EN
EN
MENU
Corporate Governance
GRI 2-9, 2-11, 2-12, 2-13, 2-16, 2-19, 2-20, 2-23, 2-24
HKEX Aspect B6
Corporate Governance
GRI 2-9, 2-11, 2-12, 2-13, 2-16, 2-19, 2-20, 2-23, 2-24
HKEX Aspect B6
Swire Properties is committed to conducting our affairs in accordance with high ethical standards. This reflects our belief that it is imperative to act with probity, transparency and accountability in order to achieve our long-term objectives of maximising shareholder value while focusing on sustainable development to preserve the environment and promote the interests of our employees, those with whom we do business and the communities in which we operate.
Our Board is committed to maintaining and developing robust corporate governance practices that are intended to ensure:
  • Satisfactory and sustainable returns to our shareholders.
  • That the interests of those who deal with the Company are safeguarded.
  • That we operate in an environmentally, socially and economically responsible manner across all aspects of our business.
  • That overall business risks are understood and managed appropriately.
  • The delivery of high-quality products and services to the satisfaction of our customers.
  • That high standards of ethics are maintained.
Our Chairman is responsible for ensuring, through the Board, that good corporate governance practices and procedures are followed. Our Audit Committee, consisting of two independent non-executive directors and one non-executive director, is responsible for assisting the Board in discharging its corporate governance responsibilities.
Our Executive Committee chaired by the Chief Executive comprises of two other executive directors and six executive officers, is responsible for overseeing the day-to-day operations of the Company.
This year, the Nomination Committee was given overall responsibility for the implementation and monitoring of Swire Properties’ Board Diversity Policy. The committee will also review the policy at least annually and recommend any proposed changes. Measurable objectives for policy implementation are published in the corporate governance reports in the Company’s annual reports and on the Company’s website.
For more information on Corporate Governance, please refer to the Swire Properties Annual Report 2024.
Ethics
Corporate Code of Conduct
GRI 2-15, 406
HKEX KPI B7.2
Our Corporate Code of Conduct (“the Code”) applies to every employee, officer and director of the Company and its subsidiaries. It sets out the operating principles underpinning our management approaches to a range of principles, including:
  • Business ethics
  • Conflicts of interest
  • Competition and antitrust
  • Anti Bribery
  • Political contributions
  • Gambling
  • Procurement
  • Record-keeping
  • Use of Company information and property
  • Whistleblowing
  • Health and safety
  • Environment
  • Equal opportunities and diversity
  • Use of social media
  • Privacy
Under the Code, all our employees have a responsibility to report concerns about any suspected or actual improprieties relating to the Company and/or its subsidiaries. Employees found to be in breach of the Code will be subject to disciplinary action.
As part of the annual employee performance and development review process, all employees are required to sign a statement on an annual basis whereby they agree to abide by and regularly review the Code.
Since 2023, Swire Properties has obtained third-party assurance regarding the number of breaches of our Corporate Code of Conduct, in accordance with the International Standard on Assurance Engagement (“ISAE”) 3000. This assurance covers our operations in Hong Kong, the Chinese Mainland and the U.S.A., further demonstrating our commitment to upholding integrity and ethical conduct throughout our organisation. In 2024, there were three confirmed cases of breaches of the Code, concerning business ethics, conflicts of interest, procurement and use of company information and property.
Our adherence to the principles and requirements of ISAE 3000 covers the accuracy and integrity of the number of breaches of the Code, and the effectiveness of our internal processes in terms of managing and reporting any breaches. The assurance provider reviews the structure and design of these processes and examines the Company’s incident reporting mechanisms to ensure that they are well-established, clearly communicated and accessible to employees.
Additionally, the assurance process reviews the monitoring and investigation procedures that the Company has in place and evaluates the corrective and disciplinary actions taken in response to breaches. By evaluating the effectiveness of our internal processes, we hope to gain insights that will further strengthen our compliance mechanisms and reinforce a culture of ethical behaviour within the Company.
Whistleblowing Policy
GRI 2-26
HKEX KPI B7.2
Our Whistleblowing Policy sets out our policy on whistleblowing, including the protection of whistleblowers from reprisal or disadvantage.
If an employee wishes to report concerns, they should contact either our Human Resources and Administration department, their immediate supervisor, or the Swire Group Internal Audit department (“GIAD”); or make a report through our whistleblowing platform which is hosted by a third-party service provider and includes a 24-hour hotline service. Third parties that deal with Swire Properties, such as customers and suppliers, are also encouraged to report their concerns either directly to GIAD or through the whistleblowing platform. Anonymous reports may be submitted.
