This webpage is currently available in:

A Practical Governance Toolkit for Hong Kong NGO Boards

This toolkit summarises core governance practices that Hong Kong NGO boards should have in place to support effective oversight, compliance, and long-term sustainability.

How to Use This Toolkit

  • Boards may treat this toolkit as an ongoing governance reference, reviewing it annually and adapting its application to the organisation’s size, funding profile, and risk exposure.
  • Organisations seeking practical support in strengthening governance, financial oversight, or assurance frameworks in the Hong Kong NGO context are welcome to speak with us.

1. Board Charter and Committee Structure

  • Clear board charter defining roles, responsibilities, and delegations
  • Committees with written terms of reference, commonly including:
    • Audit / Finance
    • Risk
    • Governance / Nominations
    • Remuneration (where applicable)
  • Annual board and committee calendars with planned deep dives on:
    • Subvention and funding compliance
    • Fundraising controls
    • Conflicts of interest
    • Cyber and data risk

2. Financial Oversight and Sustainability

  • Monthly dashboards covering:
    • Subvention vs. non-subvention funding
    • Restricted and designated fund balances
    • Cash runway and liquidity
    • Grant and subvention calendars
    • Aged receivables and key risk flags
  • Approved reserves policy, observing:
    • Lump Sum Grant reserve caps and clawback rules (where applicable)
  • Defensible cost apportionment methodologies to prevent inappropriate cross-subsidisation

3. Fundraising and Sponsorship Governance

  • Implementation of recognised fundraising good practice guidance
  • Internal controls over fundraising income and expenditure
  • Ethical screening of sponsors and donors
  • Clear disclosure of sponsorship arrangements and conditions

4. Conflicts of Interest Management

  • Adoption of ICAC sample codes of conduct
  • Formal declaration and interest register mechanisms
  • Documented recusal procedures and decision records
  • Periodic training and compliance reviews for board and staff

5. Audit and Assurance

  • Early planning of external audits with focus on high-risk areas
  • Internal audit or independent reviews proportionate to organisational size
  • Remediation trackers reported regularly to the board
  • Readiness for subvention audits and inspections

6. Data, Outcomes, and Impact

  • Monitoring and Evaluation (M&E) frameworks with defined indicators
  • Data quality and validation checks
  • Ethical data management and privacy policies aligned with cyber guidance

7. Technology and Cyber Governance

  • Board-approved IT governance and incident response frameworks
  • Regular reporting on key cyber indicators, including:
    • Multi-Factor Authentication (MFA) adoption
    • Backup integrity and recovery testing
    • Phishing awareness and testing results
  • Vendor and third-party clauses covering data protection and breach notification

8. Stakeholder Communication and Transparency

  • Transparent annual reporting, including:
    • Audited financial statements
    • Governance structures
    • Remuneration disclosures (for subvented NGOs)
    • Impact and outcome reporting
  • Clear disclosure of funding sources and major supporters

This toolkit is provided for general information and governance discussion purposes only. It does not constitute legal, tax, or professional advice. Governance requirements and practices may vary depending on an organisation’s legal form, activities, and funding arrangements. Organisations should consider their specific circumstances and seek appropriate professional advice where necessary.