In-house lawyers can provide valuable guidance in compliance matters if brought in at the right time. Du Jin, general counsel and assistant president at China-based Hytera Communications, shares his insights for companies contending with increased regulation at home and abroad
Independent R&D and compliance management are two effective corporate tools for their wielders to achieve high-quality and healthy development. In the process of Hytera’s globalisation and development into a leading provider of dedicated communication and solutions, we have come to heartily appreciate them both.
Therefore, in the past decade, while strengthening our R&D capabilities and enhancing our product competitiveness, we have also been committed to improving our compliance management in high-risk areas. This article shares our compliance methods and strategies from two main perspectives – anti-bribery and anti-fraud, and export control compliance – based on Hytera’s time-tested practical experience.
Anti-bribery and anti-fraud
Anti-bribery and anti-fraud chiefly involve the implementation of compliance control, conducting compliance inspections, collection of violation information, investigation over violation incidents or behaviour, and the handling of violators.
After collating prior cases of regulatory punishment on violations, as well as high-risk issues in industry practice, companies should establish their own compliance systems and guidelines in line with compliance requirements, and implement them in concrete business processes such as customer reception, expense reimbursement, travel management, and corporate commonweal donations to ensure that each step of the business is supported by a solid, well-enforced regulatory basis.
Establish a complaint and reporting mechanism. Past cases indicate that the majority of anti-bribery enforcement investigations are initiated because of employees’ or third-party reports. Therefore, encouraging employees and third parties to report their known corrupted policies and conduct is an important part of any corporate anti-bribery and anti-fraud compliance system. Companies may provide internal reporting hotlines and require employees to indicate the reporting method in the signature area when sending external emails.
Reporting mechanisms of multinational companies should be established in both Chinese and English, or more languages, so as to receive reporting information worldwide. On receipt of such reporting, the audit department should at once investigate and verify the relevant information, strictly keep confidential the identity of the whistle-blower, and strengthen both protection and reward for the whistle-blower.
After investigating all cases reflected in reports, the audit department should submit the investigation results of confirmed matters to company leaders, and the employees involved will be punished in the forms of dismissal, demotion or public criticism based on the severity of the circumstances. A sound operation and guarantee mechanism, forming an internal closed loop, can effectively raise the collective awareness of anti-bribery and anti-fraud compliance among all employees.
Carry out anti-bribery compliance publicity and training. Multi-level and multi-position compliance training should fully cover the company’s management, business departments and functional departments so as to thoroughly impress on the importance of constructing an anti-bribery compliance system, and shed light on the existing compliance structure and operation mechanism, effectively raising the employees’ collective awareness on the issue.
Create a compliance ecosystem. While working to raise the awareness of integrity and compliance among employees, companies should also actively guide customers, suppliers and other stakeholders to operate honestly and compete fairly. Any form of bribery or corruption should be rejected, and there should be zero tolerance for bribery and corruption by employees or business-related entities. Taking Hytera as an example, we have issued an anti-bribery and anti-corruption commitment letter for external suppliers, which are signed along with procurement contracts.
In such documents, companies may require their suppliers to undertake to strictly comply with applicable laws and regulations in the course of co-operation, not to engage in acts that violate such laws and regulations, and not to solicit, accept, offer or give any benefits from or to the companies and their representatives other than those agreed in contracts, including but not limited to rebates, discounts and financial benefits. In case of any violation of such regulations, companies should immediately cease co-operation with the relevant supplier and take other reasonable actions.
Export control compliance
The importance of export control to national security, social public interest and the healthy development of a company is self-evident. Building a sound and complete compliance management system specifically for export control also requires years of dedicated practice.
Build a three-way compliance management and control system. In terms of business partners, companies should conduct trade sanction screening on all individuals and entities such as customers, suppliers, service providers, employees, contractors, carriers, temporary workers, interns and visitors; and, as appropriate, conduct compliance due diligence on universities, research institutions and others with access to the company’s products, software or technologies. In addition, relevant documents should be properly preserved to ensure compliance of the company and its partners throughout export transactions and business co-operation.
In terms of products, companies are advised to systematically sort and analyse the controlled status of the company’s product components, mark them according to controlled and restricted categories, and synchronously develop and establish an internal IT system control process for controlled components. It is necessary to apply multi-level compliance control means in the procurement, R&D and production processes, so as to effectively identify and strictly control the potential impact of such components on product development and manufacturing, and communicate the relevant compliance requirements with our business personnel.
In terms of target markets, an adequate sales compliance process should be established to identify the risk level of overseas jurisdictions and the possible use of products after export. Under the restrictions of applicable laws and regulations on the levels of export control for different countries, and the corresponding licensing policies, companies should unify the overall risk preference with compliance control requirements, and strictly implement the sanctions and embargo policies of the target jurisdictions and the UN; build a multi-node interception and control mechanism, and strictly prohibit the export of products to high-risk countries or regions without compliance review and company management approval.
Embed compliance requirements into business processes. From the origin of the company’s materials, components and products, complete written records should be made for restricted items including import price, export control information, intended use and use method, and the quantity of items used to manufacture or integrate products. Moreover, it is recommended to record the purchase price of items to support the analysis and judgment on products in subsequent business processes.
After the materials, components or products are processed and manufactured into company products and the compliance analysis on such products is completed, if restricted products or products composed of or integrated with restricted items will be sold or exported to overseas jurisdictions, the marketing department, when negotiating trade co-operation opportunities, should first review the risks of exporting to such countries and regions, and collect and organise all information about distributors and end users involved in the transaction process, which should be submitted to the legal department for review together with co-operation agreements, sales agreements or other such contracts.
When the marketing department signs a sales agreement, it should also sign a letter of commitment on import and export control with the counterparty, or use the company’s contract template containing trade compliance provisions, properly keep all signed sales agreements and their annexes, and strictly implement the filing management requirements.
The legal department is responsible for compliance review of the company’s overseas customers, distributors and end users, and feeding back the review results to the marketing department.
Comprehensively promote the construction of export control compliance culture. An end-to-end review of the company’s export control compliance process should be conducted while the export control compliance policies should be incorporated into the scope of mandatory know-how for all employees. A series of targeted and focused compliance training sessions may be continually carried out to ensure that the employees are aware of the export and import control policies, and the compliance operation norms, related to their positions.
Fully implement violation reporting and investigation. All temporary and regular employees are obliged to prevent violations from occurring and to report to the legal department when they become aware of violation events or behaviour. Employees may report potential violations through their department’s compliance liaison officers, or directly to the legal department. In addition to anti-bribery, anti-fraud and export control, a sound corporate compliance system also includes cybersecurity, data compliance and many other important aspects.
A sound compliance-themed corporate ecosystem goes a long way to ensuring a sustainable future for the company.