Compliance Conundrums Keep GCs in China Up at Night

New laws and policies are keeping general counsel and compliance officers in China up at night as their companies may be at gunpoint due to regulatory restrictions of the U.S. and other jurisdictions where they operate.

Over last year, a series of new laws have been released in China, adding to the myriad of compliance risks multinational companies face against the backdrop of evolving trade tensions and political uncertainties around the globe. The newly promulgated Data Security Law and the upcoming Personal Information Protection Law will supplement the Cybersecurity Law, enhancing the framework governing the operation, management, and protection of data and privacy. Other significant changes include a Chinese version of blocking statute that is taking shape, and a pilot non-prosecution scheme which puts compliance programs in the limelight once again.

On July 15, 2021, over a hundred in-house legal and compliance professionals gathered in Shanghai for an insightful and inspiring session held by Yuanda to discuss these conundrums. While there is no “one-size-fits-all” solution, the group examined what worked and what didn’t in recent cases, and explored some pragmatic approaches to addressing the challenges and questions, including:

  • whether a foreign company needs a data server in China to keep local data within the Chinese borders;
  • what to do if China-based evidence and documents are required in a patent litigation, or an SEC investigation, in the U.S.;
  • whether providing information to a government or regulator outside China in corporate transactions, such as CFIUS, is allowed;
  • additional considerations when conducting internal investigations in China; and
  • how these requirements in China affect a company’s compliance framework globally.

While no one doubted the urgency of re-assessing and updating the compliance programs to incorporate procedures and protocols to ensure adequate data protection, sanctions, export controls, and supply-chain governance were also flagged as priorities for compliance departments in China for the second half of 2021.

The discussions were chaired by Leon Liu, Carol Sun, and Jacob Clark at Yuanda China Law Offices, Winston’s alliance partner in China. In addition to issues relating to the new laws, the group exchanged insights into best practices of running the China-based compliance function of a multinational company. As agreed by most GCs in the room, the role of China-based legal and compliance teams has never been more important. Proactive communication with headquarters and effective presentation of solutions to address challenges in China with a global perspective are keys to success.

Yuanda, an alliance of Winston & Strawn LLP and elite Chinese law firm Yuanda China Law Offices in Shanghai, fully integrates the firms’ experience and resources in China, the United States, the United Kingdom and other jurisdictions in Europe and Latin America. We help clients anticipate regulatory changes and prepare for operational challenges in China and around the globe, providing strategic guidance to multinational companies faced with tangled, and sometimes conflicting, legal and compliance obligations.

To learn more about the legal trends and our capabilities in China, please contact the following attorneys at Yuanda in Shanghai, or your usual contacts at Winston.

Our recent briefing discussing cross-border data transfers under the new data laws in China can be viewed here.