Senior practitioners say compliance is the windvane for regulatory trends in the past year and the foreseeable future, leading fundamental operational changes for some companies while also offering a high-altitude airstream of unprecedented opportunities. Luna Jin reports
An undeniable truth since the onset of covid-19 is that the whole world is heading in the same regulatory direction – towards greater government control or intervention – and China is no exception. This, however, has more to do with the new drivers that have ultimately transformed our way of life than ideologies, especially when one zooms into China’s legal sphere. The great mass of regulatory updates directly addresses concurrent issues brought to Chinese society by technology, ever more complicated financial instruments, and the pandemic.
Although laissez-faire “deregulation” has been an underlying theme of the globalisation process in the past few decades, “the emerging tendency of dirigisme [tighter state control] is worldwide,” observes Anthony Zhao, director of the management committee of Zhong Lun Law Firm in Shanghai.
Behind the shift, Zhao believes, are not only geopolitical factors, but also an implied game between sovereign governments and multinational companies. “This is a global phenomenon and it will take some time to reach a new balance and form a ‘new regulatory framework’,” he says.
With escalating global trade tensions, increasingly stringent sanctions, and strengthened regulations at home and abroad, “the trend of establishing a compliance management system within enterprises is sweeping through Chinese companies, and ‘big compliance’ has become a new hot spot of the legal industry,” adds Yu Yongqiang, a Beijing-based partner at JunHe.
Significantly, the current compliance requirements for different types of companies actually have their own focus. Mao Yu, an equity partner of Globe-law Law Firm in Shanghai, says that for the past year the firm’s compliance businesses have been subdivided into three categories – cross-border compliance for Chinese companies that are mostly state-owned enterprises (SOEs), criminal compliance for private companies, and compliance practice in China for foreign-invested companies.
For central enterprises engaged with foreign entities or in cross-border businesses, the series of guidances from the central government on setting up compliance systems, which started in 2016, has become the main basis for the compliance work of their legal departments.
Wang Zheng, a Shanghai-based partner at Zhenghan Law Firm, says that SOEs often overlook “inconsistencies between the terms of external signings and the regulatory requirements of the state assets”.
Against a backdrop of the US bans on ZTE and Huawei in 2018, in November of the same year the State-owned Assets Supervision and Administration Commission (SASAC) of the State Council issued the Guidelines on Compliance Management for Central Enterprises (for Trial Implementation), which set out 11 guidelines on compliance management in areas such as commercial bribery, antitrust and export controls. One month later, the National Development and Reform Commission (NDRC) and six other ministries jointly issued the Guidelines on Compliance Management for Enterprises’ Overseas Operations.
According to the SASAC, as of May, all central enterprises have appointed general counsel at the group level, and in more than 90% of their important subsidiaries and legal staff, reaching a total of 32,000. Among them, China Nonferrous Metals Group, China Communications Construction Company, China Three Gorges Corporation and COFCO Group have compiled negative investment lists and involved legal staff deeply in major overseas investment projects.
In addition to the necessity of a dedicated compliance department and fulfilling regulatory requirements, international conventions, trade practices, cultural and ethical requirements should not be ignored. For example, in international trade, Chinese companies are often concerned solely about whether their payment is collected, but not whether the actual payer is indeed the counterparty or its principal.
“This often involves money laundering, which is a very serious compliance issue and could cause major hazards,” says Mao. “The concept of integrity in trading has yet to be gradually accepted by clients.”
Private companies, separately, are now facing an opportunity to develop compliance plans in exchange for not being prosecuted by the procuratorate in certain criminal cases. Modelled on the deferred prosecution agreement regime of the US and UK, and led by the Supreme People’s Procuratorate, China’s “non-prosecution compliance scheme” has expanded from six grassroots procuratorates to 10 provinces and cities in April this year, and as of yet to reportedly 165 grassroots procuratorates.
The latest scheme says that if the enterprises involved make a commitment to compliance and actively right their wrongs, the procuratorates could “make a decision not to approve the arrest, not to prosecute, or to propose a lighter sentence based on the system of ‘imposing lenient punishments on those confessing to their crimes and accepting punishments’ in accordance with the law”. It is widely understood that the scheme is applicable to enterprises where the persons involved may be sentenced to less than three years in prison.
