Focus on China Compliance – March 2015


Welcome to the first issue of Focus on China Compliance for 2015. In this issue, we start with an overview of China’s anticorruption laws, to which all companies operating in China must pay close attention in 2015. We then take a more in-depth look at two specific compliance concerns that we expect to impact multinational companies significantly this year. We first review the risks inherent in transferring data outside China. Although there is no single law in China that protects personal data, China’s state secrets protections, and a variety of interlocking provisions, make it vitally important that businesses work with PRC qualified lawyers to analyze data within China. We then examine China’s Provisional Rules clarifying elements of the 2008 Labor Contract Law governing the use of temporary, or “dispatch” labor. The use of such labor has been dramatically restricted in the last year, which can substantially affect many businesses’ operations. Finally, a guest author from Blackpeak Group explains how companies can capitalize on compliance programs to protect critical intellectual property, maximizing investment and minimizing potential losses.

McDermott Will & Emery LLP enjoys a unique strategic alliance with MWE China Law Offices in Shanghai. We intend for this publication to provide regular insight into the rapidly evolving China compliance landscape. If there is a topic you would like to see covered in a future issue, please e-mail an editor.

John C. Kocoras, Partner, McDermott Will & Emery
Leon C.G. Liu Partner, MWE China Law Offices


Compliance Challenges for Foreign Businesses in China

To Transfer or Not To Transfer: Avoiding the Risks of Transferring Data from China

Dispatch Labor Restored to Original Use

Good Corporate Governance in China Is About More Than Preventing Bribery. It May Well Protect Your Intellectual Property

Compliance Challenges for Foreign Businesses in China

by Jared T. Nelson

Despite the significance and depth of recent foreign investment in China, much of the country’s potential for foreign investors remains untapped. With a bourgeoning middle and upper class, an unprecedented demographic shift owing to the effects of the one child policy, and dramatic societal changes stemming from the reform and opening up policy, the flexibility and speed that private foreign investments can bring to China is a welcome addition to its economy.

Investment demand is strong and diverse in many areas where supply was traditionally not only monolithic and ruled by connections instead of ideas, but also slowed by stubborn bureaucracies and endless layers of required approval. As new entities, especially foreign entities, attempt to capitalize on China’s many fresh business opportunities, they are facing new compliance challenges, new risks and new penalties.

Compliance Challenges

New foreign investors and entrants to the Chinese market are facing significant compliance risks that are endemic, difficult to understand and equally as difficult to stamp out. For many, the biggest challenge is not just identifying the current compliance problems and rooting out rotten apples. Instead, it’s the fatigue of having to start another cycle of compliance investigations when the new group of managers turns out to have the same problem as the ones they replaced. As an added difficulty, corruption and compliance scandals are at the center of a steady stream of recent government investigations, and the government has been imposing large, very public penalties that seem to correlate with the location of the company’s HQ being outside China.

While foreign companies traditionally focused on compliance with the anticorruption laws of their home countries, recent enforcement activity and public declarations in China make it clear that Chinese authorities expect the same level of attention to be paid to China’s anti-bribery regime. This regime is codified in a variety of Chinese laws that can often be difficult for foreign companies to navigate.

Key Chinese Laws


Article 164 of China’s Criminal Law provides that whoever gives money or property to any employee of a company or enterprise for the purpose of receiving unjustified benefits is subject to imprisonment for a maximum of three years. If the amount involved is especially large, the person can be sentenced to a term of imprisonment of not less than three years but not more than 10 years, and will be concurrently fined.

Owing to the uneven regional development of China’s economy, different geographical areas have set different thresholds to trigger the higher penalties, which might vary even within one province. For example, in Guangdong Province, the Guangdong High Court specified that the “especially large” threshold for the capital city, Guangzhou, is RMB 400,000, while the amount for the nearby city of Chaozhou is RMB 300,000.


Article 393 of China’s Criminal Law provides that a “unit” that offers bribes for the purpose of securing illegitimate benefits, or gives rebates to a State functionary in violation of State regulations, in “serious” circumstances, will be fined. Additionally, the persons directly in charge of the unit, and other persons directly responsible for the offense, can be sentenced to imprisonment for no more than five years, or sentenced to criminal detention, which is similar to imprisonment, but less strict. As a result, individuals without corrupt intentions could ultimately be punished for failing to prevent the bribery.

