Corporate governance is a matter of culture, driving CLP to continually make conscious decisions around correct behaviours. Over the years, the Company has developed and put in place a set of policies, procedures and systems that make up a unique CLP corporate governance structure. The table summarises how CLP manages corporate governance through the CLP Code, the CLP Corporate Governance Framework and a comprehensive set of policies and guidelines:

How CLP Holdings approaches corporate governance

The CLP Code was updated in 2019 to reflect new requirements under the Rules Governing the Listing of Securities issued by The Stock Exchange of Hong Kong Limited (HKEx) and CLP's current corporate governance practices. While embracing the terms set out within HKEx's Corporate Governance Code and Corporate Governance Report, the CLP Code seeks to go beyond this by advancing a structure that builds on CLP’s own standards and experience.

The Board is CLP’s highest governance body and actively promotes the success of the Group by directing and supervising all of its affairs in a responsible and effective manner. Some of these responsibilities are discharged through delegation to six Board Committees. The two committees most involved in sustainability-related matters are the Sustainability Committee and the Audit & Risk Committee.

The Corporate Governance Report in the Annual Report discloses CLP’s governance performance in detail. Below are the highlights from 2020:

• Updated the CLP Value Framework by fully integrating the Sustainability Principles into company values and commitments and to underscore the fundamental role of sustainability in CLP’s long-term development.

• Conducted a hybrid AGM that allowed shareholders, whether present in person or online, to pose questions and to vote.

• Continued to follow-up on recommendations from the 2019 external Board Review.

• Actively monitored the increasingly challenging and complex risk environment.

The Human Resources and Remuneration Committee Report covers CLP's Remuneration Policy, including the non-financial metrics considered for executives’ remuneration.

CLP's Code of Conduct, updated in June 2020, is available to the public. It applies to the entirety of the Group, including CLP Holdings, its wholly owned subsidiaries, and joint ventures or companies in which CLP holds a controlling interest. All employees of CLP, irrespective of their position and function, are expected to fully adhere to the principles contained in the Code. In the case of joint ventures or companies in which CLP does not hold a controlling interest, the representatives are also expected to act in accordance with the Code and to make a concerted effort to influence those with whom they are working to follow similar standards of integrity and ethical behaviour. Likewise, contractors working for CLP are encouraged to follow the Code for the duration of their contract, and also encourage their subcontractors to do the same.

CLP's Whistleblowing Policy encourages employees and related third parties (such as customers and suppliers) who deal with CLP to raise concerns about any real or perceived misconduct, malpractice or irregularity through a confidential reporting channel.

15 principles of CLP’s Code of Conduct

Training and awareness

Code of Conduct training is mandatory for all staff after joining the Company. CLP promotes the Code of Conduct and Whistleblowing Policy to employees on a regular basis, by advising of any updates or revisions. In June 2020, as a proactive corporate governance measure, CLP and the Independent Commission Against Corruption (ICAC) in Hong Kong jointly hosted corruption prevention seminars for CLP staff. In addition, various CLP e-training programmes are in place to further strengthen employee awareness in the areas of Code of Conduct, anti-fraud, and internal control.

Every four years, the Company conducts a Business Practice Review (BPR) process for all employees in person to refresh a Company-wide understanding of the Code's principles, and help ensure business practices remain compliant. The last review was conducted in 2017 and the next review is planned for 2021. Any potential issues are raised and reviewed with management. A number of case studies based on past violations are included in the BPR to highlight how to properly handle potential and actual situations in which the Code has been violated. Contractors are encouraged to attend the BPR sessions alongside CLP employees.

Monitoring and follow-up

The General Representation Letter (GRL) process is one of the means by which non-compliance with the Code can be reported. It requires leaders of areas of responsibility to annually sign a GRL addressed to the Group Chief Executive Officer (CEO) and Chief Financial Officer (CFO) outlining their area's adherence, or otherwise, to the Code of Conduct.

The process reinforces personal responsibility for good governance and sets controls at all levels within CLP. As part of the process, business practices are reviewed and fraud risks in different areas assessed, while irregularities or exceptions are reported for the attention of senior management. Managers in the Group are also required to sign a Code of Conduct Compliance Statement on an annual basis.

