As it stands at the moment, there is no requirement for the bosses of IT companies to be registered computing professionals (RCP) themselves. This is contrary to the requirement for other professionals such as engineers and lawyers, who must be registered themselves. According to the IEM president:
He also claimed engineering decisions could be compromised if the business owner had undue influence in what engineers should or should not do.
There is some truth in this. If the boss of the company is a non-RCP, he does not shoulder the same duty of care and responsibility as his RCP employees. The boss could exercise his influence over his employee to get his RCP guys to do something unprofessional such as compromised solutions.
If caught, the RCP can have his registration revoked, his license to practice taken away, fined and even jailed. The RCP then pays the ultimate price and can no longer practice. Heck, the boss even has valid reasons to fire the RCP as he has lost his license.
According to the CPB2011 S.15(4), the registered computing service providers (RCSP) are dependent on:
(4) A Registered Computing Services Provider may only provide Computing Services in the disciplines or specialisations of Computing where the personnel is/are Registered Computing Professionals is shown in the Register under subsection 12(2).
The license of the RCSP are tied to having the qualified RCP employees. The boss of the company gets off scot free and is able to hire another new RCP to replace the old RCP that is no longer qualified to practice. They can even continue to provide unprofessional services.
Even if the company is black-listed, all the boss needs to do is to shut it down and open up a new entity as the quality of the business service is not tied to him at all. All he needs to do is to hire new RCP who are clean and clear by the board.
However, if the CPB2011 requires that all IT companies be owned by RCPs themselves, this can be closely regulated. If unprofessional acts happen, the staff and boss can be stripped of their RCP licenses and the boss can no longer work in the IT industry, much less own an IT company.
How’s that for consideration?
If we’re going to require RCPs for CNII, let’s make it a requirement that the bosses of RCSP must be RCP themselves. Otherwise, bad things can happen and the poor RCP employee will get screwed over thoroughly.
Sybreon Ones Nought 
Exactly. As I stressed on elsewhere (and also in f2f conversations), CPB places its focus on individual skills with the assumption (data on graduates is not the evidence) that there lies the downfall of the industry.
I share a similar POV with you on this (in fact I used the same example of closing-reopening shop in a conversation) and I see mismanagement as a more serious problem that is never addressed in their analysis (the ICT Human Capital Development Framework).
This is a legal loop-hole that needs to be covered if the law is to have any effect. I would love to hear what the industry big boys say on this.