In order to assess whether companies have fulfilled their compliance commitments, the scheme recommends that the pilot authorities establish a “third-party monitoring mechanism”. Some local prosecution authorities have selected law firms to act as “independent monitors”, or have hired professionals such as lawyers, accountants and tax agents to give independent opinions.
As for foreign-invested companies, Mao says their biggest compliance challenge comes from the anti-sanctions rules that China gradually rolled out, namely the Export Control Law, the Measures for Blocking the Improper Extraterritorial Application of Foreign Laws and Measures, and the Anti-Foreign Sanctions Law, which have been adopted consecutively since late 2020, placing multinational companies in China at the centre of a regulatory dilemma.
In particular, “export” governed by the Export Control Law includes not only the transfer of controlled items from within the territory of the PRC to outside the PRC, but also the provision of controlled items by any PRC citizens, legal person or non-legal person organisations to any foreign organisations and individuals.
The controlled items under the law include not only dual-use items, military items and nuclear items, but also “other items related to the maintenance of national security and interests, and the performance of international obligations such as non-proliferation, such as “goods, technologies, services” and data related to these items.
The law also clearly provides that it will be applied extraterritorially to any foreign organisation or individual outside of the territory of the PRC that violates the provisions of the law, and empowers the enforcement authority of the law to investigate the violation and hold the foreign violating party liable.
ANTITRUST AND DATA COMPLIANCE
Among regulatory updates, antitrust and data compliance have undoubtedly stood out. “China’s top officials attach great importance to antitrust regulations,” says Zhan Hao, director of AnJie Law Firm in Beijing. “This year has witnessed the most intensive enforcements since the Anti-Monopoly Law was enacted, while major anti-monopoly civil litigations are on the rise.”
The Antitrust Guidelines on the Platform Economy formally include companies with variable interest entity (VIE) structures in antitrust regulation, which has put nearly all internet companies on the cusp of enforcement actions.
Following administrative actions such as Alibaba’s hefty fine and the removal of Didi’s app from app store distribution, the State Administration of Market Regulation (SAMR) issued an administrative penalty decision on 24 July on Tencent, which acquired China Music Corporation without filing for merger review to the SAMR. Tencent and its affiliates were ordered to take necessary measures to restore market competition status via efforts such as giving up exclusive rights to music labels.
This is the first ruling for China to take necessary measures to restore market competition since the introduction of antitrust law, according to the SAMR.
Lin Xixiang, a Beijing-based partner at Haiwen & Partners, says: “Leading internet companies, private equity funds and large central and local state-owned enterprises are now paying more attention than ever to compliance analysis, opting to file for antitrust reviews and adjusting their business model.”
The two fundamental pieces of legislation in the data field, the Data Security Law (DSL) and the Personal Information Protection Law (PIPL) were passed earlier this year, and will come into effect on 1 September and 1 November, respectively. Yang Jie, a senior partner of Wang Jing & GH Law Firm in Guangzhou, suggests that “enterprises should actively conduct self-examination on the compliance of their data processing activities”, and amend any imperfections or non-compliance, or fill in the institutional gaps, as soon as possible.
Inherited from the previous regulatory practice of adopting data classification and hierarchical protection in various industries, the DSL will set up a top-down system of data classification and hierarchical protection at the national level, create “important data” catalogues. The law provides that the provision of data stored within the country to judicial or law enforcement agencies outside the country requires the approval of the competent authorities, which means that even enterprises that do not constitute operators of critical information infrastructures also have compliance obligations with regard to cross-border data transfer.
Proposed US listings have had to put their processes on hold over uncertainties as to whether the audit working papers should be submitted to the US government for review. The DSL, along with the Opinions on Strictly Cracking Down on Illegal Securities Activities in Accordance with the Law and the Cybersecurity Review Measures (Proposed Draft Revisions for Comments), released in July, uncover a regulatory stance on Chinese stocks from the central government, pointing directly to the additional disclosure requirements imposed by the US Holding Foreign Companies Accountable Act on foreign listings.
The DSL also emphasises the legitimacy of obtaining data, and reiterates that the process should be done in accordance with the competition order. In the era of big data, many companies use, for example, web crawlers to obtain relevant data from third-party platforms in order to gain a competitive advantage for purposes such as understanding the market and competing products, and monitoring the feedback of their own products. This type of behaviour may constitute an offence after the DSL comes into force.