The CLP-wide reporting system for Code of Conduct violations applies to any alleged or potential breach. All CLP employees are expected to co-operate fully in the investigation of an alleged violation, and disciplinary action applies to any staff member found to be in breach of the Code. The number of breaches of the Code and any cases of corruption are reported annually to the Audit & Risk Committee, with the relevant data verified by a third party.

Operational responsibilities

Potential violations of the Code of Conduct are reported to the Group Internal Audit (GIA) by employees, vendors, contractors and GIA auditors. Communications are received through means such as anonymous letters, emails or phone calls.

GIA regularly reviews compliance with the Code, and investigates any potential violations, except for those related to human resources, which are investigated by Human Resources (HR).

Non-compliance with the Code results in disciplinary action. The Group Code of Conduct Committee, which comprises the Executive Director & Chief Financial Officer, Group General Counsel & Chief Administrative Officer, and Chief Human Resources Officer, reviews and endorses any disciplinary measures taken.

For a quicker response to Code of Conduct violations in Australia, EnergyAustralia has been delegated the responsibility of managing and acting on violations committed by EnergyAustralia employees. EnergyAustralia will inform the CLP Holdings Audit & Risk Committee of cases involving senior EnergyAustralia employees.

For CLP India, a separate Internal Complaints Committee has been established to handle complaints of sexual harassment at the workplace in accordance with Indian law.

Changes resulting from the review and update of the Code of Conduct, Whistleblowing Policy and reporting procedures are outlined below:

• Code of Conduct – Added a new section on “Our Zero Harm Vision” to emphasise that safety and zero harm are the Company’s top priorities. The “Protecting our Information, Records and Assets” section was enhanced to emphasise the responsibilities of employees in upholding effective cyber security controls as a means to protecting the Company. Other changes include additional examples to enhance employee's understanding of various sections.

• Procedure on reporting of conflicts of interest – The conflict of interest assessment process was enhanced to clarify that the employee should first conduct a preliminary self-assessment when they face a potential conflict of interest situation.

• Whistleblowing Policy and procedure on the reporting of irregularities – Minor administrative updates on references and job titles were made to ensure the content is up to date.

In 2020, there were 25 breaches of the Code of Conduct, compared with 31 in 2019. While there were 14 cases of whistleblowing (compared with 20 in 2019), there were no convicted cases of corruption. None of the 25 breaches of the Code of Conduct in 2020 was material to the Group’s financial statements or overall operations. Two of the reported Code of Conduct violations involved employees at the grade level of senior manager and above. The breaches were managed in accordance with CLP's handling process for Code of Conduct breaches.

The number of confirmed Code of Conduct breaches of the 15 principles are shown below. Between 2016 and 2020, CLP did not have any breaches related to six Code of Conduct principles, namely Political Contributions, Gift & Entertainment, Laws & Regulations, Representation, Response to Incidents, and Compliance & Report.

GRI reference: 406-1, 416-2, 417-2, 417-3

CLP’s commitment to comply with laws and regulations is specified in the Code of Conduct. In addition to the Code of Conduct, there are policies, codes and guidelines that apply to its operations and practices to ensure compliance with the various laws and regulations applicable to CLP. These additional policies and guidelines assist CLP in ensuring compliance with laws and regulations relating to competition, personal data and privacy, intellectual property, health, safety, the environment, as well as employment and human resources amongst others.

CLP is prepared to forego opportunity or advantage in order to maintain the highest standards of corporate governance and integrity. Beyond compliance, CLP voluntarily follows other standards that reflect the Company’s principles and values.

Monitoring and follow-up

One of the responsibilities of the Board-level Audit & Risk Committee (ARC) is to review and monitor the Company’s compliance with the Code of Conduct, as well as the Company’s policies on compliance with applicable legal and regulatory requirements such as the Listing Rules, the Companies Ordinance and the Securities and Futures Ordinance. The Committee also reviews regulatory and legal issues. Every six months, Group Legal Affairs compiles a “CLP Group Key Regulatory and Legal Compliances Issues Report” for the ARC, which covers key regulatory compliance issues in addition to legal cases in which CLP is a named defendant.