Any person who takes into his own possession any illegal gains derived from such activity is also subject to criminal penalties.


Article 391 of China’s Criminal Law provides that whoever, for the purpose of securing illegitimate benefits, gives money or property to a State agency or State-owned company, enterprise, institution or people’s organization, or violates State regulations by giving certain rebates, will be sentenced to imprisonment for not more than three years, or criminal detention.

Notably, Article 391 imposes penalties where money or property unlawfully went to a unit, rather than an individual. This is in contrast with the anti-bribery laws of other countries, which target individuals who compromise their duties to the people or companies in whose interest they are supposed to be acting. Article 391 targets entire organizations, such as subsidiaries, that might compromise their duties to a higher group.

Where a unit commits the offense, the unit can be fined. The persons who are directly in charge of the unit, and any others directly responsible for the offense, are also subject to punishment.

Administrative Liabilities

In addition to its criminal laws, China has administrative laws that address compliance concerns, including bribery and unfair competition. These include Article 9 of the Interim Rules on the Prohibition of Commercial Bribery, which imposes fines of between RMB 10,000 and RMB 200,000 for commercial bribery and requires disgorgement of unlawful profits. China’s Anti-Unfair Competition Law similarly provides financial penalties for bribery “in selling or purchasing commodities.”

The Necessity of Proactive, Systematic Local Compliance

Foreign entities investing in China will encounter compliance risks under both local laws and those in their home jurisdictions. The risk of significant fines, imprisonment and sometimes blacklists combine to ensure that compliance issues in China are not merely a cost of doing business, but have the potential to completely derail, disrupt and destroy even the largest of businesses or investments.

Proactive, systematic local compliance programs that are woven into the investment from the start are not only a recommended course of action to try to mitigate legal risks and keep the project from turning into one of the many recent newspaper headlines. They are also a necessary and essential element to protect the investment in the long term and ensure that strong returns are not lost in penalties and disgorgements.

Fortunately, compliance with China’s laws does not usually inhibit compliance with other countries’ laws, and the overlap is significant. Companies that strive to comply with the US Foreign Corrupt Practices Act and the UK Bribery Act will be well on their way to meeting baseline standards under Chinese law.

Jared T. Nelson is a foreign counsel for MWE China Law Offices in Shanghai. His practice focuses on antitrust and compliance.


To Transfer or Not To Transfer: Avoiding the Risks of Transferring Data from China

by Alison Silverstein, Yodi Hailemariam

Multinational companies doing business in China face difficult and unique challenges in handling corporate data that resides there. Many corporations will be required to engage in data discovery in China as a result of litigation or government investigations originating inside or outside China, proactive audits and risk assessments, and internal investigations stemming from increased regulatory oversight by the Chinese Government or increased attention from global compliance departments.

Stricter regulation and shifting data privacy regimes have increased the need for effective in-country data analysis solutions that meet China legal requirements and address risk appropriately. Corporations must respond to government investigations, perform their own audits and risk assessments and meet litigation demands, while at the same time limit the risks of violating Chinese laws or unnecessarily exposing their data to seizure by third parties.

Corporate entities based outside China commonly address discovery obligations by transferring data out of the country for review and analysis in conjunction with data collected from sources in other countries. Counsel might not be fully aware of the risks inherent in this, partially because Chinese laws surrounding data transfer are nebulous and difficult to interpret, and partially because of the desire to host confidential or case critical data in what are thought to be more secure environments. Counsel might also believe, incorrectly, that a review undertaken in China will be more onerous and incompatible with review technology used in the United States and Europe.

Counsel should, however, be aware that transferring data outside China for review carries a potentially serious risk of running afoul of China’s state secrets protections and creating other privacy concerns, often while dramatically increasing costs and potentially subjecting the company, directors, employees and counsel to administrative and criminal sanctions.

The Challenges of Cross-Border Data Transfers

Unlike in the European Union and various other Asia-Pacific countries, there is no single law in China aimed exclusively at protecting personal data. Instead, provisions of authorities such as the Constitution of the People’s Republic of China, the General Rules of Civil Law and the Tort Liability Law, industry-specific guidelines and local statutes are patched together as a data protection regime.

