100 %
100% of non-executive directors received risk management training.
70 %
The proportion of non-executive directors reached 70%.
30 %
The proportion of female directors has remained at 30% for four consecutive years.
Over 2,800
Over 2,800 emergency drills were completed, and the overall results met our expectations.
100 %
100% of Board members received ESG training.
Alibaba is built on a foundation of public trust. We recognize that transparent, professional governance is essential to earning and maintaining stakeholder confidence. To this end, we continuously evolve our governance system by streamlining our governance structure, bolstering ESG initiatives, heightening risk management, and increasing operational transparency.
Board diversity
As per the Charter of the Nominating and Corporate Governance Committee, we consider age, gender, cultural background, and professional expertise for board nominations to align with our diverse business.
Board independence
As of March 31, 2026, the Board had six independent non-executive directors, accounting for 60% of its membership, and the overall proportion of non-executive directors was 70%.
Risk management structure
Compliance and Risk Committee
At the group level, we have established a three-layer risk management structure. This committee is directly chaired by an independent director and tasked with overseeing the Group's overall efforts in compliance and risk management. That entails monitoring the effectiveness of our risk management and internal control system.
Risk Management Committee
This committee is primarily responsible for: (1) identifying major Group-level risks and formulating a risk governance strategy accordingly; (2) enhancing the risk management system; and (3) establishing an oversight and evaluation mechanism for risk management. It reports quarterly to the Board's Compliance and Risk Committee.
Risk Management Working Group
The Risk Management Working Group comprises the heads of comprehensive risk management from all businesses and the heads of other functional departments. It is responsible for implementing specific tasks in risk management.
Risk management process
A monitoring mechanism based on a risk list dynamically identifies and evaluates risks. Information thus obtained is used to update the risk list.
Tiered management mechanisms and governance plans have been developed, with task forces formed to address major risks.
An efficient reporting mechanism updates the Board of Directors and the Risk Management Committee on progress in major risk governance.
Clear governance standards ensure effective implementation, supported by inspections and closed-loop verification for major risks.
Emergency management process
The Alibaba Group Specifications for Handling Emergency Service Unit (ESU) Incidents defines standards for classifying and grading risk incidents as well as procedural workflows for: (1) pre-incident readiness and prevention; (2) incident response and handling; (3) post-incident review, remediation and accountability.
Supervision, evaluation and inspection
We have established a tiered supervision and inspection mechanism. As responsible entities, our businesses conduct self-inspections. Group-level functional departments perform targeted reviews, backed by at least one annual internal and external audit to ensure compliance. The Risk Management Committee conducts annual oversight and evaluations for compliance and risk management across all businesses, linking the results to team performance assessments.
Culture and training
Risk management training
In FY2026, we organized nearly 1,900 advocacy and training events to build a risk compliance culture. Risk management is integrated into the Alibaba Group Code of Business Conduct exam required for all employees.
Compliance Day
We hosted our 5th group-wide Compliance Day, which featured executive messages, policy briefings, and interactive sessions to disseminate compliance knowledge and bolster risk awareness.
In 2021, we established a three-layer ESG governance framework involving the Board of Directors, the management, and working groups to ensure the effective implementation of our ESG initiatives. Under the guidance of the Sustainability Committee, we continuously strengthen our ESG management system in a Plan-Do-Check-Act (PDCA) cycle.
