When it comes to governance standards, we continually go above and beyond the requirements necessitated by both commercial practice and applicable laws, rules or regulations. This approach builds trust among our stakeholders and forms the foundation of our license to operate.
Goal 5: Gender Equality
Goal 8: Decent Work and Sustainable Economic Growth
Goal 16: Promote Peace, Justice and Strong Institutions
Goal 17: Partnership for the Goals
Our sustainability achievements to date are due to our strong culture of ethics and integrity, which forms the foundation of our sound governance structure.Learn more about our Sustainability Governance and Structures.
Melco is a firm believer that effective management of ESG issues is an integral part of our robust governance and business strategy, and that sound ESG governance is linked to our financial performance and resiliency. Our approach to integrating sustainability for heightened business impact is focused on the following three fundamentals.
— Katie Maddison, Chief Risk Officer
Our developing operations in Cyprus see Melco operating under the EU’s General Data Protection Regulation (GDPR), in addition to data privacy legislation in Hong Kong, Macau and the Philippines. This has led to substantial work in strengthening our existing policies and processes, which we apply across all the jurisdictions where we operate. We performed reviews on collection channels of personal data, implemented the data minimization principle and reinforced the importance of complying with the data retention guidelines.
In 2019, Melco performed the following initiatives to reinforce our compliance with data privacy legislation:
Enhanced corporate policies and procedures concerning data privacy and document retention
Implemented formal review and approval processes for any initiatives involving personal data
Formally introduced data protection policies and practices into the corporate governance orientation for all colleagues globally
Identified legal counsel specialized in data privacy (i.e. Data Protection Officer) in each jurisdiction where we operate, with bimonthly meetings held to ensure we meet both local requirements and best practice standards
Engaged external data and cybersecurity experts to provide guidance
Cybersecurity controls should not be just about meeting data privacy legal requirements; these high standards go further in protecting our key stakeholders and business assets on a wider basis.