On Dec 22, Singapore Post (SingPost) plunged into its latest crisis when it announced the sudden termination of three senior executives.

The company accused group chief executive officer Vincent Phang, group chief financial officer Vincent Yik and chief executive of the company’s international business unit Li Yu of being “grossly negligent” in their handling of internal investigations into a whistleblower’s report.

All three have said that they will take steps to contest their firing, calling their sacking without merit and procedurally unfair.

SingPost’s latest crisis adds to its ongoing business challenges and leaves a vacuum in leadership as the company executes the sale of its Australian business, announced on Dec 2.

At that time, Mr Phang had said: “Once the transaction is complete, the board and management will review and reset the group’s strategic plan, with a continued focus on shareholder value.”

Mr Phang is now gone and there has been a further destruction in shareholder value, with SingPost’s share price falling nearly 11 per cent the day after the announcement.

Its share price of 52 cents as at Dec 27 is a far cry from its peak of S$2.16 in January 2015.

It is unfortunate that this is the third major controversy that has plagued SingPost over the past 20 years, not counting the operational and service issues during this period.

In March 2005, SingPost had proposed to invest in another SGX-listed company Accord Customer Care Solutions (ACCS), which had seen its share price collapse after losing almost all its Nokia contracts, and which had overstated its earnings and was under Commercial Affairs Departmentinvestigation. It was later disclosed that three SingPost directors held stakes in ACCS. One of the directors later resigned.

Ten years later, the then-group CEO Wolfgang Baier abruptly resigned. The company’s corporate governance came under scrutiny. One independent director had a conflict of interest involving three companies acquired by SingPost and there were issues of lack of proper disclosure of interest.

Two other major acquisitions in the US were subsequently written off. A special audit was commissioned by the company. A string of retirements and resignations of directors and senior management followed. Four of the current directors on SingPost’s board, including the chairman, were part of the new slate of directors appointed following that scandal.

Each new scandal is another blow to its reputation. In my view, SingPost has never fully regained stakeholder trust from its earlier crises.

Last week’s developments only serve to raise more questions about SingPost’s corporate governance, including its communication, internal controls, internal audit, whistleblowing policy, investigation process, succession planning and corporate culture.

CONNECTING THE DOTS

Let’s start with communication. SingPost’s announcement on Dec 22 revealed that three managers in the International Business Unit Operations had manually updated the status of parcels to be delivered for one of SingPost’s largest customers to “delivery failure”, even though no delivery attempt had been made. This was done with the intention of avoiding contractual penalties under the agreement.

Despite being over two pages long, SingPost’s statement lacked key details. It did not specify when the whistleblowing report was received, when the group internal audit started investigations, when external legal counsel and forensics services were engaged, when investigations by external parties were concluded, when the three managers were sacked, and when disciplinary proceedings against the senior management commenced.

The only dates disclosed were the conclusion of disciplinary proceedings against the three senior executives on Dec 20 and their terminations the following day.

The statement mentioned receiving the whistleblower report “earlier in the year”, but only in a media response three days later did SingPost clarify that it was in January, and the timing of some of the other events was disclosed.

SingPost has also not disclosed whether senior management were placed on leave during the investigations and disciplinary proceedings. It appears they were not, because Mr Phang was representing the company when the sale of the Australian business was announced in early December.

Companies typically ask management to step aside when there are investigations against them to avoid the possibility of them influencing investigations.

SingPost should have expected questions about the timeline and handling of the investigations, as these would show whether actions were taken in a timely fashion. Instead, their response came across as reactive.

In response to questions from various stakeholders, SingPost released a more substantial nine-page statement late on Sunday night (Dec 29), including a timeline of events, but there are still questions that remain unanswered.

ARE THE INTERNAL CONTROLS ADEQUATE?

The next key issue is SingPost’s internal controls.

The board has stated that it believes the group’s internal controls and risk management systems are “adequate”. This is something the board has repeated annually in its corporate governance report.

In its Dec 22 statement, it said that “appropriate actions have been taken on the matters, and operational measures have been enhanced to prevent similar measures”. No details were provided.

This raises important questions: Did it commission a comprehensive independent review of its internal controls and implement recommended enhancements? How will these changes prevent future incidents of manual entries made without proper basis and documentation?

