On 13 November 2025, the FRC published its Annual Review of Corporate Governance Reporting, setting out key findings from an analysis of how a sample of 100 FTSE 350 and Small Cap companies (sample companies) reported in 2025 against the UK Corporate Governance Code 2018 (UKCG Code 2018) (FRC Press Release). The review, which is the FRC's final assessment of corporate governance reporting against the UKCG Code 2018, highlights examples of good practice and identifies certain areas for improvement. Going forward, annual reports will be reviewed against the updated UKCG Code 2024, which applies to financial years beginning on or after 1 January 2025 (see FC Feature 22 January 2024).
A key finding of the review was that companies reporting departures from UKCG Code provisions are increasingly providing clear, meaningful and context-specific explanations for their approach. The FRC sees this flexibility as a core strength of the UKCG Code, enabling companies to tailor their governance arrangements to their individual circumstances while maintaining transparency and confidence.
Other significant findings include those set out below.
- Code compliance – 25 sample companies disclosed a departure from at least one provision of the UKCG Code 2018 this year, with the most common relating to audit committee composition, chair independence and tenure. However, many organisations demonstrated good practice by providing comprehensive explanations that outlined their reasoning and described alternative governance arrangements in place.
- Provision 29 – the review examined preparations for the implementation of Provision 29 UKCG Code 2024, which comes into force for financial years starting on or after 1 January 2026 (see UKCG Code 2024: audit, risk and internal control, Q&A here). More than half of the sample companies mentioned the new provision, with many providing details of their preparation activities. Examples of good reporting in this regard are included in the review.
- Stakeholder engagement – this year, the FRC has reviewed the length of stakeholder engagement sections of annual reports and identified opportunities to reduce reporting. Companies are encouraged to assess the volume and relevance of their disclosure in this and other areas. In many cases, the FRC found boilerplate language, repetitive content and generic statements that added little value.
- Cyber risk – 66% of sample companies highlighted board-level oversight of cyber risks, which the FRC sees as an encouraging sign amid increasingly sophisticated threats from cyber criminals and state actors. 85% of sample companies included cyber security as a principal risk and a further 12% outlined it within their principal operational risks.
Alongside the review, the FRC has published a series of Podcasts to support companies in strengthening their reporting across areas covered by the UKCG Code 2024.
First published on the Corporate News Service on 13 November 2025
To view our previous blogs, please visit our blog home page.
Want to view more content like this? Or view our previous features? Sign up for a free trial of our service.