Governance Briefing — June 30, 2020
The Philippines Securities and Exchange Commission issued a revised corporate governance code for public companies and registered issuers, raising board independence, oversight, and disclosure standards.
Executive briefing: The Philippine Securities and Exchange Commission (SEC) issued Memorandum Circular No. 24-2020 on , adopting the Revised Code of Corporate Governance for Public Companies and Registered Issuers. The code updates the 2017 Corporate Governance Code, aligning with ASEAN standards and the G20/OECD Principles. It applies to publicly listed companies, public companies, and registered issuers, requiring compliance on a "comply or explain" basis.
Board responsibilities and composition
The revised code emphasises board accountability for strategy, risk management, and stakeholder engagement. Boards must have a majority of non-executive directors and at least two independent directors or 20% of the board, whichever is lower. Chair and CEO roles should be separate, with the chair ideally a non-executive director. Directors must possess appropriate competencies, attend training, and disclose interests.
The code encourages diversity in gender, skills, and experience. Companies must adopt a board diversity policy and disclose progress in annual corporate governance reports. Succession planning for directors and key officers is required.
Committees and oversight
Mandatory board committees include audit, corporate governance, risk oversight, and related-party transactions. The audit committee oversees financial reporting, internal controls, and internal audit independence. The risk oversight committee monitors enterprise risk management, cybersecurity, and emerging risks. The related-party transactions committee reviews transactions involving directors, officers, and significant shareholders to prevent conflicts of interest.
Committees must have written charters, meet regularly, and report to the board. Independent directors should chair key committees to enhance objectivity.
Risk management and internal control
Companies must implement enterprise risk management frameworks covering strategic, operational, financial, and compliance risks. Boards should approve risk appetite statements, monitor risk indicators, and ensure adequacy of internal controls. The code highlights cybersecurity and data privacy risks, requiring management to deploy controls and incident response plans.
Internal audit functions must be independent, report to the audit committee, and evaluate the effectiveness of risk management and internal controls. External auditors should be rotated regularly, and their independence must be assessed.
Sustainability and stakeholder engagement
The revised code integrates sustainability by encouraging companies to adopt environmental, social, and governance (ESG) frameworks, align with the SEC sustainability reporting guidelines, and disclose material sustainability metrics. Stakeholder engagement policies must identify key stakeholders, communication channels, and mechanisms for feedback.
Companies should implement whistleblower programmes, investor relations policies, and community engagement initiatives. Boards must oversee corporate citizenship and corporate social responsibility commitments.
Disclosure and reporting
Public companies and registered issuers must submit annual corporate governance reports (ACGR), sustainability reports, and audited financial statements. The code encourages integrated reporting and transparency on board performance, remuneration, and risk management. Companies should publish corporate governance structures, board attendance, and training records.
Related-party transactions, director compensation, and material contracts must be disclosed in accordance with SEC requirements. Companies should leverage digital platforms to enhance disclosure accessibility.
Compliance framework
Companies must appoint a corporate governance compliance officer responsible for monitoring adherence, preparing reports, and coordinating training. The compliance officer reports to the board and ensures timely submission of SEC filings. Non-compliance can result in penalties, reputational damage, and potential suspension of registration or licensing.
The code supports whistleblowing mechanisms that protect informants and facilitate investigation of misconduct. Compliance officers must ensure policies are communicated, monitored, and continuously improved.
Action plan
- Immediate: Conduct a gap analysis comparing existing governance practices with the revised code. Update board charters, committee mandates, and policies on diversity, succession, and stakeholder engagement.
- 30–60 days: Train directors and officers on new requirements, enhance risk management and sustainability reporting processes, and review related-party transaction controls.
- 60–90 days: Publish updated corporate governance disclosures, integrate ESG metrics into reports, and strengthen internal audit and compliance monitoring.
- Continuous: Monitor SEC circulars, ASEAN corporate governance scorecard criteria, and investor expectations. Review governance effectiveness annually and document improvements.
Implementing the revised code enhances board effectiveness, risk oversight, and transparency, aligning Philippine companies with regional best practices.
Shareholder rights and equitable treatment
The code reinforces shareholder rights, including timely access to meeting materials, voting mechanisms, and opportunities to ask questions. Companies must adopt transparent dividend policies, disclose voting results, and respect minority shareholders. Remote participation and electronic voting are encouraged, especially in light of pandemic-related restrictions.
Shareholder agreements and related-party transactions should be reviewed to prevent abusive practices. Boards must ensure equitable treatment of all shareholders, including foreign investors, and disclose any shareholding structures that affect control.
Culture, ethics, and training
Boards are responsible for fostering a culture of integrity. Companies should adopt codes of conduct, provide ethics training, and enforce disciplinary measures for violations. Training programmes must cover corporate governance principles, risk management, sustainability, and emerging issues such as digital transformation and data privacy.
New directors should undergo orientation programmes covering business operations, industry context, and governance expectations. Continuing education helps directors stay informed about regulatory changes and best practices.
Monitoring and evaluation
The revised code encourages annual board performance assessments, covering individual directors, committees, and the board as a whole. Assessments should be facilitated by the corporate governance committee or external evaluators. Findings must inform improvement plans and succession strategies.
Companies should establish metrics to track governance effectiveness, such as attendance rates, training hours, risk incident response times, and stakeholder engagement outcomes. Regular reporting to shareholders enhances accountability.
Coordination with regulatory and market initiatives
Public companies should align with the ASEAN Corporate Governance Scorecard, Philippine Stock Exchange listing rules, and SEC sustainability reporting guidelines. Coordination ensures consistent messaging to investors and avoids duplication. Companies operating in regulated sectors (banks, insurers, utilities) must integrate sector-specific governance requirements.
Engagement with institutional investors, proxy advisors, and credit rating agencies helps understand expectations and build trust. Participation in governance forums and industry associations supports knowledge sharing.
Technology and digital governance
The code recognises the role of technology in governance. Boards should oversee digital transformation, cybersecurity, and data analytics initiatives. Companies must implement secure board portals, protect confidential information, and ensure continuity of virtual meetings. Risk oversight should cover emerging technologies, including AI, automation, and fintech partnerships.
Cyber incident response plans should be tested regularly, with reporting lines to the board. Collaboration between IT, risk, and compliance teams ensures coordinated responses to digital threats.
Follow-up: The Securities and Exchange Commission has required sustainability and board diversity disclosures since 2022, and its 2023 Sustainability Reporting Guidelines 2.0 align the revised code with ISSB and ASEAN taxonomy expectations for 2024 filings.
Sources
- SEC Memorandum Circular No. 19, series of 2020 — Philippines Securities and Exchange Commission; Full text of the revised Code of Corporate Governance outlining director independence, risk oversight, and disclosure requirements for public companies and registered issuers.
- SEC release on Memorandum Circular No. 19, s.2020 — Philippines Securities and Exchange Commission; Regulator announcement summarising the governance reforms and implementation expectations for Philippine public companies.