In April, after a year of public consultation, the Malaysian Securities Commission, Bursa Malaysia, published a new corporate governance code for listed firms.
The code provides for the application of three basic tenets: leadership and effectiveness of the board of directors; risk auditing and management; and information disclosure and contact with stakeholders.
The new code introduces the Comprehend, Apply and Report (CARE) approach so that companies: (i) understand the benefits and take responsibility for applying good corporate governance practices; (ii) identify the processes necessary for implementing good practices and reinforcing corporate governance culture in the organisation, and (iii) explain in detail how they have applied these practices.
The new code operates under the principle of “apply or explain”, instead of the better known “comply or explain” underpinning other codes such as those in Spain, Poland and Finland, The intention is for the principles to be applied and transform corporate culture in companies, rather than get them to merely comply with the letter of the code.
The document pursues 12 principal aims in applying the three tenets mentioned above:
Leadership and effectiveness of the Board of Directors
- Every company must be spearheaded by a Board that takes its leadership seriously and takes collective accountability for reaching its targets and goals.
The Board must set the entity’s strategic goals, ensure there are enough resources to achieve them and review senior management performance. It will be responsible for deciding on the corporate values and for making sure that shareholder and other stakeholder interests are taken into account.
The company secretary will support the Board in implementing good corporate governance practices and in adhering to the norms and procedures as defined.
The Chair of the Board will be responsible for implementing good practice in the company’s governance, leadership and effectiveness. The positions of Chair and CEO may not be held by the same person.
- There must be a division of responsibilities between the Board, its committees and senior management.
The Board must have by-laws providing for this separation of responsibilities and these must be reviewed regularly and posted on the company’s website. This regulation will specify the functions and duties of the organ of governance and its members, its management committee and senior management, as well as those issues and decisions that are reserved for board-level approval.
- The Board must promote and maintain good conduct in the organisation that is conducive to integrity, transparency and fairness.
To this end, it must adopt a code of conduct and ethics for the company, defining and putting in place policies and procedures for managing conflicts of interest, prevention of abuse of office, anticorruption, anti-money laundering, etc. This code will be posted on the company website.
Likewise, the Board must set up, review and adopt the company’s policies and procedures for whistleblowing.
- The Board must take decisions objectively in the best interests of the company, taking into consideration its members’ different perspectives and points of view.
At least half the Board members should be independent. In large companies, a majority of Board members should be independent.
An independent Director may remain on the board for a maximum of 9 years, after which (s)he may continue in the post as a non-independent Director. Nevertheless, if the Board wishes to retain the Director in his/her independent capacity beyond this 9-year period, this decision must be justified and submitted for annual approval to the company shareholders. After the twelfth year, the Board must submit this continuation for shareholder approval every year through a two-level process, which will be deemed successful if both groups of shareholders (majority and minority) vote the same way
Appointments of board directors and senior management should be based on objective criteria and take into account their experiences, abilities, age, culture and gender. On the issue of gender, every year the Board must publish its diversity policy, its targets on gender and how it intends to reach them. For large companies, at least 30% of Board directors should be female.
When identifying possible candidates, as well as using the internal support bodies or shareholder recommendations, the Board may be supported by independent sources who will put up the best qualified candidates for the position.
The Board Appointments Committee will take the lead on succession planning and appointing board members, the Chairman and the CEO; it will also manage the annual assessment of the board’s effectiveness, making sure that an individual assessment of each director is carried out independently. This Committee will be chaired by an independent director.
- Stakeholders should be able to know how effective the board and its members are.
To this end, the Board should conduct an annual assessment to determine its effectiveness, that of its members and its support committees, and should publish information as to how this has been done and the outcomes of this analysis. In large companies, this assessment should be conducted regularly by an independent expert to ensure that the process is objective.
- Directors’ pay
- Board members’ remuneration and that of senior management should factor in the company’s aim of attracting and retaining talent in order to achieve the company’s long-term goals. Remuneration policies should be approved using an independent and transparent procedure.
To set the remuneration of board members and senior management, the Board must adopt policies and procedures that take into account the company’s demands, complexity and performance, as well as the abilities and experience required to comply with its long-term goals. These policies and procedures should be in permanent review and made available on the company website.
The Board will be supported by a remunerations committee that will develop these policies and processes, composed of non-executive directors, a majority of whom should be independent.
- Stakeholders must be able to assess whether directors’ and senior management’s remuneration is proportionate to their individual performance, bearing in mind the company’s performance.
For this reason, the information published about remuneration must be broken down specifying the director’s name, and should include the salary, bonus, commissions, payments in kind and any other emolument. This information should also be published on the top 5 paid officers.
Auditing and risk management
- The company should be supported by an effective, independent audit committee.
The audit committee may not be chaired by the Chairperson of the Board and must be made up only of independent directors, who will have the necessary financial knowledge and skillsets to perform their functions and understand the issues that this support body would be expected to deal with.
The committee must have policies and procedures that can evaluate the suitability, objectivity and independence of the institution’s external auditor.
- Companies should take decisions about the level of risk-taking they wish to adopt and the Board must be sure that the necessary checks and balances are in place so that any adverse event or situation that might harm the company’s purpose can be mitigated and managed.
- Companies should have a framework for governance, risk management and internal control, whose effectiveness will be assessed by stakeholders.
The audit committee will have to ensure the effectiveness and independence of the internal control function. Furthermore, the Board should disclose information about:
- The objectivity and independence of staff in the internal audit area;
- The number of resources available in this area;
- The name and qualifications of the person responsible for the internal audit function; and
- Whether the internal audit function is conducted in accordance with a predefined framework.
Information disclosure and contact with stakeholders
- There should be continuous, effective, transparent and regular communication between the company and its stakeholders, which facilitates mutual understanding of their aims and expectations.
Stakeholders should be able to take informed decisions about the company’s business, its governance policies and social responsibility.
- Shareholders must participate in Annual General Meetings and have a close and effective relationship with the Board and senior management in order to be able to take well-informed decisions.
The Annual General Meeting should be called at least 28 days before the meeting. All the Board members should attend, and the Chairs of the support committees will reply to all the questions that shareholders ask them.
You may be interested in:
- Updated standards for financial institutions (Malaysia)
- Disclosure of information and corporate governance review of requirements (Malaysia)