The Corporate Governance Code (the "Code") which was published by the Malta Financial Services Authority (the "MFSA") on the 5th August 2022 is applicable to all persons authorised by the MFSA to provide financial services in or from within Malta such as credit institutions, financial institutions, payment institutions, insurance companies and investment firms. Nevertheless, the Code is not applicable to:

Authorized Listed Entities falling within the scope of the MFSA Capital Market Rules; and

Authorized persons who are natural persons.

The Code has provided a set of core principles which are considered essential for good corporate governance, and which should be applied on a 'best effort basis'. The core principles relate to the following sections which insurance entities are expected to implement:

i. The effective board: What can be done to assess the effectiveness of the board? By the board defining its remit and power in a written document which is approved by the Board, such as a Board Charter or Board Terms of Reference and ensuring that such document is known to the entity. The Code also goes into the structure and composition of the Board of Directors whereby the importance of the appointment of at least one independent non-executive director is emphasised. The process of appointing directors should also be applied by the insurance entity in order to ensure that the proposed director is indeed fit and proper to carry out their extensive and demanding responsibilities as a director of an insurance entity. The Code further recommends that an effective succession plan should be in place to avoid key person risk. More importantly, the Code suggests that an evaluation of the board performance should be carried out, ideally by an independent, external third party in order to recognize the strengths and weaknesses identified by each director. Such evaluation will lead to recommendations and action plans which will improve the effectiveness of the board.

ii. Internal controls: the board should ensure that appropriate internal control mechanisms are in place to ensure any exposure to any risks identified are understood and managed. Insurance entities are expected to embed the principles of the updated Three Lines Model in their controls, operation and culture. The Board should also engage an effective and robust Information and Communication Technology and security risks management process is in place, establishing a sound internal control framework that will set clear responsibilities for the staff of the insurance entity. Furthermore, insurance entities are to establish, implement and maintain adequate policies and procedures designed to detect any risk of failure by the insurance entity to comply with legal and regulatory obligations. The setting up of an Audit Committee being responsible for overseeing the financial reporting process and the relationship with the external and internal auditors has also been recommended in the Code to strengthen the internal control framework of an insurance entity.

iii. Stakeholder engagement: the Code stresses the importance of effective engagement with the shareholders and should utilize the annual general meeting to communicate effectively with the shareholders. Furthermore, the board should also encourage active cooperation between the entity and its stakeholders, including suppliers, customers, employees and public authorities since this contributes to growth and success of the insurance entity.

Corporate culture, CSR and ESG: the importance of establishing a corporate culture aligned with the entity's strategy together with cultivating a robust compliance culture. The board should endeavor to embrace environmental, social and governance (ESG) standards and corporate social responsibility (CSR) principles in the insurance entity's strategy which focuses on sustainable finance activities and projects. The board should implement ESG specific criteria into the strategies, business models and overall governance practices. It is recommended that sustainable finance should be embedded into the insurance entity's core values. The Code further recommended that insurance entities should implement a ESG strategy whereby reports on ESG initiatives are regularly provided.

The principle of proportionality is to be adopted and applied across the insurance entities, whereby such methodology is in line with the corporate governance policies advocated by international bodies such as the European Commission and OECD.

Upon the implementation of such principles highlighted in the Code, such entities will enhance their legal, institutional and regulatory framework for good corporate governance, which will complement and add strength and value to the effectiveness of good corporate governance within the structure of an insurance entity. The MFSA pushes for the implementation of such principles to strengthen trust, transparency and accountability which is necessary for long -term success in the insurance market.

Is the insurance entity you are involved in adopting and implementing the core principles in the Code? Has a gap analysis been carried out to ensure that such insurance entity is executing the above mentioned principles?

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.