11 Jan 2017
Listed Companies advised to meet requirements for disclosure about risk management and internal control
Grant Thornton Hong Kong calls on companies to respond to requirements for ESG reporting
Hong Kong – Grant Thornton Hong Kong Corporate Governance Review 2016 (the “Review Report”) finds that 41% of the Hang Seng Composite Index (“HSCI”) companies claimed full compliance with the Corporate Governance Code (the “Code”) issued by Hong Kong Exchanges and Clearing Limited (“HKEx”), representing an increase of four percentage points from 2015. This reflects that listed companies are improving their disclosures on information regarding code compliance, internal control and risk management. The Review Report also shows that 80% of HSCI companies discussed environmental, social and governance (“ESG”) issues either in their annual reports or in separate ESG reports, representing a considerable increase from the 49% reported in Grant Thornton’s review in 2015.
Grant Thornton Hong Kong compared the 2015 annual reports of 475 Hang Seng Composite Index (HSCI) companies and found that 45% of the HSCI companies disclosed a high-level discussion about the risks faced by them in their annual reports, as compared with the 19% last year. The percentage of the companies which made this kind of disclosure was the highest among the energy companies while that among the service companies was the lowest. Meanwhile, 67% of the HSCI companies had separated the roles of chairman and chief executive and had the roles performed by different individuals. Over 86% of the HSCI companies reviewed the effectiveness of their risk management, and 26% established a separate risk committee.
Commenting on the improvement of the listed companies’ disclosures on their internal control, Eugene Ha, deputy managing partner of Grant Thornton Hong Kong said, “We are pleased to find that listed companies are paying more attention to the internal control and risk management. According to the Review Report, 67% of the HSCI companies with profits claimed that they maintained an effective and adequate system of risk management. However, we have yet to prove the direct correlation between the risk management system and profitability. In our opinion, effective risk management and internal control help companies identify risks properly and formulate solutions to minimize any potential risks and the associated losses, which might have positive impact on the companies’ financial performance.”
Increasing emphasis on Environmental, Social and Governance (ESG) reporting
On the other hand, revisions made to the Review of the Environmental, Social and Governance Reporting Guide and announced by Hong Kong Exchanges and Clearing Limited (HKEx) has become effective for listed companies with accounting periods starting from 1 January 2016 (disclosure requirements on Environmental Key Performance Indicators will be effective for listed companies with accounting periods starting from 1 January 2017), which requires the companies to measure ESG effectiveness by key performance indicators, covering such environmental issues as emissions and use of resources and such social factors as employment, staff training and labour standards.
According to the Review Report, although such revisions were not yet effective by the time the listed companies were preparing their 2015 annual reports, about 80% of the HSCI companies discussed ESG issues either in their annual reports or in separate ESG reports, compared with that of 49% last year – a clear indication that companies have been paying more attention to ESG reporting.
Henna Liu, advisory manager of Grant Thornton Hong Kong commented, “ESG reporting have a tremendous impact on a company’s development, as investors tend to integrate ESG into their evaluations and investment strategies. Efforts in ESG could also help companies fully utilize resources, enhance brand reputation and increase employee loyalty.”
The increasing significance of cyber security or IT security
Even though the issue of cyber security or IT security is vitally important to companies amid the rapid advancement of technology, the Review Report shows that only 8% of the HSCI companies mentioned cyber security or IT security in their annual reports, compared with the 10% of the HSCI companies which did so in their 2014 annual reports. The Review Report also shows that only 13% of the HSCI companies disclosed how information technology impacted their business.
Henna Liu said, “With the growing impact of information technology on enterprises, we encourage the listed companies to enhance the transparency of their disclosures on how they manage information systems and IT risks. We also suggest that the relevant issues should be proactively and closely monitored by the boards of directors of the listed companies and the risk committee so as to bolster investor confidence.”
A comprehensive risk management to facilitate sustainable development of listed companies
HKEx has revised the corporate governance code and corporate governance report (Main Board Listing Rules – Appendix 14/GEM Listing Rules – Appendix 15) which emphasizes the integration of risk management and internal control and clarifies the roles and responsibilities of the board of directors and the management of listed companies. The revised code also stipulates that the board of directors are responsible for establishing and maintaining an appropriate and effective risk management and internal control systems. Such revisions has become effective for listed companies with accounting periods starting from 1 January 2016, along with the ESG Reporting Guide. The Review Report shows that more listed companies have complied with the requirements on disclosure ahead of schedule.
Eugene Ha concluded, “More and more attention have been paid to the listed companies’ corporate governance, risk management and internal control. To the companies, it is not only a compliance exercise but also a long-term practice. They should proactively respond to the disclosure requirements in order to improve the level of transparency. To reduce costs, we suggest the listed companies to outsource the work of establishing and improving the risk management and the internal control system to a professional team in order to help them achieve their sustainable development.”
For more information, please visit Grant Thornton’s webpage.