Governance — Malaysia

The Securities Commission Malaysia released the revised Malaysian Code on Corporate Governance (MCCG 2021) on 28 April 2021. The principles-and-practices code applies to listed companies on Bursa Malaysia, with expectations that non-listed entities adopt relevant practices. MCCG 2021 updates focus on board leadership and effectiveness, audit and risk management, and integrity in reporting and corporate conduct. Key improvements include a requirement for at least 30% women directors on the boards of large companies by 2023, stricter tenure limits for independent directors, expanded sustainability governance, and stronger anti-corruption controls aligned with Section 17A of the Malaysian Anti-Corruption Commission (MACC) Act.

Board leadership and composition

• Chair-CEO separation. MCCG reiterates that the roles of chair and CEO should be distinct, with the board chaired by a non-executive director.
• Board gender diversity. Large companies (market capitalization above RM2 billion) must have at least 30% women directors by 31 December 2022. All listed companies will have at least one woman director by 1 June 2023, aligning with Bursa Malaysia Listing Requirements updates.
• Independent director tenure. Practice 5.3 requires boards to justify and seek shareholder approval through a two-tier voting process if an independent director serves beyond nine years; for large companies, MCCG encourages a 12-year hard cap with board refreshment plans.
• Board nomination processes. Boards should use independent sources (search firms, director registries) when appointing directors and disclose the outcomes of the annual board evaluation, including skill matrixes and diversity targets.

Sustainability governance

MCCG 2021 elevates sustainability from voluntary to core board responsibility. Boards must integrate sustainability considerations into strategy, risk management, and performance monitoring. Large companies should establish board committees or dedicated oversight mechanisms for sustainability. Disclosure expectations include key focus areas (climate, supply chain, human rights), performance targets, and progress. Management is tasked with embedding sustainability into operations, supported by metrics and incentives.

Integrity in corporate reporting

• Full reporting. Boards should ensure integrated reporting or equivalent frameworks that articulate strategy, governance, performance, and prospects. Sustainability statements must be data-driven and aligned with global frameworks (GRI, TCFD).
• CEO and CFO assurance. MCCG encourages CEOs and CFOs to provide assurance to the board on the accuracy of financial statements.
• External assurance. Companies should seek external assurance on sustainability disclosures to improve credibility.

Audit and risk management improvements

• Audit committee independence. The audit committee should comprise only independent directors and possess collective expertise in accounting and finance. Practice 9.3 urges periodic rotation of external audit partners and assessment of audit quality indicators.
• Risk management committee. Large companies should set up a risk management committee separate from the audit committee or ensure sufficient risk expertise within combined committees. Risk oversight must cover enterprise risk management, cybersecurity, climate-related risks, and emerging threats.
• Internal audit. Internal audit must be led by qualified professionals with direct reporting to the audit committee. MCCG emphasizes quality assurance programs and adequate resourcing.

Anti-corruption and whistleblowing

With the MACC Act’s corporate liability provisions effective June 2020, MCCG 2021 reinforces expectations for adequate procedures under the TRUST principles (Top level commitment, Risk assessment, Do control measures, Systematic review, Training and communication). Boards should monitor corruption risk assessments, maintain policies on gifts and hospitality, implement due diligence on third parties, and ensure whistleblowing channels are independent, confidential, and accessible. Regular reporting to the board on whistleblowing cases and anti-corruption training uptake is expected.

Stakeholder communication

Companies must disclose stakeholder engagement strategies, including material topics raised and responses. MCCG encourages adoption of integrated reporting that links stakeholder expectations with strategic decisions. Investor relations programs should provide transparent communication on sustainability targets, board composition, and risk management.

Implementation steps

1. Perform a governance gap analysis comparing current practices with MCCG 2021 recommendations, focusing on gender diversity, board evaluations, and sustainability oversight.
2. Develop board succession plans to achieve 30% women representation and refresh independent directors before nine-year tenure limits, utilizing director training programs offered by the Institute of Corporate Directors Malaysia.
3. Enhance sustainability governance by establishing a dedicated board committee, assigning management accountability, and integrating sustainability KPIs into executive scorecards.
4. Strengthen anti-corruption frameworks with risk assessments, third-party due diligence, whistleblowing hotlines, and periodic effectiveness reviews.
5. Upgrade disclosure processes to produce integrated or sustainability reports aligned with global standards, supported by data governance and potential external assurance.

This brief supports Malaysian issuers in operationalizing MCCG 2021 by designing board diversity roadmaps, sustainability governance structures, and anti-corruption control frameworks ready for regulator and investor scrutiny.

