Strengthening Corporate Governance

Uphold strong corporate governance standards and operate ethically

Management Approach

Corporate Governance
Risk Management
Business Integrity
Data Privacy and Cyber Security

Corporate Governance

At Towngas, the high standard of corporate governance that we maintain helps to assure shareholders that their rights and interests are well protected. For other stakeholders, including customers, employees, suppliers and members of the community, our adherence to good corporate governance principles and practices is a clear demonstration of our commitment to fulfilling our social responsibilities.

The Board of Directors of Towngas (the Board) is the Group’s highest governing body. It is responsible for enforcing corporate governance and risk management through effective internal controls that enhance transparency and accountability.

The Board meets regularly at least four times a year at approximately quarterly intervals. The Directors can attend meetings in person or through electronic means of communication in accordance with the Articles of Association.

Board Diversity

The Board adopted the Board Diversity Policy setting out the approach to achieve diversity on the Board. The Company recognises and embraces the benefits of having a diverse Board to enhance the quality of its performance. In designing the Board’s composition, Board diversity has been considered from a number of aspects, including but not limited to professional experience, skills, knowledge, cultural and educational background, ethnicity, age and gender, appropriate to the requirement of the Company’s businesses.

Nomination Committee

The Board adopted a Nomination Policy which aims to ensure that the Board has a balance of skills, experience and diversity of perspectives appropriate to the requirement of the Company’s businesses. In selecting and appointing a board director, the Nomination Committee shall consider criteria, including but not limited to reputation for integrity, business experience relevancy and benefit to the Company, willingness to devote adequate time to discharge duties as a member of the Board and the Board Diversity Policy.

The Nomination Committee identifies individual(s) suitably qualified to become board members, having due regard to the Nomination Policy and the Board Diversity Policy, assesses the independence of the proposed independent non-executive Director(s) as appropriate, and makes recommendation(s) to the Board.

The Nomination Committee also assessed the independence of all independent non-executive directors of the Company annually and recommended to the Board the extension of the terms of office of all non-executive directors (including independent non-executive directors) and for approval of the re-election of the retiring Directors at every Annual General Meeting. The Company receives annually from each of the Independent Non-Executive Directors confirmation in writing of their independence pursuant to Rule 3.13 of the Listing Rules and considered them as independent.

The Board shall have the ultimate responsibility for all matters relating to selection and appointment of Directors. The Nomination Committee will monitor the implementation of the Board Diversity Policy and the Nomination Policy and from time to time review them, as appropriate, to ensure that they remain relevant to the Company’s needs and reflect both current regulatory requirements and good corporate governance practice.

Risk Management

We consider risk governance to be among our top priorities at Towngas and have established a robust system of risk management and internal control. This contributes to our future success and helps to increase our value to key stakeholders over the long term.

Our risk management process covers all business units in the organisation and concerns all our people. As an ongoing process, risk management has become an intrinsic aspect of our day-today operations and part of the culture at Towngas. The Board of Directors of Towngas (The Board) has the overall responsibility to oversee risk management and evaluate and determine the nature and extent of the risks it is willing to take in a manner consistent with its strategic business drivers. To ensure proper risk reporting channels are in place, the Group Risk Management Committee recommends the risks and corresponding controls to the Executive Risk Management Committee and reports them to the Board for its endorsement.

For more details, please refer to our Risk Management Framework.

Business Integrity

At Towngas, we comply fully with all major local laws and regulations in every jurisdiction where we operate.

Our reputation as a trusted service provider and business partner depends on our staff operating ethically and with integrity. The Code of Conduct of the Group provides guidelines on how to handle issues related to equal opportunity, fair practice, freedom of association, whistleblowing, conflicts of interest and integrity. All staff members are expected to adhere fully to the principles set out in the Code of Conduct and will be subject to disciplinary action if they contravene those principles. We also require our suppliers to maintain an equally high standard of ethics as stipulated in our Code of Practice for Suppliers.

Prevention of Bribery, Extortion, Fraud and Money Laundering

According to the Prevention of Bribery Ordinance, Towngas is a public body. We therefore insist that our staff and business partners adhere to both the letter and the spirit of the law during the course of business. All our employees are strictly forbidden from giving or accepting bribes and must never offer an advantage to, or ask for an advantage from, customers, suppliers, contractors, regulators and legislators, authorities or other business partners.

The Code of Conduct and an Anti-fraud Policy promote integrity as a core company value. Both help us to continuously enhance our anti-fraud controls and organisational behaviour to be consistent with our ethical culture. Under the Code of Conduct and Anti-fraud Policy, we are committed to preventing, detecting and reporting any actual or suspected case of fraud, irregularity, misconduct or malpractice, with zero tolerance for any case of corruption or related malpractice.

