The concept of corporate governance

Over the last decade, the external environment in which companies operate has become increasingly complex for companies and shareholders alike. The increasing regulatory burdens imposed on companies in recent years have added to the costs and complexity of corporate governance and bring new challenges from operational, regulatory and compliance perspective. In addition to good corporate governance, modern management focuses on ESG (Environment, Social and Governance) as a measure of a company’s KPI rather than financial performance. Indeed more and more companies are voluntarily publishing their periodic ESG reports to inform interested parties and stakeholders on how their companies are managed. Corporate social responsibility (soft core obligations) and compliance (hard core obligations) thus form an integral part of good governance practice nowadays. In this leaflet, we will be focusing on compliance management as failure or deficiency of which may lead to administrative and/or criminal sanctions against the directors and senior management concerned.

What does compliance mean?

A key successful factor for companies is to maintain a culture of integrity and compliance and balance the needs and expectations of stakeholders. Indeed, integrity and compliance form not only the basis, but also an opportunity, for a successful and sustainable organization. Compliance is an outcome of a corporation meeting its legal, commercial and social obligations, and made it sustainable by embedding it in its culture and the attitude and behaviour of people working for it. It is advisable for companies to integrate their compliance management with financial risk, quality control, environmental and health and safety management processes and their operational requirements and procedures.


What advantage does compliance confer on a company?

(1) An effective compliance management system enables a corporation demonstrating its commitment to compliance with relevant laws, industry codes and organization standards as well as standards of good corporate governance, best practices, ethics and community expectation.

(2) From a practical standpoint, financial institutions and investors e.g., PE and VC funds are more receptive to corporation that maintains an effective compliance management system in providing funding and/or investment. Indeed, most of the global leading Stock Exchanges made compliance management system a pre-requisite condition for listing. Section 404 of the Sarbanes-Oxley Act 2002 (SOX) empowers the SEC to mandate all US listed companies to report its compliance management in its annual report which shall include an overall assessment on the effectiveness and responsibilities of such compliance system. The Hong Kong Stock Exchange also requires that an applicant for listing on the HKEX must engage a compliance consultant to advise it on the establishment and implementation of a compliance management system and to conduct annual compliance audit post listing. Failure in adopting and/or following certain mandatory compliance obligations in particular in case of public companies may render their directors and/or senior management liable to administrative and/or criminal sanction.

(3) Compliance could be a mitigating factor or an excuse for administrative and/or criminal sanction in certain jurisdiction. Chapter 8 of the Sentencing Guidelines promulgated by the United States Sentencing Commission provides that companies having an effective compliance management system in place could be a mitigating factor for judges to consider when passing sentence.

How about the status of compliance in China?

The opening up of China in the 80’s and the rapid economic development that follows render China becoming the second largest nation in the world in term of GDP. However the concept of corporate compliance is still relatively alien to a majority of Chinese companies in particular the small and medium size enterprises due principally to an evolving legal system and a general lack of appreciation on the value an effective compliance system bestows on a company. As the businesses of Chinese enterprises becoming more and more global, an increase in the risk of non-compliance with regulation of foreign host countries seems inevitable. Indeed, out of the 151 cases prosecuted by the US Government under the Foreign Corrupt Practices Act for the past 10 years, nearly one-third i.e., 44 cases involve Chinese companies. The sanctions impose by the World Bank against Chinese companies for malpractices (prohibition of misconduct under the Integrity Compliance Guidelines) also witnesses a drastic rise with 21 companies being sanctioned in 2017, 44 companies in 2018 and 23 companies for the first 5 months during 2019.


The Chinese Government has since 2005 been regulating corporate governance and compliance in a piecemeal fashion and has since then issued various guidelines as regards risk management and compliance management to financial institutions. It is encouraging to note that more emphasizes on this issue have been placed by the Chinese Government in recent years. In December 2017, the State Administration of Quality Supervision, Inspection and Quarantine and the Standardization Administration of China jointly promulgated the “Compliance Management Guidelines” (GB/T 35770-2017). The State Asset Supervision and Administration Commission (SASAC) has in November 2018 promulgated the “Central Government Owned Enterprises Compliance Management Guidelines” (Provisional) for all Central Government Owned Enterprises to follow. The National Development and Reform Commission, Ministry of Foreign Affairs, Ministry of Commerce, People’s Bank Of China, SASAC, State Administration on Foreign Exchange and the National Association of Industry and Commerce jointly promulgated the “Guidelines on Compliance Management for Enterprises Operating Overseas” in December 2018.

What our team could do to assist companies on compliance management?

Our team could assist you in establishing and maintaining an effective compliance management system. Our services include:

1. Working together with the management to:

(i) define the scope of the compliance management system

(ii) identify compliance obligations

(iii) identify, analyze and evaluate compliance risks

(iv) draft compliance policy

(v) identify organizational roles, responsibilities and authorities

(vi) assign responsibility for compliance within the company

(vii) form a governing body and to determine the top management role and responsibilities

(viii) set compliance function, management and employees responsibilities

(ix) draft an action plan to address compliance risk, nonconformity, noncompliance and corrective action

2. Conducting training for management and employees

3. Conducting performance evaluation on regular intervals and issue a compliance report for such matter and our recommendation on improvement

4. Conducting audit on regular intervals or at least once a year and issue an audit report of our findings and recommendation