CLP is often confronted with changes in the legal and regulatory regimes in the various jurisdictions in which it operates. The Company closely monitors emerging regulations and ensures that it is prepared for changes.

As CLP reviewed the new and amended laws and regulations which came into effect during the 2020 reporting year, it identified those which had or would have a significant impact on the business and would be relevant to include in the report. The threshold applied for assessing inclusion in the report was whether there was significant investment or expenditure required to ensure compliance. Laws and regulations pertaining to the following aspects informed this review, and the results are described in the relevant sections of this report:

1. Emissions – air and greenhouse gas emissions, discharges into water and land, and generation of hazardous and non-hazardous waste

2. Employment – compensation, dismissal, recruitment and promotion, working hours, rest periods, equal opportunity, diversity, anti-discrimination and other benefits and welfare

3. Health and Safety – safe working environment and protecting employees from occupational hazards

4. Labour Standards – prevention of child and forced labour

5. Product Responsibility – consumer data protection and privacy

6. Anti-corruption – bribery, extortion, fraud and money laundering.

To uphold the spirit of transparency and accountability, CLP reports cases of legal non-compliance annually in the Sustainability Report. These include convicted criminal cases against CLP, and major breaches that resulted in significant fines (greater than HK$1 million) or non-monetary sanctions. CLP’s 2020 performance is summarised below, grouped and based on the GRI Standards and the HKEx ESG Reporting Guide.

The Company is also exposed to the risk of contractual disputes and litigation in the course of its normal operations. The Group considers each instance separately in accordance with legal advice and will make provision and/or disclose information as appropriate. Refer to Note 30 – Contingent Liabilities on page 276 of the 2020 Annual Report.

Reportable cases of breach in legal or regulatory compliance in 2020

Risk Management Framework

Risk is inherent in CLP’s operations and the markets in which the Group operates. CLP aims to identify risks early so they can be understood, managed, mitigated, transferred or avoided. This demands a proactive approach to risk management.

CLP’s risk management framework comprises four key elements:

1. Risk management philosophy;

2. Risk appetite;

3. Risk governance structure; and

4. Risk management process.

CLP’s overall risk management process is overseen by the Board through the Audit & Risk Committee. There is strong recognition that risk management is the responsibility of everyone within the Group. Risk management is integrated into all business and decision-making processes including strategy formulation, business development, business planning, capital allocation, investment decisions, internal control and day-to-day operations.

CLP's risk management objectives are two-tiered:

• Strategic
  At a strategic level, CLP focuses on the identification and management of the material financial and non-financial risks associated with the pursuit of strategic and business objectives. In pursuing growth opportunities, CLP aims to optimise risk and return decisions as defined and quantified through a diligent and independent review and challenge process.

• Operational
  At an operational level, CLP aims to identify, analyse, evaluate and mitigate all operational hazards and risks. This is done in order to create a safe, healthy, efficient and environmentally friendly workplace for its employees and contractors. Other considerations include ensuring public safety and health, minimising environmental impact, and securing asset integrity and adequate insurance.

Risk management framework

Megatrends and material topics

CLP recognises that certain external global trends could have a significant impact on its operating environment. These megatrends encompass significant political, economic, social, environmental and technological changes that could rapidly evolve and impact on the context in which the Company operates.

Following a thorough review of transformative global megatrends, we identified decarbonisation and digitalisation as our key long-term drivers of change. This process resulted in the definition of a set of material topics to be managed, of which the ones below are the most relevant for the Company:

• Responding to climate change

• Harnessing the power of technology

• Reinforcing cyber resilience and data protection

• Building an agile, inclusive, and sustainable workforce.

Human Resources is now reported as a standalone key risk area underlining the importance of building a sustainable workforce for the successful execution of CLP’s decarbonisation and digital transformation agenda, and realisation of current and potential opportunities. Specific risks identified under each material topic are assessed in the integrated risk management process.This includes medium- to long-term climate change risks.