Director development and evaluation

MCCG 2021 emphasizes continuous professional development. Boards should set minimum training hours, focusing on sustainability, digital transformation, and risk topics. Evaluation processes must include peer reviews, independent assessments every three years, and action plans monitored by the nomination committee. Disclose evaluation outcomes in annual reports, including progress on addressing identified gaps.

Remuneration transparency

The code recommends full disclosure of remuneration for individual directors on a named basis, including salary, bonuses, benefits-in-kind, and other incentives. For top five senior management personnel, aggregate disclosure is encouraged. Remuneration policies should link pay to performance across financial and non-financial metrics, incorporating ESG indicators. Shareholder engagement on remuneration—through policy votes and briefings—should explain incentive design and alignment with long-term strategy.

General meeting conduct

Companies will use technology for general meetings, enabling remote participation, real-time voting, and question-and-answer sessions. MCCG calls for notice periods longer than the statutory minimum (at least 28 days), clear explanations of resolutions, and publication of minutes including questions raised. Boards should help participation of senior independent directors and committee chairs to address investor queries.

Stakeholder and supply chain governance

The code urges boards to monitor supply chain risks, including labor standards and environmental impacts. Integrate human rights due diligence consistent with the UN Guiding Principles on Business and Human Rights. Establish grievance mechanisms for workers in the supply chain and report remediation efforts. Collaboration with regulators on initiatives such as the Malaysian Sustainable Palm Oil (MSPO) standard can improve credibility.

Technology and cyber risk oversight

Boards must treat cybersecurity as a core risk. MCCG encourages dedicated reporting on cyber incidents, penetration testing results, and resilience investments. Companies should align cyber governance with Bank Negara Malaysia’s Risk Management in Technology (RMiT) policy (where applicable), adopt international standards (ISO/IEC 27001), and integrate cyber metrics into enterprise risk dashboards.

Ongoing monitoring

Annual corporate governance reports should disclose application of each MCCG practice, reasons for departures, and alternative measures adopted. Bursa Malaysia’s CG Monitor reports benchmark listed issuers, so companies should track peer performance and prepare remediation plans for any red flags. Internal audit and external advisors can provide independent validation of governance improvements.

Related articles

Curated signals from the same pillar or overlapping topics.

Governance · Credibility 73/100 · March 22, 2024

Governance — Malaysia

Malaysia refreshed its Corporate Governance Code, tightening director tenure limits, sustainability assurance, and stakeholder engagement expectations for listed issuers and large companies.

Governance · Credibility 93/100 · February 11, 2021

Governance — Board oversight

The SEC put boards on notice in February 2021: cybersecurity oversight is a board responsibility. Expect to disclose your governance structure, whether you have cyber expertise on the board, and how you manage risk.

Governance · Credibility 92/100 · December 1, 2021

Governance Oversight Retrospective — Corporate governance

Global regulators reshaped governance between 2020 and 2021—from SEC narrative disclosures and EU data sharing rules to ISSB sustainability standards—requiring boards to refresh oversight controls, talent mandates, and…

Governance · Credibility 91/100 · September 23, 2020

SEC tightens Rule 14a-8 shareholder proposal thresholds

On September 23, 2020 the SEC adopted amendments to Exchange Act Rule 14a-8 raising ownership, resubmission, and engagement thresholds for shareholder proposals, affecting governance planning for 2021 proxy seasons.

Governance · Credibility 73/100 · January 5, 2022

China and Corporate governance

China’s updated CSRC Corporate Governance Code took effect 5 January 2022, compelling listed companies to sharpen board oversight, internal controls, and supplier transparency to meet Mainland capital market…

Continue in the Governance pillar

Return to the hub for curated research and deep-dive guides.

Visit pillar hub

Latest guides

• Board Oversight Governance Blueprint

  Unify Basel Committee, PRA, SEC, and ISSB oversight mandates into an auditable board governance operating model with data lineage, assurance cadences, and regulatory source packs.

• Third-Party Governance Control Blueprint

  Deliver OCC, Federal Reserve, PRA, EBA, DORA, MAS, and OSFI third-party governance requirements through board reporting, lifecycle controls, and resilience evidence.

• Public-Sector Governance Alignment Playbook

  Align OMB Circular A-123, GAO Green Book, OMB M-24-10 AI guidance, EU public sector directives, and UK Orange Book with digital accountability, risk management, and service…

Coverage intelligence

Published

April 28, 2021

Coverage pillar

Governance

Source credibility

73/100 — medium confidence

Topics

Malaysia · Corporate governance · Board independence · Sustainability oversight

Sources cited

3 sources (sc.com.my, iso.org)

Reading time

5 min

References

1. SC Malaysia release on MCCG 2021 — Securities Commission Malaysia
2. Malaysian Code on Corporate Governance 2021 — Securities Commission Malaysia
3. ISO 37000:2021 — Governance of Organizations — International Organization for Standardization