We also ensure that our contractors are aware of our Whistleblowing Policy and the different reporting platforms that are available to them.
In 2024, we received a total of 21 whistleblowing reports. Fifteen cases were related to operational issues, and the rest were related to the Corporate Code of Conduct. All whistleblowing cases were evaluated and fully resolved.
We are committed to the fair treatment of any person who makes a genuine and appropriate report. In addition to making every effort to keep the identity of whistleblowers confidential, all reported information is treated in confidence, except where Swire Properties is required by law or regulation to disclose it, for legal or audit purposes, or where the Company refers the matter to the relevant regulators or law enforcement authorities.
Anti-Bribery and Corruption Policy and Practices
GRI 205
HKEX Aspect B7, KPI B7.1,
B7.2, B7.3
In 2022, Swire Properties issued a new standalone Anti-Bribery and Corruption Policy, setting out the standards of behaviour expected from Swire Properties staff and the compliance procedures adopted by the Company, and reaffirming our commitment to providing guidance to all relevant parties about compliance with global anti-bribery laws. Our Corporate Code of Conduct was also updated to reflect the new policy.
According to the policy, all employees of the Company must comply with anti-bribery laws in every applicable jurisdiction. Our employees are not permitted to offer or accept advantages for the purpose of influencing business decisions, to make any form of payment to officials, or to grant, guarantee or accept loans from any person or organisation with whom we have business dealings.
To avoid the perception of improper conduct, our employees are expected to exercise caution when making or soliciting contributions to charitable causes and when providing entertainment and corporate hospitality or reimbursing bona fide expenses for legitimate business purposes. In 2024, there were no concluded legal cases regarding corrupt practices brought against the Company or its employees.
All our employees are required to confirm on an annual basis that they have read and have agreed to be bound by our Corporate Code of Conduct, which includes our anti-bribery practices. It is compulsory for our employees in Hong Kong and the Chinese Mainland (including those who have been seconded to other offices) to receive anti-bribery refresher training on an annual basis at a minimum.
In September 2024, we launched a refresher anti-bribery and corruption (“ABC”) e-training course. This training is compulsory for all Hong Kong staff, both frontline and office, and for all Chinese Mainland staff. This translated to approximately 10,400 hours of anti-bribery-related training provided to employees across the Company in 2024. Additionally, anti-bribery and anti-corruption training materials were provided to the Board of Directors.
Remuneration Policy
HKEX Aspect B1
Swire Properties is committed to providing fair and competitive staff compensation programmes that will attract, motivate, retain and reward employees at all levels, including our Executive Directors. Our Remuneration Policy documents key remuneration principles developed to support the Company’s strategy and is aligned with the Company’s corporate values. This policy ensures that the Company has a consistent, transparent and clear approach to remuneration considerations.
The policy is founded on the following key principles:
  • That compensation is competitive in the market.
  • That pay is based on individual performance.
  • Equity and fairness in pay.
  • Transparency of employee performance.
  • The Company’s affordability.
  • The Company’s financial and individual performance.
  • Options for pension schemes are provided as part of retirement benefits.
The Remuneration Committee reviews and approves remuneration proposals that concern our relevant senior management (including Executive Directors), making reference to the Remuneration Policy and the Board’s corporate goals and objectives. The remuneration proposals of our relevant senior management (including Executive Directors) are reviewed annually based on market data and peer comparison prepared by independent external consultants. No Executive Director or strategic leader takes part in any discussion about his or her own remuneration. The remuneration of individual Executive Directors and strategic leaders by band is disclosed in the Annual Report of the Company.
Human Rights Policy
HKEX Aspect B4, KPI B4.1, B4.2
We conduct our businesses in a manner which respects the human rights and dignity of our employees, those employed in our supply chains and the communities in which we operate, in line with the principles and guidance contained in the United Nations Guiding Principles on Business and Human Rights.
Our Human Rights Policy is informed by the International Bill of Human Rights and by the International Labour Organisation’s Declaration of Fundamental Principles and Rights at Work. We comply with national laws where they conflict with human rights standards but still do our best to respect the latter. The policy sets out the expectations we have for how our operations and supply chains should operate. The policy addresses diversity and inclusion practices, labour standards, health and safety and employment conditions. Well-established channels are provided to our employees and stakeholders to report human rights-related issues.
The Swire Group Internal Audit department conducts regular assessments of the Company’s adherence to the principles of the policy. Our business units are required to provide annual self-declarations on any non-compliance with human rights-related issues, including but not limited to child and forced labour, workplace discrimination and workplace health and safety within our operations and along our supply chain.
