Are your company directors paying attention to these key issues?

Company directors: have you been paying attention to these three trends?

by Tolly Saivanidis

The top three issues keeping company directors awake as we head into 2022 are:

  • Cyber-crime and data security
  • Structural change & changing business models
  • Legal and regulatory compliance.

That is, according to the Australian Institute of Company Directors (AICD) Director Sentiment Index released on 15 December 2021.

The impact of COVID-19 was number four on the list. But as we unpack the top three issues below, the influence of the pandemic is evident across each of those areas.

Cyber crime and data security

Company directors know that threats represented by cyber-crime or data security breaches are not new. As we have previously noted, SMEs in particular are a key target for cyberattacks on Australian businesses.

The issue has been front of mind for many company directors recently, with the Australian Government’s increased focus on cyber security risk as a governance issue and Board responsibility.

With amendments to the Security of Critical Infrastructure Act 2018 as of 3 December 2021, many more sectors and organisations will be included within the definition of critical infrastructure. As well as energy, telecommunications, utilities and defence organisations, critical infrastructure will now include sectors such as:

  • food and grocery
  • transport – including freight services and infrastructure
  • communications – including broadcasting and domain name systems
  • healthcare and medical
  • financial services and markets – including banking, insurance, superannuation
This will mean a broader range of entities will fall under the mandatory reporting obligations of the Act. They will be required to report cyber incidents within the timeframes under the legislation, or face significant penalties.

Some of the company directors who responded to the AICD survey noted how difficult it can be to control cyber risk when every individual accessing the system is a potential point of vulnerability.

Their concern has grown in part due to the increase in remote working over the course of the COVID-19 pandemic. More than half of the company directors surveyed by the AICD felt that remote working had a negative impact on their organisations’ cyber security.

Guidance for organisations

As we outlined in our previous article on the importance of cyber security for SME boards, it is essential that organisations and boards of directors understand their cyber risk profile and develop a strategy to respond in the event of a breach.

As we also noted, conducting a privacy audit is an important way of preventing accidental data breaches as well as cyber crime.

Structural change and changing business models

Besides pandemic-related issues, survey respondents reported a growing focus on environmental and broader social concerns – climate change, energy security, workforce diversity, flexibility. It is unsurprising that concerns about structural change and changing business models are keeping company directors awake at night.

With customers, investors and prospective employees increasingly asking questions about sustainability, ethical practices and corporate policies, many organisations recognise that creating a strong and sustainable business can mean having to adapt to shifts in public sentiment – even where government regulation has not caught up.

Climate risk is one such area, with AICD survey respondents identifying this as the most important issue for the federal government to address both in the short term (3 years) and medium term (10 – 20 years).

Many company directors and other stakeholders now consider diversity and inclusion a priority area for corporate attention. Perceived shortfalls in company policies and their implementation could spill into a public relations crisis if disgruntled customers or employees take to social media.

Guidance for organisations:

Earlier this year we wrote about the importance of contracting for business resilience. As we move into 2022, thinking about ways of building in flexibility seems more important than ever.

Legal and regulatory compliance

While sometimes businesses need to move ahead of government regulation, it can also be a challenge to keep up with the laws that affect your business. Legal and regulatory compliance ranked a close third for company directors who responded to the AICD survey.

Some of the specific compliance issues we’ve been advising about include:

[email protected]

As we noted recently, changes to sex discrimination legislation aimed at increasing protections against workplace sexual harassment and sex discrimination were passed in September 2021. This implemented six of the 55 recommendations in Sex Discrimination Commissioner Kate Jenkins’ [email protected] report.

Company directors’ responsibilities when resigning

Legislative changes designed to prevent illegal phoenix activity, may catch out company directors if they fail to notify ASIC of their resignation within the 28 day time-limit.


As we noted in November, the Fair Work Ombudsman continues to act on wage underpayments – so it is important that as a company director you keep up with minimum wage requirements for your workers.

Despite ongoing challenges, the AICD’s sentiment report indicated that company directors surveyed were more optimistic than pessimistic about the year ahead.

As dedicated Sydney-based business lawyers we’re looking forward to a busy year of rewarding work alongside our clients as we navigate the business landscape together.


Any decision that affects your business has legal implications. Contact us today to help secure your business for whatever tomorrow brings.

Hello, how may I help you?