The governance landscape is evolving rapidly, driven by technological disruption, shifting market forces and heightened regulatory scrutiny. In light of these challenges, the Institute held a seminar on 26 November 2024, titled Board of Directors in Turbulent Times: Maintaining Robust Governance, to equip board members, executives and governance professionals with the tools and knowledge needed to steer their organisations through turbulent times.

This article provides an overview of the seminar, highlighting key takeaways to help governance professionals enhance their practices and empower their organisations to thrive in the face of uncertainty.

Leadership in an era of change

The first speaker of the session, Patricia Hui FCG HKFCG(PE), lawyer and governance professional, opened the discussion by painting a vivid picture of the challenges confronting leaders today. Citing research from McKinsey & Co, Ms Hui explained: ‘Ten years ago, CEOs and boards typically focused on four or five issues at any one time. Today, that number has doubled.’ Environmental concerns, technological advancements, geopolitical changes and societal expectations have created a volatile landscape, compounded by their interconnectedness and the limited time leaders have to react.

To deal with this uncertainty, Ms Hui emphasised that leaders must remain focused on the big picture, while maintaining calm amidst the turbulence. Effective leadership, Ms Hui stressed, is not static, but rather it evolves with the changing needs of organisations, as well as the wider business and regulatory environment. ‘In the contemporary context, effective leaders must be visionary strategists, as well as catalysts for change. They should not only focus on future trends, but should also inspire their teams to foster innovation,’ she said.

Central to Ms Hui’s presentation was the concept of resilience. Ms Hui framed resilience as the ability not just to bounce back from adversity, but also to transform challenges into opportunities. Resilient leaders, she explained, are adaptable, emotionally stable and able to inspire their teams. ‘When faced with adversity, resilient leaders remain composed and maintain a positive outlook,’ she said, adding that this inspiration often translates into improved productivity, higher job satisfaction and lower turnover rates.

Ms Hui also highlighted resilience as a driver of innovation, enabling leaders to turn setbacks into creative solutions. ‘Resilience fosters creativity, allowing leaders to explore new ideas and achieve breakthrough results,’ she stated, noting its importance for long-term success.

Ms Hui also offered actionable steps for leaders to build resilience. First, leaders should regularly review past decisions, learn from failures and express gratitude for successes. Second, Ms Hui stressed the importance of lifelong learning, whether through formal education, self-study or conversations with diverse individuals. ‘Continuous learning equips leaders with the tools and perspectives to tackle unforeseen challenges,’ she commented.

She encouraged leaders to become comfortable with uncertainty, which she described as vital for thriving in a volatile, uncertain, complex and ambiguous world. Leaders should also surround themselves with supportive peers and mentors that provide fresh perspectives and resources during tough times. They should also lead by example, demonstrating resilience in actions and decisions that empower their teams to embrace challenges and develop their own resilience.

Ms Hui concluded her presentation by discussing the role of effective board dynamics in supporting leadership during challenging times. She outlined several principles for building resilient boards.

• Diversity. Resilient boards are composed of members with diverse expertise, skills and perspectives. ‘Diversity is not just about representation, it is a catalyst for innovative thinking and robust problem-solving,’ she explained.
• Effective communication. Open and transparent dialogue is essential. Ms Hui encouraged boards to establish norms that promote respectful exchanges and active listening.
• Trust. Trust, Ms Hui said, is the cornerstone of effective boards. Team-building activities can help strengthen interpersonal relationships among board members.
• Constructive conflict. Ms Hui described healthy conflict as a tool for growth, provided it is managed well. ‘Healthy conflict can lead to better decision-making as it challenges assumptions and refines ideas,’ she clarified.
• Performance evaluation. Regular feedback sessions help boards identify areas for improvement and celebrate successes, reinforcing accountability.

She encouraged board leaders to embrace transformational leadership, inspiring teams to contribute their best. ‘Leaders who inspire and motivate their teams create an environment where everyone feels empowered to excel,’ she said.

Navigating compliance and corporate governance risks

The second speaker of the session, Christine Cuthbert, Partner, Baker & McKenzie, provided a practical overview of the critical relationship between compliance and corporate governance. She emphasised the growing importance of embedding strong governance principles within organisations to address evolving risks, regulatory demands and stakeholder expectations.

Ms Cuthbert started by stressing that effective corporate governance is essential for ensuring compliance with regulatory obligations. ‘Regulators are obsessed with transparency and reporting,’ she said, highlighting the greater scrutiny companies face – not just from regulators but also from stakeholders, including investors, business partners, employees and even the general public. ‘If you’re a bad employer, people know. It goes beyond Hong Kong and can go viral.’

The regulatory landscape has become increasingly complex, with new laws and obligations emerging globally, Ms Cuthbert pointed out. ‘Regulations and laws are not declining. There’s more and more, particularly in reporting obligations.’

She cited examples such as the antibribery legislation in Australia, where companies can now be held liable for failing to prevent bribery, unless they can demonstrate adequate procedures.

