-border issues in the areas of Tax, Legal, Insolvency & Restructuring as well as Risk Advisory Services (RAS). The fully dedicated RAS Team at BRL Risk Consulting is dedicated to a professional service offering with regards to Corporate Governance, Risk Management, Compliance, Internal Audit, Internal Controls (SOX), ESG, IT, Cyber Security and Data Science & Artificial Intelligence.
Explore Firm Details
The Committee of Sponsoring Organizations of the Treadway Commission (COSO), in collaboration with the National Association of Corporate Directors (NACD), released an exposure draft of the Corporate Governance Framework (CGF) on May 27, 2025.
Germany Corporate/Commercial Law
Oliver Bungartz and Pawel Kogan
Your Author LinkedIn Connections

The Committee of Sponsoring Organizations of the Treadway Commission (COSO), in collaboration with the National Association of Corporate Directors (NACD), released an exposure draft of the Corporate Governance Framework (CGF) on May 27, 2025. This comprehensive framework represents a fundamental shift from reactive, crisis-driven governance improvements to a proactive, strategic approach that addresses the interconnected nature of modern business challenges. The Goal of the CGF was to develop a recognized and respected governance framework that complements and aligns with existing COSO Internal Control-Integrated Framework (ICIF) and Enterprise Risk Management (ERM) Framework.

The publication of this draft marks a significant development in the field of corporate governance. For the first time, a single framework offers an integrated, principle-based foundation that aligns and connects existing best practices from across the governance landscape. With its broad applicability and structured yet flexible design, the COSO CGF has the potential to become a globally recognized reference point for organizations of all sizes and sectors.

The following content is a summary from the COSO CGF draft and highlights most important points and structure of the draft:

Moving Beyond Crisis-Driven Governance

Historically, significant governance improvements have emerged primarily in response to major crises and corporate implosions. Organizations have waited for scandals or disasters before implementing meaningful reforms – an approach no longer sustainable in today's rapidly evolving business environment.

This reactive pattern created a cycle where governance improvements are emergency measures rather than strategic initiatives. From Sarbanes-Oxley (SOX) following Enron to banking regulations after 2008, governance frameworks have been responses to failures rather than proactive prevention measures.

Currently, various governance approaches exist but address specific fragments rather than providing comprehensive coverage. This fragmentation spans SOX requirements, NYSE regulations, and other COSO standards. These frameworks focus on particular aspects but lack cohesive integration, creating a patchwork approach with multiple, sometimes conflicting requirements without unified strategic direction.

Definition of Corporate Governance

Corporate governance is defined broadly by COSO as the processes and oversight through which informed boards and management teams guide an organization toward achieving its strategic goals ethically and within legal boundaries. Governance transcends mere compliance: it actively shapes strategy, transparency, accountability, and organizational resilience.

Effective governance means clearly defining roles, responsibilities, and authority, ensuring reliable information flows, and fostering an ethical culture. Governance also extends beyond compliance, becoming a strategic tool that drives decision-making aligned with long-term value creation and stakeholder interests.

Purpose and Nature of the Framework

The COSO CGF is created as a dynamic, adaptable, principles-based framework rather than a rigid checklist. It supports tailoring governance practices based on an organization's size, complexity, industry, and regulatory context. While primarily designed for U.S. public companies, the framework's principles are broadly applicable to private entities and global organizations.

The framework promotes understanding governance as an interconnected system, integrating various organizational processes rather than treating them as separate compliance tasks.

This approach ensures governance practices evolve with organizational needs and external circumstances. By providing a flexible yet structured guide, the COSO CGF helps organizations foster continuous governance, improvement and integration, enhancing strategic and operational decision-making.

A Holistic and Integrated Approach Driving Effective Corporate Governance

According to COSO and NACD several critical factors drove this framework's development:

  • Governance as Competitive Advantage: Organizations increasingly recognize effective governance as a strategic differentiator rather than compliance requirement. Research demonstrates governance practices directly link to strategic success and provide competitive advantages in capital markets, talent acquisition, and market positioning.
  • Holistic Risk Management: Current frameworks focus on isolated risk categories—financial, operational, cyber, or regulatory. This framework acknowledges that modern risks are interconnected. Economic uncertainties, cyber threats, regulatory changes, and geopolitical conflicts must be managed collectively rather than separately.
  • Expanded Stakeholder Focus: Traditional frameworks primarily address shareholder interests, but this framework recognizes broader stakeholder ecosystems including boards, executive management, shareholders, employees, customers, suppliers, communities, and regulators.
  • Integrated Approach: Rather than reactive solutions to isolated issues, this provides comprehensive, proactive perspective ensuring systematic governance coverage while maintaining strategic focus.

