This edition of CGj reviews our 23rd Annual Corporate and Regulatory Update (ACRU), held on 9 June. ACRU is the most popular CPD event in the Institute’s calendar and is a rare
opportunity for participants to have a direct dialogue with regulators about all of the top issues in governance and compliance.
This year, the need for such a dialogue is more evident than ever. The operating environment in Hong Kong, the Mainland and globally continues to grow in uncertainty and complexity, which creates risks to be managed through good governance. This year’s ACRU covered a wide range of issues including environmental, social and governance (ESG) and climate change concerns, IPO-related misconduct, due diligence in corporate transactions, financial reporting deadlines and the Covid-19 pandemic, directors’ duties, personal data privacy and anti- corruption compliance.
The cover stories in this edition of CGj will guide you through the key ACRU takeaways on all of these topics, but one theme that I would like to draw to your attention here is the role of internal controls in achieving good governance. This theme came up in a number of speaker’s presentations. It has also been a regular theme of ACRUs in the past and is a salutary reminder for members and stakeholders of our profession of the fundamental rationale for having a properly resourced governance team in organisations of all types.
At this year’s ACRU, Kenneth Luk, Senior Director, Enforcement Division, Securities and Futures Commission (SFC), made the point that companies with internal controls that ‘exist only on paper’ can expect, sooner or later, to be involved in an investigation by the SFC enforcement team. Similarly, Jon Witts, Head of Enforcement, Listing Division, Hong Kong Exchanges and Clearing Ltd (HKEX), emphasised that having impressive sounding policies on governance issues is only half the story – boards need to ensure that their strategic policy decisions are backed up by procedures at the technical level.
This, of course, is where good governance is invaluable. Does the organisation have the right systems in place to ensure timely corporate filings and financial disclosure? Is the internal audit function adequately resourced? Does the organisation have the appropriate segregation of duties to avoid abuses in conflict of interest situations? Are these internal controls subject to regular review? Does the organisation provide adequate training for everyone involved in implementing these controls?
Good governance is as much about these technical details as it is about high-level strategic and ethical considerations. Nevertheless, some would wrongly regard getting effective controls at the appropriate level of detail as an unnecessary cost for organisations, or as red tape and a distraction from the actual business organisations are engaged in.
While effective internal controls do represent a cost for organisations, this year’s ACRU, as indeed any of our ACRU events, was a demonstration of the much greater costs involved in failures of internal controls. When internal controls fail, external controls, in the shape and form of regulators, external auditors or other stakeholders, get involved. This can lead to regulatory fines and legal costs, and may also represent a personal liability risk for directors and managers. Add to this the potential loss of clients due to the reputational damage organisations suffer as a result of high-profile compliance breaches, and you begin to see the value and competitive advantage of having a properly resourced governance team in place where members of the Institute serve as governance champions.
opportunity for participants to have a direct dialogue with regulators about all of the top issues in governance and compliance.
This year, the need for such a dialogue is more evident than ever. The operating environment in Hong Kong, the Mainland and globally continues to grow in uncertainty and complexity, which creates risks to be managed through good governance. This year’s ACRU covered a wide range of issues including environmental, social and governance (ESG) and climate change concerns, IPO-related misconduct, due diligence in corporate transactions, financial reporting deadlines and the Covid-19 pandemic, directors’ duties, personal data privacy and anti- corruption compliance.
The cover stories in this edition of CGj will guide you through the key ACRU takeaways on all of these topics, but one theme that I would like to draw to your attention here is the role of internal controls in achieving good governance. This theme came up in a number of speaker’s presentations. It has also been a regular theme of ACRUs in the past and is a salutary reminder for members and stakeholders of our profession of the fundamental rationale for having a properly resourced governance team in organisations of all types.
At this year’s ACRU, Kenneth Luk, Senior Director, Enforcement Division, Securities and Futures Commission (SFC), made the point that companies with internal controls that ‘exist only on paper’ can expect, sooner or later, to be involved in an investigation by the SFC enforcement team. Similarly, Jon Witts, Head of Enforcement, Listing Division, Hong Kong Exchanges and Clearing Ltd (HKEX), emphasised that having impressive sounding policies on governance issues is only half the story – boards need to ensure that their strategic policy decisions are backed up by procedures at the technical level.
This, of course, is where good governance is invaluable. Does the organisation have the right systems in place to ensure timely corporate filings and financial disclosure? Is the internal audit function adequately resourced? Does the organisation have the appropriate segregation of duties to avoid abuses in conflict of interest situations? Are these internal controls subject to regular review? Does the organisation provide adequate training for everyone involved in implementing these controls?
Good governance is as much about these technical details as it is about high-level strategic and ethical considerations. Nevertheless, some would wrongly regard getting effective controls at the appropriate level of detail as an unnecessary cost for organisations, or as red tape and a distraction from the actual business organisations are engaged in.
While effective internal controls do represent a cost for organisations, this year’s ACRU, as indeed any of our ACRU events, was a demonstration of the much greater costs involved in failures of internal controls. When internal controls fail, external controls, in the shape and form of regulators, external auditors or other stakeholders, get involved. This can lead to regulatory fines and legal costs, and may also represent a personal liability risk for directors and managers. Add to this the potential loss of clients due to the reputational damage organisations suffer as a result of high-profile compliance breaches, and you begin to see the value and competitive advantage of having a properly resourced governance team in place where members of the Institute serve as governance champions.