In addition, in December 2012, the National People’s Congress Standing Committee took steps toward strengthening electronic data protection by issuing its Decision on Strengthening Online Information Protection. The Decision’s goals are to “protect network information security, protect the lawful interests of citizens, legal persons and other organizations, [and] safeguard national security and social order.”

In addition to listing individuals’ rights regarding the use of their personal digital information, the Decision prohibits companies and individuals from improperly obtaining, selling, or providing personal digital information. Moreover, certain types of entities are obligated to collect, use, preserve, manage and otherwise handle personal data in accordance with principles outlined in the Decision. Acts violating the Decision are subject to several types of punishment, including fines, confiscation of unlawfully-obtained income, and criminal and civil liability.

State Secrets

In addition to these traditional privacy concerns, the export of electronic data out of China triggers state secrets concerns. The Law of the People’s Republic of China on Guarding State Secrets, which was formulated “for the purpose of guarding state secrets, safeguarding state security and national interests and ensuring progress of reform, of opening to the outside world, and of socialist construction,” defines state secrets as “matters that have a vital bearing on state security and national interests and, as specified by legal procedure, are entrusted to a limited number of people for a given period of time.” The Law sets out the following seven categories of protected state secrets:

  1. Secrets concerning major policy decisions on state affairs
  2. Secrets relating to the building of national defence and in the activities of the armed forces
  3. Secrets relating to diplomatic activities and activities related to foreign countries as well as secrets to be maintained as commitments to foreign countries
  4. Secrets relating to national economic and social development
  5. Secrets concerning science and technology
  6. Secrets concerning activities for safeguarding state security and the investigation of criminal offences
  7. Other matters that are classified as state secrets by the state secret-guarding department.

The seventh category gives Chinese enforcement authorities broad discretion to define what information is a state secret.

The State Security Law of the People’s Republic of China states that “[a]ny organization or individual that has committed any act endangering the State security of the People’s Republic of China shall be prosecuted according to law.” The phrase “[a]ct endangering State security” is defined in the State Security Law to include “stealing, secretly gathering, buying, or unlawfully providing State secrets.”

Institutions, organizations or individuals operating outside China that perform acts endangering State security can be investigated for criminal responsibility under the State Security Law. Both intentional and negligent violations of this law could result in criminal prosecution or other disciplinary sanctions.

Mitigating Risk

China’s esoteric data privacy and state secrets laws, coupled with increased regulatory oversight, have created a growing need for solutions for processing data in China. Fortunately, many of the techniques and technology solutions that have been developed in other countries are becoming increasingly viable in China. A thorough and effective examination of a corporation’s documents within China, in a secure data room, with appropriate protections from digital infiltration, is entirely possible.

By eliminating or significantly reducing the transfer of China-based data outside China, companies reduce the risks they otherwise face when responding to Chinese investigations, performing internal compliance audits and meeting litigation demands. Even where a complete in-country solution is not practical, sensitive data should typically be put through a state secrets review before being transmitted out of the country. Such a review is best performed by PRC qualified lawyers who have a good understanding of the types of information historically defined as state secrets.

By leveraging technically adroit solutions and collaborating with PRC qualified lawyers to analyze data within China, companies can side-step substantial risks and achieve a more secure, and often lower cost solution, without compromising quality.

Alison B. Silverstein is the Managing Director of the Firm’s Discovery & Dispute Services division, based in the Firm’s Washington, D.C. office.

Yodi S. Hailemariam is Discovery Counsel based in the Firm’s Washington, D.C., office.


Dispatch Labor Restored to Original Use

by May Lu

Just over one year ago, on January 26, 2014, the Chinese Government issued Provisional Rules regarding Labor Dispatch. This is the second China-wide rule focusing on temporary or “dispatch” labor. The Provisional Rules clarify and improve upon China’s July 1, 2013 revisions (the New Revisions) to the 2008 Labor Contract Law. These important changes, and related local rules governing dispatch labor, restored dispatch labor to its original use as a limited supplement to contracted labor.

