The Seychelles Code of Corporate Governance is now in force and should be a priority area of focus for all affected FSA-regulated entities. Issued by the Financial Services Authority of Seychelles, the Code provides a formal governance framework intended to strengthen board accountability, internal controls, risk oversight, audit independence, corporate reporting, and conflict management across regulated businesses. The Code came into effect on 1 January 2026.
For regulated entities in Seychelles, this is not merely a governance guideline or best-practice recommendation. The Code expressly states that it has the force of law under section 33 of the Financial Services Authority Act, and failure to comply may expose a licensee, its directors, and its officers to regulatory consequences.
In practical terms, affected licensees should now be assessing whether their current governance arrangements are adequately aligned with the Authority’s expectations, including the structure and effectiveness of the board, committee oversight, internal audit arrangements, risk management systems, disclosure controls, and conflict of interest procedures.
1. Scope of Application
The Code applies to licensees under the following legislative frameworks:
- International Corporate Service Providers Act
- Securities Act (subject to limited exceptions)
- Mutual Fund and Hedge Fund Act (subject to stated exceptions)
- Virtual Asset Service Providers Act
- Seychelles Gambling Act
- Insurance Act
Accordingly, the Code is of direct relevance to a broad range of Seychelles-regulated entities, including securities dealers, VASPs, insurers, corporate service providers, and other licensed financial services businesses.
2. A Flexible Framework, But Not Optional Compliance
One of the key features of the Code is that it applies on an “apply or explain an alternative” basis. This allows some flexibility, recognising that governance structures may vary depending on the size, complexity, and operational model of the regulated entity. However, this should not be misunderstood as optional compliance. Where a principle cannot be implemented as written, the firm is expected to provide a proper explanation together with an appropriate alternative.
From a governance and regulatory perspective, firms should ensure that any alternative adopted is not only reasonable in theory, but also clearly documented, operationally effective, and capable of being justified to the Authority.
3. Key Governance Areas Covered by the Code
The Code is built around nine core principles:
- Board Role and Responsibilities
- Independence
- Composition and Appointment
- Corporate Culture
- Remuneration
- Risk Oversight
- Corporate Reporting
- Internal and External Audit
- Management of Conflict of Interest
Taken together, these principles require regulated entities to adopt a more disciplined and demonstrable governance framework. This includes effective board oversight, proper segregation of roles, formal committee structures where appropriate, annual risk assessments, internal control review mechanisms, and clear reporting lines across key control functions.
4. Internal Audit Requirements Under the Seychelles Code of Corporate Governance
One of the most significant aspects of the Code is its express focus on internal audit.
The Code provides that the board should oversee the establishment and maintenance of an effective system of internal control to properly manage risk, assets, and capital, measured against internationally accepted internal audit standards and tested annually for adequacy. It further states that companies should have a dedicated internal audit function with clearly defined oversight and reporting structures. Where such a function has not been established, the full reasons should be disclosed to the regulator, together with an explanation of how adequate assurance is otherwise being obtained in relation to the effectiveness of the internal control framework.
This requirement significantly elevates internal audit from a secondary control function to a central component of the company’s governance architecture.
5. Why the Internal Audit Function Deserves Attention
For many regulated entities, internal audit has historically been treated as a secondary or developing function. Under the current framework, however, internal audit is clearly positioned as part of the company’s governance architecture and as an important component of board assurance.
A properly structured internal audit function supports:
- independent assessment of internal controls;
- stronger board oversight and accountability;
- better identification and escalation of governance weaknesses;
- more effective monitoring of operational, compliance, and regulatory risk;
- improved audit committee effectiveness; and
- greater regulatory credibility.
In practical terms, internal audit is no longer simply about review. It is about demonstrating that the business has an independent and structured mechanism for testing whether its control environment is functioning as intended.
6. How FiveComply Can Assist
For many entities, aligning with the new Seychelles corporate governance requirements will require more than minor amendments to existing documentation. It may involve a wider governance review covering board arrangements, committee structures, risk oversight, internal control frameworks, internal audit readiness, and reporting lines.
At FiveComply, we support firms with practical and commercially grounded assistance in relation to:
- corporate governance gap assessments;
- review of board and committee structures;
- governance documentation and policy enhancement;
- risk and internal control framework support;
- internal audit readiness assessments;
- design of internal audit reporting structures; and
- support in developing proportionate and defensible approaches where alternative arrangements are being relied upon.
Particular attention should now be given to the internal audit requirement, especially where no dedicated function currently exists or where the firm’s control assurance model remains informal or insufficiently documented.
7. Annual Disclosure and Ongoing Governance Monitoring
The Code also includes a disclosure form requiring licensees to confirm compliance with specific governance requirements, including committee arrangements, board evaluation, risk oversight, contingency planning, internal audit, external audit, audit committee matters, and conflict of interest controls. The form is required to be submitted by 31 December every year.
This reinforces that compliance under the Code is not a one-off implementation exercise. It requires continuous monitoring, board-level attention, and adequate documentation throughout the year.
8. Final Remarks
Now that the Seychelles Code of Corporate Governance came into effect on 1 January 2026, affected licensees should ensure that their governance framework is aligned with the Authority’s expectations and that any gaps are identified and addressed without delay.
For regulated entities, this is an important opportunity not only to meet a legal requirement, but also to strengthen governance standards, improve internal accountability, and enhance operational resilience.
FiveComply supports Seychelles-regulated entities with practical and tailored assistance in relation to corporate governance implementation, internal audit structuring, committee framework review, and overall regulatory readiness.
Disclaimer: This article is provided for general informational purposes only and does not constitute legal or tax advice.
