Good corporate governance is one of the many topics that the MFSA has always harped on throughout the years. Following a consultation period earlier this year, on 05 August 2022 the MFSA published the Corporate Governance Code (the “Code”). The Code is applicable to all entities authorised by the Authority except for (i) listed entities falling within the scope of the Capital Market Rules and (ii) natural persons. Although the Code per se is considered as ‘soft law’, some mandatory provisions have been incorporated into the respective regulatory frameworks.
The Code provides a set of core principles which are aimed at enhancing the legal, institutional and regulatory framework for good governance in the Maltese Financial Services Sector. Each core principle is supplemented by supporting provisions for further guidance on how the core principles may be achieved. These principles are organised into 4 main sections, as follows:
a. The Effective Board
The MFSA highlights the importance of the responsibilities of the Board such as ensuring accountability, adequate oversight and monitoring, risk management, transparency, legal and regulatory compliance, strategy formulation and policy development. The supporting provisions provide a list of duties which the Board should assume on an ongoing basis. This pillar also sets out the standards which board members are expected to follow in order to remain fit for the role, such as inter alia the dedication of sufficient time, good understanding of the business and sector and acting with integrity.
The MFSA sets out principles relating to the structure and composition of the board, such as the mix of executive, non-executive and independent directors, knowledge and competencies, and the division of responsibilities and accountabilities. Most notably, the Code outlines that the structure of the board should ensure that no member or group members can dominate decision-making or exert disproportionate influence on the board so as to ensure healthy debates and decision-making.
One interesting aspect is the emphasis on the evaluation of Board performance, which should either be done through a self-assessment or through the engagement of third-parties.
Other matters discussed within this core principle include:
- Appointment and succession of board members
- The roles of Chairperson of the Board & CEO
- Remuneration of the Board and Senior Management
- Board Meetings
b. Internal Controls
Various internal control functions are discussed within this core principle, including risk management, compliance, internal audit, ICT and Security Risk Management and Business Continuity. It is the responsibility of the Board to ensure that appropriate Internal Control mechanisms are established in order to enable risks to be identified and managed. The Internal Control framework should be properly overseen by the Board on an ongoing basis.
c. Stakeholder Engagement
This core principle discusses the link between the board and the company’s stakeholders, particularly the shareholders, employees, suppliers, customers, public authorities and other relevant stakeholders, and the Board’s role in ensuring that the interests of all stakeholders are regarded and protected, whilst ensuring compliance with the applicable laws and regulations.
d. Corporate Culture, CSR and ESG
Last but not least, the new Code touches upon the topic of ESG, corporate culture and corporate social responsibility. Boards are being encouraged to place more focus on long-term value-creation strategies by engaging in activities which reduce pressures on the environment and consider social and governance aspects.
The MFSA expects the entities in scope to adhere to these principles on a ‘best-effort’ basis which is commensurate with the nature, scale and complexity of the business. In this respect, the MFSA provides guidance on the criteria that need to be taken into consideration to assess the nature, scale and complexity of the entity in question.
For more information or advice about how your authorised entity can comply with this Code, please contact us on: firstname.lastname@example.org