← Back to all briefings
Governance 5 min read Published Updated Credibility 40/100

Governance Briefing — April 28, 2021

Malaysia’s 2021 Corporate Governance Code tightened board leadership expectations—mandating 30% women directors for large companies, limiting independent director tenure, elevating sustainability oversight, and embedding anti-corruption controls.

Zeph Tech Research Lead

Research lead, Zeph Tech

Timeline plotting source publication cadence sized by credibility.
2 publication timestamps supporting this briefing. Source data (JSON)

Executive briefing: The Securities Commission Malaysia released the revised Malaysian Code on Corporate Governance (MCCG 2021) on 28 April 2021. The principles-and-practices code applies to listed companies on Bursa Malaysia, with expectations that non-listed entities adopt relevant practices. MCCG 2021 updates focus on board leadership and effectiveness, audit and risk management, and integrity in reporting and corporate conduct. Key enhancements include a requirement for at least 30% women directors on the boards of large companies by 2023, stricter tenure limits for independent directors, expanded sustainability governance, and stronger anti-corruption controls aligned with Section 17A of the Malaysian Anti-Corruption Commission (MACC) Act.

Board leadership and composition

  • Chair-CEO separation. MCCG reiterates that the roles of chair and CEO should be distinct, with the board chaired by a non-executive director.
  • Board gender diversity. Large companies (market capitalisation above RM2 billion) must have at least 30% women directors by 31 December 2022. All listed companies are expected to have at least one woman director by 1 June 2023, aligning with Bursa Malaysia Listing Requirements updates.
  • Independent director tenure. Practice 5.3 requires boards to justify and seek shareholder approval through a two-tier voting process if an independent director serves beyond nine years; for large companies, MCCG encourages a 12-year hard cap with board refreshment plans.
  • Board nomination processes. Boards should leverage independent sources (search firms, director registries) when appointing directors and disclose the outcomes of the annual board evaluation, including skill matrixes and diversity targets.

Sustainability governance

MCCG 2021 elevates sustainability from voluntary to core board responsibility. Boards must integrate sustainability considerations into strategy, risk management, and performance monitoring. Large companies should establish board committees or dedicated oversight mechanisms for sustainability. Disclosure expectations include key focus areas (climate, supply chain, human rights), performance targets, and progress. Management is tasked with embedding sustainability into operations, supported by metrics and incentives.

Integrity in corporate reporting

  • Comprehensive reporting. Boards should ensure integrated reporting or equivalent frameworks that articulate strategy, governance, performance, and prospects. Sustainability statements must be data-driven and aligned with global frameworks (GRI, TCFD).
  • CEO and CFO assurance. MCCG encourages CEOs and CFOs to provide assurance to the board on the accuracy of financial statements.
  • External assurance. Companies are encouraged to seek external assurance on sustainability disclosures to enhance credibility.

Audit and risk management enhancements

  • Audit committee independence. The audit committee should comprise only independent directors and possess collective expertise in accounting and finance. Practice 9.3 urges periodic rotation of external audit partners and assessment of audit quality indicators.
  • Risk management committee. Large companies should establish a risk management committee separate from the audit committee or ensure sufficient risk expertise within combined committees. Risk oversight must cover enterprise risk management, cybersecurity, climate-related risks, and emerging threats.
  • Internal audit. Internal audit must be led by qualified professionals with direct reporting to the audit committee. MCCG emphasises quality assurance programmes and adequate resourcing.

Anti-corruption and whistleblowing

With the MACC Act’s corporate liability provisions effective June 2020, MCCG 2021 reinforces expectations for adequate procedures under the TRUST principles (Top level commitment, Risk assessment, Undertake control measures, Systematic review, Training and communication). Boards should monitor corruption risk assessments, maintain policies on gifts and hospitality, implement due diligence on third parties, and ensure whistleblowing channels are independent, confidential, and accessible. Regular reporting to the board on whistleblowing cases and anti-corruption training uptake is expected.

