GRC in Malta: The role of regulatory governance codes in strengthening governance structures of regulated entities Author: Nico Fauser Published on February 13, 2024 Corporate governance may be broadly defined as the system of rules, practices and processes which determine the manner in which a company is directed or controlled. The role of corporate governance is essentially to balance the interests of a company’s many stakeholders which include shareholders, employees, banks and other lenders, the government, customers, suppliers, as well as the community in general. The scope of this article is to highlight the salient aspects arising from regulatory governance codes and the fundamental role which these play in shaping and enhancing governance structures of locally regulated entities, particularly as a result of the publication by the MFSA of the Corporate Governance Code in 2022. Prior to the introduction of the MFSA Corporate Governance Code, corporate governance rules, practices and processes of regulated entities predominantly emanated from sector-specific regulatory frameworks, governing the conduct of local authorised persons. In the insurance space, for instance, governance requirements applicable to (re)insurance undertakings authorised under the Insurance Business Act (Chapter 403 of the Laws of Malta) arise from Pillar 2 of the Solvency II Directive, as implemented in Chapter 6 of the Insurance Rules on the System of Governance. Similar rules apply to insurance distributors in accordance with the Insurance Distribution Rules. In the remit of banking, credit institutions are also subject to their own sectorial rules, namely Banking Rule BR/24 on the internal governance of credit institutions, which sets out rules on the establishment and running of certain committees, and generally on the role and composition of the board of directors. In the investment services sphere, investment firms, fund managers, custodians and funds are also each subject to specific sectorial rules. Finally, listed entities are also subject to specific sectorial rules, i.e. the Capital Markets Rules which include a Code of Principles of Good Corporate Governance. On the 5th of August 2022, the MFSA introduced the Corporate Governance Code (the “Code”) which applies cross-sectorially to all unlisted entities authorised by the MFSA to provide financial services in or from within Malta. The Code seeks to enhance governance structures and set out best practices of corporate governance of entities falling within the MFSA’s regulatory remit, by guiding board members and practitioners to implement or bolster governance practices in the best interest of all stakeholders concerned. The Code is organised into four main sections, these being: (i) an effective board which is composed of executive and non-executive independent directors, to periodically conduct board self-assessments and evaluations to ensure board effectiveness; (ii) internal controls, in order to ensure that boards exercise adequate oversight of executive management and that boards have an adequate understanding of risk; (iii) stakeholder engagement; and; (iv) corporate culture, corporate social responsibility and ESG. Since the Code is applicable to a wide range of entities falling within its scope, much of the Code’s application is based on the principle of proportionality – authorised entities are therefore expected to comply on a best-efforts basis. While, therefore, the MFSA expects entities falling within the scope of the Code to endeavour to adhere to the Code, such adherence will depend on the nature, size and complexity of the entity concerned. More specifically, in applying the principle of proportionality, the extent of application of the Code will depend on the size of the institution concerned (particularly its balance sheet), the legal form of the institution, the type of authorised activities performed, the geographical presence of the institution and the size of the operations in each jurisdiction and the types of clients, amongst others. Nonetheless, the principle of proportionality does not apply when it comes to the implementation of the High-Level Principles identified in the Code, such as acting honestly, fairly, and professionally; complying with all relevant applicable legislative and regulatory frameworks; conducting business with integrity, due skill, care, and diligence; managing conflicts of interests; adopting a transparent approach with the regulator. One of the salient principles of the Code includes the introduction of a core principle requiring Boards, where practicable, to ensure that at least one director of the Board should be an independent non-executive director. Other salient recommendations emanating from the Code include the recommendation of Boards of authorised entities to clearly define their remit and power in a written document e.g. a Board Charter or Board Terms of Reference. The Code has also introduced a number of core principles on Corporate Culture, Corporate Social Responsibility (CSR) and Environmental, Social and Governance (ESG). The resultant corporate governance legal framework post-introduction of the Code is, in essence, comprised of a combination of elements of soft law mechanisms (including the Code, which is to be applied by authorised entities on a best-efforts basis) on the one hand, and, on the other hand, mandatory provisions incorporated in the respective regulatory frameworks (namely the Insurance Rules, the Banking Rules and the Investment Services Rules). Accordingly, the effectiveness of sector-specific rules continues to override the provisions of the Code. In fact, in applying the mandatory rules contained in the respective regulatory frameworks outlined above, and the core principles and supporting provisions emanating from the Code, the Code should not be deemed to override the applicable laws, regulations or rules which regulate authorised entities. Furthermore, should a conflict arise between the Code and the applicable laws, regulations or rules, the respective laws, regulations or rules are to prevail. In conclusion, there is no doubt that regulatory governance codes are a fundamental tool in assisting regulated entities to navigate the governance landscape since they shed light and foster a better understanding of governance expectations and good governance practices. The delicate task of the regulator is to decide whether to go down the route of using the Code as a tool to continue to nurture and elevate further the important role of good governance in delivering positive outcomes for all stakeholders concerned or alternatively choosing the more prescriptive path of assimilating the Code with the other sectorial regulatory instruments which mandate, rather than encourage, corporate governance practices. This article forms part of a series of publications by Ganado Advocates focusing on cross-sectoral matters relating to governance, risk, and compliance. This series aims to offer legal and practical insights, a valuable resource for understanding and navigating the dynamic landscape of GRC in Malta. This publication was first published in the Times of Malta on 11th February 2024. Go back