The interconnectedness of global regulations also means companies cannot afford to limit their focus to local compliance, she said. ‘Even if you’re not a multinational company, you do need to think a bit more globally,’ she warned, as regulators in various jurisdictions extend their reach. She also noted the intensified cross-border cooperation between regulators, which has raised the stakes for companies failing to meet compliance standards.

Ms Cuthbert also flagged up a common pitfall, which is that organisations often implement global programmes without tailoring them to local subsidiaries. She urged companies to ensure their governance frameworks are ‘fit for purpose for the next level down’ and that they are properly adapted to the needs of specific regions or entities. Training employees and confirming that they understand what is expected of them in terms of ethics and compliance is a key step in embedding governance principles across all levels of the organisation. ‘Developing and incorporating a good compliance programme – and ensuring that your processes and controls are in place – is critical for effective governance,’ she said.

In terms of positive change, Ms Cuthbert observed that compliance is no longer confined to a company’s legal team. Instead, it intersects far more often with ESG principles, reflecting the broader societal and environmental responsibilities of businesses. She also underscored the increasing importance of embedding ethics and governance into an organisation’s culture. ‘It’s about protecting yourself, and making sure your good governance and ethics are being embedded into the company,’ she said, pointing to the need for proactive measures to mitigate risks.

‘Corporate governance is something that a lot of companies, boards and stakeholders pay attention to because it does go to the heart of a good company,’ she stated.

Managing third-party risks in a challenging environment

The third speaker of the session, Mavis Tan, Partner, Control Risks, offered a detailed and practical perspective on the operational challenges that companies encounter when managing third-party risks and maintaining compliance. Drawing on her expertise as a forensic accountant, Ms Tan highlighted the growing complexity of regulatory risks and the critical need for robust third-party risk management programmes.

Ms Tan began by contextualising the challenges companies face in today’s tough trading environment, where diminishing margins and policy changes have amplified financial pressures. She echoed earlier points about the dynamic and ever-changing regulatory landscape, emphasising that companies must now comply with a broader range of laws, including anti–bribery and corruption regulations, trade compliance, sanctions, data handling and national security requirements. ‘The nature and complexity of regulatory risks are getting to a level where it’s difficult for companies to handle, especially with thinly resourced compliance functions,’ she said.

Third-party risks, in particular, present significant challenges. Ms Tan warned that companies are increasingly being exposed to risks from their third-party relationships, such as those with agents, distributors and suppliers. She provided an example of a company in Hong Kong that was selling products to a customer in Europe. However, a third party diverted those goods to a sanctioned country (in that specific instance, Russia), leaving the original Hong Kong company vulnerable to penalties. ‘You could find yourself on the sanctions list because your goods are making their way to one of the sanctioned countries,’ she explained.

Ms Tan stressed that prevention is always better than cure when it comes to third-party risks. She outlined the key elements of a robust third-party risk management programme.

• Identification and qualification. Companies must establish clear policies for identifying and qualifying third parties. Ms Tan warned that a lack of clear guidance often leads to conflicts of interest.
• Risk-based due diligence. She stressed that due diligence should be proportional to the risk level of the third party. ‘High-risk third parties, such as those dealing with government agencies or export issues, should be subject to enhanced due diligence,’ she said.
• Evaluation and selection. Ms Tan noted that companies often fail to document how they select third parties, which leaves them vulnerable to scrutiny. Clear evaluation criteria are essential.
• Contracting and onboarding. She emphasised the importance of including compliance provisions in contracts to address risks such as anti-bribery, trade compliance and ESG. ‘Ensure contracts allow access to personnel, books and records for audits,’ she advised.
• Ongoing monitoring. A third-party risk management programme must include continuous monitoring and programmatic audits. Ms Tan mentioned that many companies still conduct ad hoc audits, which are insufficient in highly regulated industries like healthcare and technology.

Ms Tan suggested using technology and analytics to detect complex risks, such as collusion and kickbacks involving employees and third parties. Data from financial systems, procurement records and even social media can be analysed to uncover hidden relationships and conflicts of interest. ‘A lot of these issues, like undisclosed interests or bribery, are difficult to find because they happen off the books,’ she said.

She also illustrated the power of analytics with an example of where network analysis revealed collusion between employees and distributors. ‘Using data analytics, we flagged distributors showing unusual behaviour, such as gaining a disproportionate share of end customers,’ Ms Tan explained. External information, such as public records and industry inquiries, further helped identify links between employees and third parties engaged in misconduct.

Ms Tan concluded by reiterating the importance of proactive measures to manage third-party risks. By implementing robust frameworks, leveraging technology and continuously monitoring third parties, companies can mitigate risks and navigate today’s complex regulatory environment more effectively.

The Institute promotes continuous learning as a fundamental aspect of professional development. A Director Training Package, which covers the five topics specified by Hong Kong Exchanges and Clearing Limited, with over 30 videos in English, 22 in Cantonese and 27 in Putonghua, has now been launched. Visit the Institute’s dedicated website page for more details: https://www.hkcgi.org.hk/professional-development/ director-training-package.