Stakeholder engagement

Companies must disclose stakeholder engagement strategies, including material topics raised and responses. MCCG encourages adoption of integrated reporting that links stakeholder expectations with strategic decisions. Investor relations programmes should provide transparent communication on sustainability targets, board composition, and risk management.

Implementation steps

  1. Perform a governance gap analysis comparing current practices with MCCG 2021 recommendations, focusing on gender diversity, board evaluations, and sustainability oversight.
  2. Develop board succession plans to achieve 30% women representation and refresh independent directors before nine-year tenure limits, utilising director training programmes offered by the Institute of Corporate Directors Malaysia.
  3. Enhance sustainability governance by establishing a dedicated board committee, assigning management accountability, and integrating sustainability KPIs into executive scorecards.
  4. Strengthen anti-corruption frameworks with risk assessments, third-party due diligence, whistleblowing hotlines, and periodic effectiveness reviews.
  5. Upgrade disclosure processes to produce integrated or sustainability reports aligned with global standards, supported by data governance and potential external assurance.

Zeph Tech supports Malaysian issuers in operationalising MCCG 2021 by designing board diversity roadmaps, sustainability governance structures, and anti-corruption control frameworks ready for regulator and investor scrutiny.

Director development and evaluation

MCCG 2021 emphasises continuous professional development. Boards should set minimum training hours, focusing on sustainability, digital transformation, and risk topics. Evaluation processes must include peer reviews, independent assessments every three years, and action plans monitored by the nomination committee. Disclose evaluation outcomes in annual reports, including progress on addressing identified gaps.

Remuneration transparency

The code recommends full disclosure of remuneration for individual directors on a named basis, including salary, bonuses, benefits-in-kind, and other incentives. For top five senior management personnel, aggregate disclosure is encouraged. Remuneration policies should link pay to performance across financial and non-financial metrics, incorporating ESG indicators. Shareholder engagement on remuneration—through policy votes and briefings—should explain incentive design and alignment with long-term strategy.

General meeting conduct

Companies are expected to leverage technology for general meetings, enabling remote participation, real-time voting, and question-and-answer sessions. MCCG calls for notice periods longer than the statutory minimum (at least 28 days), clear explanations of resolutions, and publication of minutes including questions raised. Boards should facilitate participation of senior independent directors and committee chairs to address investor queries.

Stakeholder and supply chain governance

The code urges boards to monitor supply chain risks, including labour standards and environmental impacts. Integrate human rights due diligence consistent with the UN Guiding Principles on Business and Human Rights. Establish grievance mechanisms for workers in the supply chain and report remediation efforts. Collaboration with regulators on initiatives such as the Malaysian Sustainable Palm Oil (MSPO) standard can enhance credibility.

Technology and cyber risk oversight

Boards must treat cybersecurity as a core risk. MCCG encourages dedicated reporting on cyber incidents, penetration testing results, and resilience investments. Companies should align cyber governance with Bank Negara Malaysia’s Risk Management in Technology (RMiT) policy (where applicable), adopt international standards (ISO/IEC 27001), and integrate cyber metrics into enterprise risk dashboards.

Monitoring and continuous improvement

Annual corporate governance reports should disclose application of each MCCG practice, reasons for departures, and alternative measures adopted. Bursa Malaysia’s CG Monitor reports benchmark listed issuers, so companies should track peer performance and prepare remediation plans for any red flags. Internal audit and external advisors can provide independent validation of governance enhancements.

Timeline plotting source publication cadence sized by credibility.
2 publication timestamps supporting this briefing. Source data (JSON)
Horizontal bar chart of credibility scores per cited source.
Credibility scores for every source cited in this briefing. Source data (JSON)

Related briefings

Curated signals from the same pillar or overlapping topics.

Continue in the Governance pillar

Return to the hub for curated research and deep-dive guides.

Visit pillar hub

Latest guides

  • Malaysia
  • Corporate governance
  • Board independence
  • Sustainability oversight
Back to curated briefings