Written by Luk Pok Yin, MIPA, AFA, ACG (CS, CGP), ACS, LLM, DBA Student
Although there is systematic difference between countries in legal systems for corporate governance mechanism, most of them have recently reformed their mechanism to comply with the international corporate governance code and the Anti-Money laundering measures. Hong Kong as an international financial centre has not been left behind when it comes to matters of corporate governance. It has introduced several initiatives such as the Revised Companies Ordinance, Code on corporate governance and Anti-Money laundering Ordinance since the last ten decades among others to help in the reform of corporate governance. Companies such as listed companies on the other hand are taking necessary measures in compliance of the rules to ensure that they are socially responsible, transparent and observes highest levels of corporate governance. In bid to meet some of the thresholds, organizations have taken advantage of what digital technology has to offer to stay competitive and to be compliant with most of the established corporate governance policies. And under the recent pandemic situation, it helps to accelerate the process of merging the corporate governance with the digital applications has seen the emergence of new challenges and opportunities and the article will examine such issues in details.
Challenges of Corporate Governance in Hong Kong
Data Security and Privacy Issues
In the digital world, most of the companies are struggling to maintain their cybersecurity and data breaches in release of private information to unauthorized third party are likely to occur. With highly connected computers and easy accessibility to information, it is easier today for confidential data to land in the wrong hands. Data leakage can cause a serious blow to even the most established companies and with technological advancement, the numbers of privacy issues are likely to increase due to the challenge of managing the internal data. In the past years, more than several issue had significant issues to do with data breaches. According to Privacy Commissioner for Personal Data, 2019, Hong Kong Broadband Network (HKBN), a company that provides network services was hacked leading to exposure of data of more than 380,000 customers. The incident had immediate effects on the company as the stock price plunged due to lack of trust from the customers and legal implications as it failed to protect the customer data. Such incident raised several questions on the roles that organizations play to ensure that all their data systems, servers and networks are protected. Companies that have developed the most advanced security plans towards their internal data are likely to thrive in this age of digital revolution.
Internal Threat from Employees
It is possible that some employees may have malicious thought and misuse their powers such as access to sensitive information to dent the image of the company. As organizations seeks to enhance employee autonomy in the workplace and to automate their services, it has led to several users having excess privileges, utilization of multiple devices that have sensitive information and enhanced technologies that are difficult to manage.
Opportunities for Corporate Governance in Hong Kong
Enhanced IT Governance
IT governance is the next frontier for companies that wish to produce value addition and unmatched products in today’s century. The ability to manage most of the IT operations of a business can help it to fulfill its strategic goals and objectives. The adaptable and flexible companies that utilizes the IT governance as part of its values, mission and vision can easily overcome most barriers in the business environment (Spremic, 2010). The key decision makers in the organization should be in the forefront to ensure that most decisions made in the company supports the IT governance. Most challenges such as privacy issues and cyber security can be best solved when the corporate heads spearhead a culture of cyber security and cyber awareness in the workplace.
Compliance efforts to Mitigate the Risks
Businesses operate in risky environments and those that have advanced plans to mitigate the risks are likely to survive and thrive. Firms that are more technology driven have already incorporated a new system known as Risk Management System (RMS). The RMS can help to monitor and enhance most of the business activities to comply with the updated regulatory requirements. Hong Kong has specific principles on the data privacy and companies should incorporate governance in the data management to ensure that all the principles are followed. Simple steps such as establishing applicable guidelines in collecting the personal data, notifying the owners of the data about the intent to use it and protecting the data can guarantee compliance from the companies. Companies can also take advantage of the internationally recognized standards on data management from GDPR guidelines and purchase appropriate insurance products to mitigate the risks and protect the company’s image, prevent leakage of the data of employees and customers.
Transparency in Governance
Organizations are finding it mandatory to utilize the business communication technologies and that has led to transparency in most of the organizations. As companies continues to exchange information using the various communication tools, they have achieved transparency which is a key determinant factor in corporate governance. The enhanced communications between the board and senior executives, management and the frontline workers can be instrumental in monitoring performance and exposing of irregularities to ensure that everyone becomes responsible for their actions.
The digital age has made it possible for companies to advance their corporate governance such emphasizing on compliance, enhancing on internal controls, better risk management strategies, better working environments for employees and faster decision making. The challenges such as cyber security, network attacks, internal threat and ransomware should act as opportunities for the companies to advance their corporate responsibility. Most of the challenges can be mitigated by proper measures such as adhering to data privacy rules, enhancing security through encryption and firewalls, regularly adapting the software and operating system, minimizing the level of access of employees to sensitive data and providing the training to employees about business code of conduct. The companies should also be willing to adjust most of their practices, business codes and updating their internal policies to ensure that they observe all the regulations and requirements in regard to corporate governance.