WHO ACTUALLY LED THE INVESTIGATIONS?

Another key issue is the handling of the investigation.

SingPost said that its group internal audit commenced investigations into the whistleblowing report under the oversight of the audit committee. The company also hired external legal counsel and a forensics service provider, which they have not named.

Although the group internal audit reports directly to the audit committee, with only administrative reporting to the group CEO, there may be questions as to its objectivity and independence, especially if an investigation reveals shortcomings in its own effectiveness, given its role in providing assurance over internal controls.

What is of greater concern is whether the initial investigations were led by the group internal audit or management.

SingPost said that “external professional advisers were engaged to review and assess the matter independently of management, as the audit committee had no assurance concerning management’s representations and handling of the internal investigations”.

Why was management handling the internal investigations? Did the audit committee delegate the investigations, at least initially, to management and left it to supervise the group internal audit?

SingPost’s whistleblowing policy committed to independent investigation of complaints, and management cannot be said to be independent. The proper process ought to be having a properly qualified independent party investigating and reporting directly to the audit committee.

OTHER GAPS IN THE WHISTLEBLOWING POLICY

SingPost’s whistleblowing policy encourages, but does not require, whistleblowers to provide their names and contact details, which is good.

The group internal audit is the designated independent function to maintain the dedicated whistleblowing channels and investigate reports. A SingPost email address as well as a group internal audit postal address is provided for external parties to send whistleblowing reports to.

Employees are advised to refer to “internal procedures which are posted on the intranet”.  There is no provision for whistleblowing to the audit committee chairman, contrary to recommended good practice.

Whistleblowers may send reports to external agencies if they feel that their reports are not taken seriously. While whistleblowing policies should never discourage whistleblowers from reporting to regulators (or in the case of SGX-listed companies, to the SGX Regco Whistleblowing Office), once a report is made to an external regulator, the company may lose its ability to conduct the investigations on its own terms.

In this case, a whistleblowing report was also sent to the Infocomm Media Development Authority of Singapore (IMDA).

SingPost’s policy promises to keep the identities of whistleblowers and the persons implicated “strictly confidential”, with any release of information on a “need to know” basis. However, it’s unclear who qualifies as “need to know”.

SingPost employees looking at this case may feel unsafe about whistleblowing as the investigations were not that independent after all and they may feel that their identities may be revealed to persons who are deemed “need to know” – but really should not know.

SingPost did not disclose whether it received any whistleblowing reports in its annual reports. Although to be fair, such disclosure is not required. In a study of whistleblowing policies of SGX-listed issuers that I’m currently leading, 86 out of 229 companies covered so far, including SingPost and the three listed banks, did not do so. Another 130 claimed that they did not receive any whistleblowing reports.

In its latest statement on Sunday, SingPost said that the incident had been reported as a
“substantiated case relating to fraud” in its FY2023/24 Sustainability Report. To be clear, the Sustainability Report did not say that this was from a whistleblowing report.

WHO WILL MAN THE POST?

In accordance with its leadership succession plan, the current CFO of SingPost’s Australian business will be the new group CFO. However, no interim group CEO has been appointed. Instead, the board chairman will provide increased guidance to, and exercise greater oversight of, the senior management leadership team.

The group CEO succession plan likely anticipated the group CFO stepping in as interim if the latter left, but in this case, with the group CEO and CFO both sacked, there doesn’t appear to be a clear Plan B.

One interim solution could be to form an ad hoc executive committee comprising certain board and management members to help manage SingPost during this difficult period.

DOING THE RIGHT THING

Finally, amidst all the negative news, we should not forget the one(s) who did the right thing – the whistleblowers. If they had not blown the whistle, the eventual consequences for SingPost could be much worse.

Companies should do more not only to protect whistleblowers but recognise them as valued employees. If they are still around, how about recognising them as employees of the year – without disclosing their identity of course? That would send the right message.

Mak Yuen Teen is Professor (Practice) of accounting and former Vice Dean of the National University of Singapore (NUS) Business School, where he teaches corporate governance. Commentary was first published in CNA.

Photo: AFP/Roslan Rahman