Structural Overview

COSO's CGF is visually represented as a circular model emphasizing governance's continuous and holistic nature. At its core lies the concept of Long-Term Value, underscoring that sustained value creation is both the purpose and foundation of effective governance:

Fig. 1: COSO´s Corporate Governance Framework

1646130a.jpg

Source: COSO and NACD: Corporate Governance Framework – Public Exposure Draft. May 2025, p. xiii.

Surrounding this area are four key stakeholder groups:

  • Board
  • Executive Management
  • Shareholders
  • Other Stakeholders (such as employees, communities, customers)

Each stakeholder group interacts with governance practices uniquely, with boards and management actively guiding governance, while shareholders and other stakeholders indirectly influence through feedback and engagement.

The Six Core Components

Encircling these stakeholders are six interlinked and equally critical components: Oversight, Strategy, Culture, People, Communication, and Resilience. Together, these elements ensure a cohesive, integrated governance approach focused on long-term sustainability and adaptability:

Fig. 2: The Six Core Components and related Principles of CGF

1646130b.jpg

Source: Adapted from COSO and NACD: Corporate Governance Framework – Public Exposure Draft. May 2025, p. xiv.

  • Oversight: Establishes fundamental governance structures providing strategic direction and organizational oversight. Encompasses board and senior management roles in ensuring effective governance practices, establishing accountability mechanisms, and maintaining appropriate oversight of activities while enabling effective decision-making.
  • Strategy: Addresses how governance supports strategic planning, execution, and performance monitoring. Emphasizes integrating governance into strategic decision-making processes, ensuring frameworks enable rather than hinder strategic objectives and value creation while providing oversight of strategic risks and opportunities.
  • Culture: Recognizes organizational culture as fundamental to governance effectiveness. Culture shapes thinking, decision-making, and behavior throughout organizations. Addresses establishing culture supporting ethical behavior, transparency, accountability, and risk management while aligning with organizational values and strategic objectives.
  • People: Focuses on human capital management within governance context. Effective governance depends on right people with appropriate capabilities in key positions. Addresses leadership development, succession planning, performance management, and competencies required for governance excellence throughout the organization.
  • Communication: Communication emphasizes the quality and clarity of information flows, both internally and externally. This component ensures accurate, timely, and transparent communication with stakeholders, supporting informed decision-making. Effective governance communication fosters trust engages stakeholders actively, and ensures transparency in reporting and disclosures.
  • Resilience: Resilience pertains to risk management, adaptability, and crisis preparedness. Organizations must proactively identify and manage risks, maintain robust internal controls, ensure compliance, and plan effectively for disruptions. The Resilience component ensures that organizations are prepared to respond to shocks such as cyber incidents, supply chain disruptions, or leadership transitions, thereby sustaining performance and safeguarding long-term value.

Integration with Existing Frameworks

The CGF complements and aligns with COSO's existing Internal Control-Integrated Framework (ICIF) and Enterprise Risk Management (ERM) Framework plus other established standards. Rather than replacing existing frameworks, it provides overarching governance structure integrating with and enhancing their effectiveness. Governance provides the overarching direction and oversight that enables both ICIF and ERM frameworks to function effectively, reinforcing and integrating them rather than duplicating their purpose.

This approach recognizes organizations have invested significantly in existing frameworks and need governance structure building upon rather than replacing current capabilities. The CGF incorporates global leading practices helping organizations enhance governance effectiveness, manage risks proactively, and create sustainable value while leveraging existing investments.

Conclusion

COSO's CGF represents significant advancement in governance thinking, moving organizations beyond fragmented, compliance-focused approaches toward comprehensive, strategic perspectives. By recognizing interconnected governance challenges, this framework provides essential tools for establishing effective governance practices tailored to organizational needs.

As organizations face complex challenges and evolving stakeholder expectations, this framework offers strategic roadmaps for building governance capabilities creating competitive advantage, enhancing resilience, and driving sustainable value creation. The framework's adaptability ensures organizations of all sizes benefit while maintaining necessary flexibility.

As this is currently a public exposure draft, governance professionals are encouraged to review the framework and provide feedback to COSO. This collaborative phase presents a valuable opportunity to help shape what could become a leading governance standard for the years ahead. One that unifies diverse expectations and advances the maturity, clarity, and accountability of governance across industries and geographies.

COSO CGF has – according to our opinion – the potential to serve as a global benchmark for corporate governance, providing organizations worldwide with a common reference point for assessing and enhancing their governance structures. Such a global standard enables greater comparability and transparency across jurisdictions and industries. COSO has already demonstrated the success of this approach with its established frameworks for internal control (ICIF) and risk management (ERM). A similar impact is now anticipated for corporate governance through the CGF, fostering consistent governance practices and raising the bar globally.

Source: COSO and NACD: Corporate Governance Framework – Public Exposure Draft. May 2025.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Photo of Oliver Bungartz
Oliver Bungartz
Person photo placeholder
Pawel Kogan
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More