  • Reporting and Monitoring

    We have a Whistleblowing Policy that encourages employees and stakeholders to raise concerns about any misconduct, malpractice or irregularity, particularly in relation to violations of our Code of Conduct or our business ethics and principles. It provides a formal channel and guidance on reporting possible improprieties. We also have a dedicated panel for dealing with such cases, while staff grievances are handled by the Corporate Human Resources Department. A summary of reported whistleblowing cases is sent to the Board Audit and Risk Committee twice annually.

  • Training and Awareness

    Training in anti-corruption and the Code of Conduct is mandatory for all staff, and is included in our induction course when they first join the Company. All employees are required to confirm on an annual basis that they have read and understood the Code of Conduct, which includes our anti-bribery practices; directors also receive such relevant materials.

    We promote the Code of Conduct, as well as our Whistleblowing Policy, among our staff and refresh their understanding of its principles on a regular basis to ensure business practices remain compliant.

Prevention of Anti-competitive Practices

In our Code of Conduct, we set out our commitment to comply with the laws and regulations pertaining to anti-competitive practices, in line with the Company’s nine core values. The Code also provides guidance for all staff on understanding the requirements and importance of compliance, as well as the disciplinary action and possible liabilities they will be subject to in cases of non-compliance. Additionally, we closely monitor the Competition Ordinance and report to the management on any developments that could have a significant impact on Towngas.

Protecting Intellectual Property Rights

All employees must respect, and not infringe, copyrighted work and comply with all applicable laws and regulations. We also require our suppliers to respect intellectual property. In any case of infringement of intellectual property rights by our suppliers, they will have the responsibility to defend and indemnify Towngas.

Data Privacy and Cyber Security

We understand the importance of personal data privacy and take every step necessary to protect them. To that end, we have established a Personal Data Privacy Policy that sets out our standards for handling personal data. Cyber security has also become a key concern of stakeholders. Our Information Security Policy ensures the confidentiality, integrity and availability of the Group’s information and technology assets.

The key to customer privacy is our employees. If our employees lack the necessary awareness, mishandle customer information or are unaware of cyber security risks, the potential for a customer information leakage incident can be high. To avert this possibility, we have undertaken various initiatives, including seminar training and the provision of information security tips. We also host an annual Information Security Week to keep employees up-to-date on personal data protection matters as well as cyber security knowledge.

Data Privacy

The Company’s Data Privacy Standing Committee reviews strategies for handling personal data and, together with the Data Protection Officer and the Departmental Data Protection Coordinators, deals with personal data situations. Every department is required to make a declaration to the Company about any data protection matters that might have arisen during the year.

Aside from reviewing strategies on handling personal data, the Data Privacy Standing Committee focuses on managing potential data breaches. If a data breach does occur, the Committee will conduct an interim assessment on the risk of harm and decide whether the incident will be escalated to top management for their attention. The Committee will also suggest solutions for resolving the incident.

To ensure the accountability of each department in the Company, all departments must submit a declaration of compliance with data protection requirements annually.

Cybersecurity

To deal with cyber security issues, we have a Cyber Security Committee that is responsible for all cyber security matters at Towngas. The Head of Corporate Information Technology directly reports to Deputy Managing Director who is in the Executive Committee and responsible for overseeing cybersecurity within the Company.

To mitigate the risks of data leakages and maintain the trust of our customers, we make it possible to wipe the data contained in all mobile devices carried by our gas technicians and other frontline staff remotely, in case these devices are lost. We also isolate sensitive information from our customer relationship management system, in order to minimise the impact of possible hacking incidents.

To guard against cyberattacks, we have commissioned a third-party consultant to monitor cyber incidents around the clock. Five response playbooks covering the top five cyber security incidents have been prepared, with actionable, consistent processes developed for responding to and recovering from various cyber incident scenarios that would have a severe impact on our business processes. In the event of a suspected cyberattack, our Cyber Security Committee will trigger the incident response process, contain the data leakage and then contact the Cyber Security Centre of the Hong Kong Police Force and other security experts. Additionally, we test our incident response procedures annually. We also conduct regular phishing simulations targeting our employees to heighten their awareness of cyber security risks.

Key Performance Figures

CORPORATE GOVERNANCE

Launched and updated ESG policies

BUSINESS INTEGRITY

Reinforced our Corporate Culture of Integrity, Courtesy and Mastercraft through refresher training and workshops

Future Actions and Targets

  • Promote

    business ethics and compliance

    by regularly reviewing relevant policies and guidelines; carry out risk management training and internal audits

  • Review the

    effectiveness of our risk management

    to keep abreast of the changing business environment

  • Review the

    corporate governance principles and practices

    adopted by the Group to ensure Listing Rules’ compliance

  • Continue to work with

    law enforcement

    for better collaboration and intelligence exchanges to combat any potential cyber threats

  • Continue to promote

    Corporate Culture and Code of Conduct

    through the new design of e-learning programmes