Compliance Risk Management
1.Risk Categories for a Company
Strategic Risk: Risk from mistakes of strategic decisions.
Compliance Risk: Risk and loss from not in complaince with legal requirement
Operational Risk: operational activities fail to meet the goal
Financial Risk: Within certain period, the difference between the expected capital gain vs. actual capital gain
2. Compliance Risk
Corporate Management: Registration, Certification, and Administration
Business: Industry requirement, web security, information security, import and export, patterns, anti-bribery, competition, EHS and Commercial Law.
Operations: Labor law (Employment, Contracting, Visa, Personal Income Tax, PIC protection, Employee conduct), Tax
2.1. Potential Compliance Risk by Business Unit
Marketing: to avoid using extreme language in marketing materials. e.g. the best….
Sales: to avoid extreme languages or anything against competition law
Production and Delivery: to avoid ignoring the compliance and security requirement during manufacturing and project implementation.
R&D: Patents and IP Protection
Procurement: Bribery
HR: Interview Scam and Background Check
2.2. Major Compliance Risk and Mitigation
Overseas Project PE (Permanent Establishment) Risk: if overseas delivery is over 183 days, need to pay 4% PE tax to local government.
Separate contract - Hardware and software - overseas HQ with client while local service and delivery side with client
Expat needs proper visa from local establishment
Misleading commercial ads
Wording need to be objective and needs to go through audit
Control partnership messages
Unlawful competition
Proper bidding process through company formal process
Avoid badmouthing competitors
Business information protection
EHS (Environment, Health, Safety)
3. International Compliance
3.1. US Compliance
Export Control List
Department of Finance SDN list
FCPA
Department of Defense
3.2 Europe Compliance
Anti-corruption
Anti -monopoly
CE certificate
Data privacy
3.3. China Compliance
Criminal Law
Unfair Competition
Civil Code of PRC