The Dispatch Labor Model

A dispatch labor arrangement arises when an enterprise (the labor user) wishes to use a dispatch, or temporary, worker (the dispatched worker) without a long-term obligation. An intermediary provider (a dispatch agency) enters into a labor contract with the dispatched worker and directs him or her to the labor user. The employment relationship, however, remains solely between the dispatch agency and the dispatched worker.

Background to the Changes

Before the People’s Republic of China’s Labor Contract Law came into effect in 2008, the labor dispatch model was used in limited situations. For example, representative offices of foreign companies, which generally are not treated as independent legal entities in China, would have to engage a dispatch agency to benefit from the labor of Chinese citizens. Another example was enterprises that engaged dispatched workers based on seasonal business demands to supplement their contract labor force.

Dispatch labor boomed after the Labor Contract Law came into effect in 2008. According to the China Trade Union’s 2010 research report, there are currently more than 60 million dispatched workers in China. The model attracted the attention of the China authorities not just because of the high number of dispatched workers, but also because of its adoption by a broad range of enterprises, including state-owned, foreign-invested and domestic-invested enterprises. In addition, dispatch labor formed a significant proportion of the workforce in almost all industry sectors, including manufacturing, service outsourcing and research and development, and across all types of employment, regardless of the length of employment or level of the role.

Companies were criticized for harming employees’ interests by using dispatch labor to save money on salaries and benefits. As a result, there were calls for stricter rules limiting the application of the dispatch labor model.

Many enterprises using dispatch labor were challenged for using dispatched workers in positions that might be outside those protected by law. Article 66 of the 2008 Labor Contract Law stated “Labor dispatch services are normally used for positions that are temporary, auxiliary or substitutive.” The word “normally” appears to have been purposefully inserted by China’s law-making body to allow for flexibility, but the degree of flexibility was unclear. The ability of companies to use dispatch labor outside the three listed categories was therefore a very controversial issue.

Some breaches were clear-cut. Common abuses included

  • Using dispatched workers for labor that clearly was not “temporary”, e.g., using dispatched workers for the same positions for more than 10 years.
  • Using dispatched workers in a way that clearly was not “auxiliary” , e.g., using dispatch labor for more than 80 per cent of a domestic company’s China workforce

The New Revisions

The New Revisions attempted to address complaints about the ambiguity of “temporary, auxiliary, or substitutive”. The word “normally” has been deleted from Article 66 of the Labor Contract Law, clearly making the three categories an exclusive list of permitted dispatch labor roles. The three categories have also been more precisely defined by the New Revisions.

  • “Temporary” now refers to a position that lasts less than six months.
  • “Auxiliary” refers to non-core business positions.
  • “Substitutive” refers to an employee working in place of a permanent employee who is absent for reasons such as leave, training or education.

In addition, the New Revisions emphasize that the dispatch model must only be a supplement to a direct-hire workforce. The New Revisions explain that the total number of dispatched employees working at a company must be no more than a certain percentage, although that percentage was not specified.

There were obviously still gaps in the New Revisions and they were not sufficient to eliminate abuse of the dispatch model. On January 26, 2014, the government issued the Provisional Rules in attempt to close all the doors that could allow abuse of the dispatch labor model.

The Provisional Rules

The Provisional Rules contain two critical clauses designed to limit the use of dispatch labor:

  1. Companies must consult with trade unions or all employees before characterizing a role as “auxiliary.”
  2. The use of dispatched workers is restricted to 10 percent of the company’s total China workforce.
    Moving Forward

In the past six years, the use of dispatch labor has been on a roller coaster. It started to climb in 2008, reached its peak in 2010 and started its descent to previous levels in 2013. It is now back on solid ground. The new rules restrict the use of dispatch labor to supplemental roles that are truly temporary, auxiliary and substitutive, and comprise no more than ten percent of a workforce.

Some companies have, unfortunately, found conforming with the new rules to be expensive and disruptive but, with a carefully managed program of transition in place, that doesn’t have to be the situation for all. Companies that have not yet started transitioning their workforce from dispatched to contracted labor should do so urgently to avoid enforcement challenges and limit exposure.

May Lu is an attorney in MWE China Law Offices in Shanghai.


