In-house lawyers can provide valuable guidance in compliance matters if brought in at the right time. Du Jin, general counsel and assistant president at China-based Hytera Communications, shares his insights for companies contending with increased regulation at home and abroad
Independent R&D and compliance management are two effective corporate tools for their wielders to achieve high-quality and healthy development. In the process of Hytera’s globalisation and development into a leading provider of dedicated communication and solutions, we have come to heartily appreciate them both.
Therefore, in the past decade, while strengthening our R&D capabilities and enhancing our product competitiveness, we have also been committed to improving our compliance management in high-risk areas. This article shares our compliance methods and strategies from two main perspectives – anti-bribery and anti-fraud, and export control compliance – based on Hytera’s time-tested practical experience.
Anti-bribery and anti-fraud
Anti-bribery and anti-fraud chiefly involve the implementation of compliance control, conducting compliance inspections, collection of violation information, investigation over violation incidents or behaviour, and the handling of violators.
After collating prior cases of regulatory punishment on violations, as well as high-risk issues in industry practice, companies should establish their own compliance systems and guidelines in line with compliance requirements, and implement them in concrete business processes such as customer reception, expense reimbursement, travel management, and corporate commonweal donations to ensure that each step of the business is supported by a solid, well-enforced regulatory basis.
Establish a complaint and reporting mechanism. Past cases indicate that the majority of anti-bribery enforcement investigations are initiated because of employees’ or third-party reports. Therefore, encouraging employees and third parties to report their known corrupted policies and conduct is an important part of any corporate anti-bribery and anti-fraud compliance system. Companies may provide internal reporting hotlines and require employees to indicate the reporting method in the signature area when sending external emails.
Reporting mechanisms of multinational companies should be established in both Chinese and English, or more languages, so as to receive reporting information worldwide. On receipt of such reporting, the audit department should at once investigate and verify the relevant information, strictly keep confidential the identity of the whistle-blower, and strengthen both protection and reward for the whistle-blower.
After investigating all cases reflected in reports, the audit department should submit the investigation results of confirmed matters to company leaders, and the employees involved will be punished in the forms of dismissal, demotion or public criticism based on the severity of the circumstances. A sound operation and guarantee mechanism, forming an internal closed loop, can effectively raise the collective awareness of anti-bribery and anti-fraud compliance among all employees.
Carry out anti-bribery compliance publicity and training. Multi-level and multi-position compliance training should fully cover the company’s management, business departments and functional departments so as to thoroughly impress on the importance of constructing an anti-bribery compliance system, and shed light on the existing compliance structure and operation mechanism, effectively raising the employees’ collective awareness on the issue.
Create a compliance ecosystem. While working to raise the awareness of integrity and compliance among employees, companies should also actively guide customers, suppliers and other stakeholders to operate honestly and compete fairly. Any form of bribery or corruption should be rejected, and there should be zero tolerance for bribery and corruption by employees or business-related entities. Taking Hytera as an example, we have issued an anti-bribery and anti-corruption commitment letter for external suppliers, which are signed along with procurement contracts.
In such documents, companies may require their suppliers to undertake to strictly comply with applicable laws and regulations in the course of co-operation, not to engage in acts that violate such laws and regulations, and not to solicit, accept, offer or give any benefits from or to the companies and their representatives other than those agreed in contracts, including but not limited to rebates, discounts and financial benefits. In case of any violation of such regulations, companies should immediately cease co-operation with the relevant supplier and take other reasonable actions.
Export control compliance
The importance of export control to national security, social public interest and the healthy development of a company is self-evident. Building a sound and complete compliance management system specifically for export control also requires years of dedicated practice.
Build a three-way compliance management and control system. In terms of business partners, companies should conduct trade sanction screening on all individuals and entities such as customers, suppliers, service providers, employees, contractors, carriers, temporary workers, interns and visitors; and, as appropriate, conduct compliance due diligence on universities, research institutions and others with access to the company’s products, software or technologies. In addition, relevant documents should be properly preserved to ensure compliance of the company and its partners throughout export transactions and business co-operation.
In terms of products, companies are advised to systematically sort and analyse the controlled status of the company’s product components, mark them according to controlled and restricted categories, and synchronously develop and establish an internal IT system control process for controlled components. It is necessary to apply multi-level compliance control means in the procurement, R&D and production processes, so as to effectively identify and strictly control the potential impact of such components on product development and manufacturing, and communicate the relevant compliance requirements with our business personnel.
In terms of target markets, an adequate sales compliance process should be established to identify the risk level of overseas jurisdictions and the possible use of products after export. Under the restrictions of applicable laws and regulations on the levels of export control for different countries, and the corresponding licensing policies, companies should unify the overall risk preference with compliance control requirements, and strictly implement the sanctions and embargo policies of the target jurisdictions and the UN; build a multi-node interception and control mechanism, and strictly prohibit the export of products to high-risk countries or regions without compliance review and company management approval.