In 2024, we initiated a human rights assessment to enhance our understanding of the general human rights issues. The assessment evaluates our potential exposure and impact across our business activities and operating regions, and identify the associated risks to our business. The assessment gathers insights from international sustainability and human rights-related frameworks, sustainability indices, and peers’ best practices to develop a list of human rights risks, further leveraging a dataset with machine learning and extensive civil society research to provide insights on country-level and operational level human rights issues.
Under the human rights assessment, we conducted:
  1. Human Rights Landscape Review
    1. Conduct an in-depth review, identification, and benchmarking of human rights issues, referencing global standards, sustainability indices, and peer organisations.
  2. Human Rights Exposure Mapping
    1. Analysis of potential key human rights issues’ exposure across different business operations and countries to understand the context of adverse impacts on affected stakeholders.
  3. Prioritisation of Human Rights Issues
    1. Prioritise human rights issues with reference to the UN Guiding Principles on Business and Human Rights’ criteria on severity (scale, scope and irremediability) and likelihood to understand the issues.
The study will inform future regular reviews of our Human Rights Policy, providing insights on how we can enhance the implementation, monitoring and communication of the Policy across our operations going forward.
Product Responsibility
HKEX Aspect B6, KPI B6.3, B6.5
We are committed to ensuring that our marketing and communications materials comply with the relevant government regulations and industry guidelines, including the Residential Properties (First-hand Sales) Ordinance in Hong Kong and the Consent Scheme of the Hong Kong Lands Department.
We respect property rights, including intellectual property rights, and require that our employees comply with applicable legal requirements relating to the collection, holding, processing, disclosure and use of personal data, and that they respect the privacy of others and the confidentiality of information received during the course of our business operations.
Please refer to the Partners section of this report for information about our Data Management and Protection Policy.
Competition Law
GRI 206
We are committed to complying with all applicable competition and antitrust laws, including the Competition Ordinance in Hong Kong.
To help our employees understand the legal requirements of the Competition Ordinance, we have guidelines in place on conducting dealings with competitors and third parties, avoiding the abuse of market power, and participating in trade associations and industry bodies. We have also developed and implemented a Competition Law e-training programme for our relevant Hong Kong and Chinese Mainland employees.
In 2024, there were no legal actions related to anti-competitive behaviour brought against Swire Properties.
Information and Cyber Security
GRI 418
Under our risk management framework, the Board and management are responsible for identifying and analysing the risks related to information and cyber security, and for determining how such risks should be managed and mitigated.
We have implemented the three lines of defence model of cyber security and data protection risk governance.
In the first line of defence, the Digital & IT department identifies, analyses and reports the risks for which it is responsible. The first line of defence is supervised by the functional heads.
The second line of defence constitutes the Information Technology Digital Steering Committee, which is responsible for information and cyber security - leadership, policy development, standard & procedure formulation, monitoring & compliance, support for implementation, and security initiatives enhancement providing with review & approval, IT operational team's secure IT system & digital information environment providing & maintaining and IT (including information & cyber security) incident responses. They report to the Executive Committee (ExCom) which leads the second line of defence. The ExCom comprises the Chief Executive (CE), Executive Directors, Executive officers, providing assurance to the Board that the risk is being managed effectively.
The third line of defence is provided by the Group Internal Audit Department to provide independent audit over the effectiveness of the Company's information and cyber security controls, IT infrastructure, information security management systems and risk management processes regularly.
We are committed to complying with our Information and Cyber Security Policy and Guidelines which is applicable to the entire workplace. We have adopted the National Institute of Standards and Technology (“NIST”) Cyber Security Framework, ISO 27001 Information Security Management System & ISO 27701 Privacy Information Management System. In 2024, we have successful achieved our NIST cybersecurity maturity assessment target. We are committed to robust governance and control over personal data and sensitive information, minimising risk exposure through our comprehensive data privacy governance framework. This framework allows us to remain vigilant regarding the evolving landscape of data privacy regulations in the regions where we operate, ensuring compliance with both regulatory requirements and our internal policies. We regularly conduct independent information security governance assessments to identify opportunities for improvement and ensure continuous enhancement of our practices. With our ISO 27001 and 27701 certifications, we maintain a robust information security management system, and are well-equipped to protect our information assets while upholding the highest standards of cybersecurity. In 2024, these certifications encompass all managed sites in Hong Kong, the Chinese Mainland and the U.S.A. portfolio which is applicable to the entire workplace.
We have appointed a Managed Security Operation Centre ("MSOC") that offers 24/7 cybersecurity monitoring and response services to safeguard our information assets. Additionally, we conduct regular phishing email drills and regular e-training to foster awareness among our staff and provide accessible channels for reporting phishing incidents. We introduced the reporting suspected phishing function to our email system and organised the “Human Firewall” Phishing Challenge for employee to report incidents, vulnerabilities or suspicious activities.