Good Corporate Governance in China Is About More Than Preventing Bribery. It May Well Protect Your Intellectual Property

by Nicholas Blank, Blackpeak

At a recent industry conference in the Middle East, CEOs of both Western and Chinese chemical companies spoke in glowing terms about their business operations in China. The country has, after all, become the world’s largest market for chemical sales, and foreign investment continues to gush into new projects supplying China’s industrial base.

In private, however, business leaders fret about an all-too-familiar problem of doing business in China: intellectual property (IP) theft. The biotechnology, pharmaceutical and a host of other high-tech industries are in the same predicament. China is a market they cannot afford to miss, but they also cannot afford to lose their technological edge.

Companies that fall victim to IP theft and seek to restore their rights must negotiate their way through the local court system, deal with a labor laws designed mainly to protect the employee’s rights and often have to challenge entrenched state-owned enterprises.

The challenges of reacting to IP theft have driven companies to develop a number of proactive, “standard” IP practices: reviewing IP portfolios on a regular basis, training employees about protecting IP and ensuring that IP around key aspects of their business is registered and their rights are enforceable in China. Those ahead of the curve organize outreach programs to train Chinese enforcement officers about their brands and products.

Despite taking these proactive and sensible steps, many companies in China do not see the connection between IP protection and their broader compliance programs. Several policies considered best practices in traditional compliance can actually play a dual role in protecting IP.

Adapting Compliance Activities to Support IP Protection


Non-Chinese managers might be astonished at how often Chinese staff use whistleblower hotline systems to report commercial kickbacks, conflicts of interest and harassment in the work place. Staff should be encouraged to use the same systems to report suspected trade secret theft and infringement; employees are the first line of defense against IP theft. When cases are reported through these systems, investigations managers can organize and keep track of the cases in the same way they monitor fraud cases, and make sure they receive the appropriate level of attention inside and outside China.

Moreover, those who cut corners on compliance may have few qualms about stealing IP. Having names and identifiers in a single database allows investigations managers to cross-reference between cases and weed out troublemakers.


Companies often require staff and vendors to take part in annual compliance training. Companies with valuable IP in China should consider adding an IP training component to these sessions.

Such training programs can be very effective in tearing down barriers between business departments and starting company-wide conversations about the potential misuse of IP and practical steps to protect it.

Research and development technicians, plant operators and even summer interns who suspect a colleague is leaving the office with confidential files, photos or other data will begin to feel an obligation to report it. Sales managers who see possible knock-offs in the marketplace will better appreciate the importance of alerting their senior managers. Security guards, logistics managers and cleaners who discover missing product prototypes, or notice visits to access-restricted labs at odd hours, might likewise understand the significant role they can play in protecting their companies.


The need to “know your customer,” to conduct employee background screening and to perform compliance-based due diligence during M&A activity have become well known to companies operating in China. These same types of reviews, particularly when they include litigation searches, can identify companies and individuals with track records that include troubling IP disputes. By identifying IP risks at the outset of compliance-based diligence, companies can better protect their most valuable assets without significant cost increases.

As an example, we recently participated in due diligence involving a Chinese high-tech company’s potential arrangement with a prominent foreign scientist who would be providing specialized technology in the relevant field. A background investigation revealed that the scientist had worked for a well-known multinational company that owned a number of patents vital to the specialized technology. Within months of starting his own consultancy, he was offering his technological expertise in China. By flagging the IP risks during a compliance-based review, the Chinese company was able to assess any potentially adverse consequences of relying on the scientist’s technology while simultaneously allowing him access to the company’s own IP. Conventional background searches to identify concerns such as criminal convictions or adverse media reports would not have revealed these issues.


Annual audits can help identify suspicious payments to travel agencies, marketing companies and other possible middlemen as pay-off schemes. The same audits can identify gaps in processes and procedures that reduce IP security.


Recruiting talent is a key means for competitors to syphon away IP. Departing employees are normally reminded of confidentiality obligations and required to return company property as part of an exit process. In many instances, companies should consider creating and preserving mirror images of hard drives of computers used by departing employees. Such images can be key evidence in investigating potential IP theft that later comes to the company’s attention.

Nick Blank is director of investigations at Blackpeak and heads their chemical sector practice. He specializes in handling complex due diligence, fraud and intellectual property investigations. He is the former head of Kroll’s Shanghai, Guangzhou and Seoul offices.