The MFSA publishes a Draft Corporate Governance Code for authorised entities

On the 22 February 2022, the MFSA published a draft Corporate Governance Code (“Code”) which will be applicable to all (unlisted) persons authorised by the MFSA.[1] In the Circular accompanying the publication, the MFSA explains that the Code comprises various principles, to be applied on a ‘best effort basis’, complemented by supporting provisions to guide the entities towards achieving the objectives set out in the principles. Its main sections relate to the Board and its responsibilities, internal controls (Risk Management, Compliance, Internal Audit, ICT and Security Risk Management and Business Continuity), stakeholder engagement and corporate culture, Corporate Social Responsibility and ESG. The section relating to the Board touches upon a broad range of topics such as composition, succession, remuneration, board evaluation and conflicts of interest. Consultation is open until the 22 March 2022.

The Code will apply to a myriad of entities undertaking diverse activities. These range from banks and insurance firms to payment institutions, asset managers and trustees. Although many provisions within the Code contain concepts which should apply by way of good governance no matter the type of entity, the MFSA emphasizes that the principle of proportionality underlies the applicability of the Code. Clearly, not all principles may be applicable or make sense within the context of the activities undertaken by the authorised entity. Some principles may need to be applied to a different degree given that some entities may perform very limited activities or are made up of a small Board and organisation structure. The proportionality approach should therefore serve to address this diversity.

Another important consideration is that the Code will not override applicable laws, regulations or rules which already address, albeit to a different extent, the internal governance of certain authorised entities. For instance, the internal governance of banks is considerably described in the Banking Rules and various European Banking Authority Guidelines. Similarly, the investments and insurance sectors are already accustomed to significant governance standards in terms of, for instance, board composition, risk management and internal controls. The Code’s impact will therefore be mostly felt in those regulated sectors were governance standards or principles, although often expected or encouraged, were to-date unwritten. Within this context, it should also serve to give more certainty to entities when devising or reorganising their governance framework.

MFSA’s Consultation Document on the Corporate Governance Code


[1] The Code applies to “Authorised Entities” which are being defined as “any person authorised by the MFSA, under any framework for which it is designated as the competent authority”. The Code will not apply to listed entities which remain subject to the provisions of the Code of Corporate Governance contained in the Capital Markets Rules.