Hong Kong – Increased Focus On Board And Senior Management As HKMA Issues Enhanced Guidance On Corporate Governance.

 

17 October, 2017

 

 

On 6 October 2017, the Hong Kong Monetary Authority (HKMA) issued a circular to announce the publication of two revised Supervisory Policy Manual (SPM) modules, namely CG-1 “Corporate Governance of Locally Incorporated Authorised Institutions” (CG-1) and IC-1 “Risk Management Framework” (IC-1). Revisions were made to the modules to incorporate guidelines issued by the Basel Committee on Banking Supervision (BCBS) and the Financial Stability Board (FSB) on corporate governance and risk management principles, thereby bringing Hong Kong more into line with international standards.

Impacted authorised institutions (AIs) will be expected to implement the new requirements with effect from 1 January 2018.

 

Corporate governance and senior management accountability continue to be hot topics in Hong Kong (as well as globally) since the Securities and Futures Commission (SFC) issued its circular on the Manager in Charge regime in December 2016 (please see our briefing on this topic here). The HKMA has also issued the following guidance in relation to corporate governance:

 

• circular providing further guidance on the empowerment of Independent Non-Executive Directors (INEDs) in the banking industry in Hong Kong dated 14 December 2016 (please see our briefing on this topic here);
• circular providing guidance to AIs on developing and promoting a sound corporate culture dated 2 March 2017; and
• circular launching a new On-boarding Programme for INEDs of locally incorporated AIs dated 11 October 2017.

 

KEY CHANGES TO THE CORPORATE GOVERNANCE MODULE (CG-1)

 

CG-1 applies to locally incorporated AIs but some of the guidelines will serve as a helpful reference guide to AIs incorporated outside of Hong Kong.

 

In CG-1, the HKMA has provided more elaborate guidance in relation to the following areas:

 

• the responsibilities of the board and senior management;
• the role of the chair and the appropriate composition of INEDs as members; and
• the governance issues in group structures, in the case where an AI acts as the parent company or is a regulatory subsidiary of an overseas-incorporated group.

 

We set out below some examples of the enhanced guidance.

 

Responsibilities of the board and senior management

 

• The board should be actively engaged in the affairs of the AI and cognisant of material changes in the AI’s business and the external environment in which the AI operates (paragraph 2.1.1).
• An AI should have an effective risk management framework containing a set of robust risk governance arrangements and an effective risk appetite framework (see IC-1) (paragraph 2.4.1).
• Whilst the concept of senior management being responsible for running the AI on a day to day basis is not new, there is more detailed guidance on the scope of senior management responsibilities. For example, they are responsible for establishing a management structure that promotes accountability and transparency throughout the organisation and facilitates delegation of duties and management oversight (paragraph 2.5.2).
• The board should ensure that appropriate succession plans are in place for senior management, and actively engage in succession plans for the chief executive and other key senior executives as appropriate. There is also more detailed guidance on the board’s responsibilities regarding the appointment and removal of senior management (paragraph 2.5.4).
• There is a new requirement that the board should ensure that senior management has access to regular training to maintain and enhance their competencies and to keep themselves updated on industry and regulatory developments relevant to their areas of responsibility (paragraph 2.5.8).
• The board should oversee senior management’s role in fostering and maintaining sound corporate culture and confirm that appropriate steps are taken to communicate throughout the AI the professional standards and corporate values it sets (paragraph 2.6.2).
• The board’s role in overseeing senior management’s implementation of an AI’s remuneration system is now a standalone section in CG-1, which has been enhanced (paragraph 2.7).
• The list of information which an AI should disclose to promote transparency for sound and effective governance has been expanded (paragraph 2.10.2). There is also new guidance around informing the HKMA and making public disclosure whenever a person is appointed or ceases to act as the head of internal audit or the chief risk officer (paragraph 2.10.3).

 

Role of the chair and composition of INEDs

 

The previous requirement that the chair and chief executive of an AI should be separate individuals has been replaced by a new requirement that the chair should be an INED or non-executive director (paragraph 4.1.3).

 

There is a new set of criteria for assessing the collective suitability of board members. The board members should possess a range of knowledge and experience in relevant areas and varied backgrounds to promote diversity of views.

 

The board collectively should have a reasonable understanding of local, regional and global economic and market forces and of the legal and regulatory environment. Individual board members’ attitudes should facilitate communication, collaboration and critical debate in the decision-making process (paragraph 4.2.1).

 

An INED has been defined as a director who does not perform any executive functions within the AI and is not under any other undue influence, internal or external, political or arising through the incidents of ownership or otherwise, that would impede his/her exercise of independent and objective judgment (paragraph 4.2.3).

 

There is a new requirement on the composition of INEDs in terms of the minimum number of INEDs who possess accounting, banking or other relevant financial industry background (paragraphs 4.2.5 and 4.2.6).

 

In addition to the existing requirement to notify the HKMA of the names of the directors who are considered to be independent, an AI is now also required to notify the HKMA of the criteria supporting this judgment (paragraph 4.2.7).

 

Governance issues in group structures

 

There is generally more guidance around what the board of an AI which is a parent or holding company should do to fulfil its corporate governance responsibilities. For example, the board should establish a group structure and a corporate governance framework with clearly defined roles and responsibilities, including at the parent level and at the subsidiary level (paragraph 9.1.3).

 

Where an AI is a regulated subsidiary in a larger group of companies, the AI’s directors are not absolved from responsibility in relation to the effects of policies and actions that are applied to the AI irrespective of whether it is “group” policy or strategy. To ensure that the group policy does not put the AI in breach of any applicable rules or standards, the board should provide appropriate input to the formulation of group policy or conduct timely evaluation of any group-level policies (paragraphs 9.2.2 and 9.2.3).

 

KEY CHANGES TO RISK MANAGEMENT MODULE (IC-1)

 

IC-1 applies to all AIs (ie, locally incorporated and non-locally incorporated AIs).

 

The HKMA has provided more elaborate guidance in relation to the following areas:

 

• the key elements of an effective risk management framework. An example given by the HKMA is the delineation of the responsibilities of the board, Risk Committee and risk management functions;
• the operation of a risk appetite framework and regular formulation of a risk appetite statement to facilitate oversight of risk-taking activities and risk management process; and
• the maintenance of effective systems and procedures to facilitate firm-wide risk measurement and monitoring.

 

LOOKING FORWARD

 

The finalisation of the amendments to CG-1 form part of an increased focus on the role of the board and senior management. Read in conjunction with the HKMA’s earlier guidance on the role of INEDs and the SFC’s Manager in Charge regime, senior management should be in no doubt that this is a focus which will continue.

 

Whilst boards and senior management will have already started a review of their existing governance frameworks, committee structures and membership in light of the HKMA’s earlier guidance around INEDs, impacted AIs should ensure that any amendments made adequately address the HKMA’s new guidance in CG-1 and IC-1.

 

Herbert Smith Freehills advises regularly on the regulatory expectations on firms’ governance and risk management models. Our integrated financial services regulatory team spans over 25 countries across Europe, North America, Asia Pacific and the Middle East and we have partnered with many firms to design and implement governance and risk management arrangements that will meet the test of clear responsibility, accountability and effective oversight. We would be very happy to discuss any aspects of the HKMA’s new requirements with you.

 

 

For further information, please contact:

 

William Hallatt, Partner, Herbert Smith Freehills

William.Hallatt@hsf.com