In 2020, the MFSA issued a Discussion Paper proposing a comprehensive, enforceable cross-sectoral Corporate Governance Code for listed entities and persons authorised by the Authority. The Authority put forward several proposals regarding the scope and application of the Code, its enforceability, the structure and composition of Boards of Directors, and a number of other provisions on different aspects of Corporate Governance. These include engagement with stakeholders, corporate culture, ethics framework, risk management, and others. The primary purpose of the Code is to raise corporate governance standards, practices, and processes by ensuring that good corporate governance is considered a top priority and is adequately integrated into the firms' culture.

The MFSA received feedback from several industry participants, and the comments received were carefully considered by the Authority. The MFSA’s responses and positions are highlighted in the MFSA Feedback Statement.

The Authority stated that most respondents welcomed the commitment of the MFSA to revisit the existing framework and the proposal to issue a comprehensive principles-based Corporate Governance Code. They considered that embracing these principles would undoubtedly enhance the Corporate Governance culture and Malta's standing as a financial services jurisdiction.

On the other end, respondents emphasised the importance of retaining sector-specific guidance and rules, with the majority not favouring a one-size-fits-all approach or a possible duplication element of governance-related reporting.

In this respect, the MFSA resolved that the Corporate Governance Code will contain core principles that will form the basic framework and define good governance objectives whilst ensuring that the proportionality principle is applied. Furthermore, the principles (and any supporting provisions) shall also be complemented by either binding rules or guidance notes (or sectoral specific Codes if deemed necessary) that would apply to different typesets. 

Regarding the Code application, the MFSA valued the responses suggesting that a mandatory application of the principles (that is, on an 'apply and explain' basis) might significantly impact and increase the overall costs for certain entities. As a result, the MFSA revised its position, and the list of principles will be applicable on a "best effort basis".

With respect to the principles proposed by the Authority in its discussion paper, some positions have been retained and will be included as principles in the revised Code.  In contrast, others have been modified, according to feedback received and internal discussions.

Specifically, the Authority put forward a range of proposals to enhance the effectiveness of the Boards of Directors of Authorised entities. These include, amongst other things, requirements on diversity, structure and composition; appointment, resignation, dismissal and removal of directors; directors' responsibilities; remuneration; evaluation of board performance; board meetings; conflicts of interest and confidentiality; and advisors to the board. The majority of respondents agreed that the Board of Directors' role should be enhanced, and most of the proposals will be retained as principles in the Code.

The Authority also believes that an entity's success also depends on its relationship with groups of stakeholders. To ensure effective engagement with and encourage participation from entities' main stakeholders, provisions must be included in the Code. The requirements shall cover the need for the board to maintain an effective dialogue with stakeholders, shareholders, institutional investors and employees.

The MFSA also proposed introducing provisions to enhance the risk governance and expected controls to reinforce the risk management and controls within entities. Feedback received was generally positive, with many respondents stating that the risk management framework should be implemented following the proportionality principle given that entities that differ in size, structure and business model have different risk exposures.

The MFSA will be retaining the proposals making reference in the Code to 'internal controls'.

Finally, the Code will include a section on "other principles", with principles on Business Continuity and Disaster Recovery, Corporate Sustainability and Corporate Social Responsibility.