We also maintain a comprehensive cyber incident response plan and playbook that outline clear procedures and guidance for managing and addressing potential threats from cyber-attacks that could disrupt our business operations. To ensure continuous awareness, we conduct scenario-based drills annually. As part of our Business Continuity Plan, we cover major IT services and external providers, with defined authorisation and notification protocols. Our IT Business Recovery Team , Corporate Business Recovery Team, and Information Security coordinate recovery efforts based on business impact assessments and recovery time and recovery point objectives. In case of disaster or emergency, structured reporting, recovery, and reconstitution procedures are followed. Regular scenario-based drills and disaster recovery tests ensure ongoing readiness.
In alignment with our Threat Vulnerability Management Policy, we actively gather threat intelligence, perform regular-basis detection and identification, severity rating, prioritisation, remediation resolution and monitoring. for internal vulnerabilities, and promptly address any identified issues.
Our Digital Project Governance (“DPG”) Policy applies to digital and information technology projects. The policy ensures that these projects comply with our applications and cloud architecture, cyber security, data privacy, and operational standards by design and by default.
We regularly implement security and cyber security awareness training for our employees. In 2024, we offered approximately 9,670 hours of such training. We also held personal data refresher training for our departmental leaders and strategic leaders in Hong Kong and the Chinese Mainland. This training is conducted every two years.
Recognising the growing significance of data privacy and security management, number of security control protection measures are implemented in Swire Properties:
  1. Roles and Responsibilities: Detail individual responsibilities for information security for the entire workforce and outsourced third-party services supplier
  2. Information Classification and Handling: Information is classified based on sensitivity and business Impact. Handling procedures—including storage, transmission, and disposal—are governed by documented controls to ensure confidentiality, integrity, and availability.
  3. User and Privileged Account Management: Access is granted based on least privilege and need-to-know. Account lifecycle includes provisioning, review, deactivation, and secure authentication.
  4. Network and Internet Usage: Governed by acceptable use policies and technical controls to prevent unauthorised access and data leakage.
  5. Email Security and Acceptable Use: Email systems are protected by baseline controls including spam filtering, malware detection, and encryption. Confidential data must be handled securely.
  6. Instant Messaging Controls: subject to the same security and privacy controls as email. Confidential data must not be transmitted unless encrypted and authorised.
  7. Communication and Information Lifecycle Management: All forms of communication, which can include email, messaging, file sharing, are governed by lifecycle management policies. This includes secure creation, storage, access, transfer, and disposal of information, with controls to prevent unauthorized disclosure.
  8. IT Equipment and Software Controls: Company-issued and authorised IT equipment must comply with baseline security configurations with endpoint protection enforced to mitigate threats.
  9. Mobile Device and BYOD Security: Both company-owned and Bring-Your-Own-Device (BYOD) assets are subject to mobile device management controls, with protection baselines and acceptable use policies.
  10. Remote Work Security: Employees must adhere to acceptable use policies and ensure secure handling of information outside the office, governed by protection baselines and acceptable use policies.
  11. Physical and Environmental Security: Physical access to facilities is controlled through badge systems and visitor logs. A clear desk and clean screen policy is enforced to reduce the risk of unauthorized access to sensitive information.
  12. Third-Party Security and Compliance: Outsources service providers are subject to due diligence, contractual obligations, and ongoing monitoring to ensure compliance with our security requirements and protection baselines.
  13. Personal data Protection and Transfer Controls: Personal data is collected, processed, and transferred in accordance with applicable privacy laws and internal policies. Data minimization, purpose limitation, and secure transfer mechanisms are enforced.
  14. Security Awareness and Privacy Training: All staff undergo mandatory annual training on information security and privacy. This includes scenario-based phishing simulations and refresher modules tailored to evolving threat landscapes.
  15. Threat, Security and Incident Management: Incident response plan is in place, supported by regular tabletop exercises to test detection, response, escalation, and recovery capabilities.
In 2024, there were no confirmed information security breaches.
SEE MORE IN
Risk Management
Risk Management
The Board evaluates and determines the nature and extent of the risks it is willing to take to achieve Swire Properties’ strategic objectives.
Green Financing
Green Financing
Swire Properties integrates sustainability factors into our financing mechanisms to support the transition to a low-carbon economy and reaffirm our commitment to SD.
Investor Relations
Investor Relations
Swire Properties believes in keeping our investors properly informed of our plans and operations, and in being transparent and communicating with them about all matters.
This website uses cookies to ensure you get the best experience on our website. More info