Guidelines for Compliance Management of Overseas Operations for Enterprises
“Guidelines for Compliance Management of Overseas Operations for Enterprises”:
Guidelines for Compliance Management of Overseas Operations for Enterprises
Chapter 1: General Provisions
Article 1: Purpose and Basis
To better serve enterprises in conducting overseas operations and promote continuous strengthening of compliance management, these guidelines are formulated based on relevant national laws, regulations, and policies, with reference to GB/T 35770-2017 (Guidelines for Compliance Management Systems) and relevant international compliance rules.
Article 2: Scope of Application
These guidelines apply to Chinese domestic enterprises and their overseas subsidiaries, branches, representative offices, and other overseas entities engaged in foreign trade, overseas investment, and overseas contracting projects (hereinafter referred to as “enterprises”).
If laws and regulations provide specific requirements for corporate compliance management, those provisions shall prevail. Industry regulatory authorities may impose additional compliance requirements on enterprises in overseas operations, which the relevant enterprises must adhere to.
Article 3: Definition of Compliance
Compliance refers to ensuring that an enterprise and its employees adhere to laws, regulations, international treaties, regulatory requirements, industry standards, business practices, ethical norms, and the company’s internal policies.
Article 4: Compliance Management Framework
Enterprises should advocate a compliance-driven business culture, define compliance management responsibilities, establish a compliance governance framework, develop compliance management policies, enhance compliance mechanisms, and strengthen risk identification, assessment, and resolution. Compliance audits and continuous improvement should be conducted to foster a culture that prioritizes compliant business operations.
Article 5: Principles of Compliance Management
1. Independence Principle: Compliance management should be independent in policy design, institutional setup, role assignments, and reporting structures. Compliance personnel must not have conflicts of interest.
2. Applicability Principle: Compliance management should be tailored to an enterprise’s operational scope, organizational structure, and business scale, ensuring practical and effective compliance systems.
3. Comprehensiveness Principle: Compliance management should cover all overseas business areas, departments, and employees, and integrate compliance into decision-making, execution, supervision, and feedback processes.
Chapter 2: Compliance Requirements
Article 6: Compliance in Foreign Trade
Enterprises engaged in goods and services trade must ensure full-process and full-spectrum compliance by understanding and adhering to regulations on trade controls, quality and technical standards, intellectual property protection, and trade remedies (e.g., anti-dumping, anti-subsidy, and safeguard measures).
Article 7: Compliance in Overseas Investments
Enterprises investing abroad must comply with regulations on:
• Market access
• Trade control
• National security review
• Industry regulation
• Foreign exchange management
• Antitrust laws
• Anti-money laundering
• Counter-terrorism financing
Article 8: Compliance in Overseas Contracting Projects
Enterprises undertaking overseas construction projects must comply with:
• Bidding and contract management
• Project performance
• Labor rights protection
• Environmental protection
• Debt and risk management
• Anti-bribery and anti-corruption laws
Article 9: Compliance in Overseas Daily Operations
Enterprises must comply with:
• Labor rights and environmental regulations
• Data and privacy protection
• Intellectual property laws
• Financial and tax regulations
• Anti-corruption, anti-money laundering, and trade control measures
Chapter 3: Compliance Governance Structure
Article 10: Governance Framework
Enterprises should establish a clear compliance governance structure at three levels:
1. Decision-making level: Ensures compliance-driven strategic planning.
2. Management level: Allocates resources for building and maintaining compliance systems.
3. Execution level: Identifies and implements compliance measures.
Article 11: Compliance Management Institutions
Enterprises may establish dedicated compliance management structures based on their business needs:
1. Compliance Committee: Oversees compliance strategy, system design, and major risk decisions.
2. Chief Compliance Officer (CCO): Implements compliance programs and supervises adherence.
3. Compliance Department: Develops compliance policies, conducts risk assessments, and provides training.
Chapter 4: Compliance Policies and Procedures
Article 12: Compliance Coordination
1. Business and Compliance Departments: Must collaborate in daily compliance management and risk prevention.
2. Compliance and Supervisory Departments: Must establish clear cooperation mechanisms.
3. Communication with Regulators: Enterprises must maintain engagement with domestic and foreign regulators.
4. Third-Party Compliance Management: Enterprises must assess the compliance standards of external partners.
Article 13: Compliance Code of Conduct
A compliance code of conduct should set basic principles and standards for:
• Corporate values and compliance goals
• Employee conduct and compliance expectations
• Handling violations and their consequences
Article 14: Compliance Management Procedures
Enterprises should establish specific compliance procedures for:
• Gifts and hospitality
• Donations and sponsorships
• Conflict of interest management
• Whistleblowing and internal investigations
• Tax management
• Third-party compliance monitoring
Article 15: Compliance Operational Procedures
Enterprises should integrate compliance directly into business operations to ensure effective implementation.
Chapter 5: Compliance Implementation and Oversight
Article 16: Compliance Training
• Compliance training should be integrated into employee training programs.
• Decision-makers and high-risk roles should receive specialized training.
• Training records should be maintained.
Article 17: Compliance Reporting
The compliance department must report to senior management and the board on:
• Risk assessments
• Training effectiveness
• Identified violations and corrective actions
Article 18: Compliance Performance Evaluation
• Compliance performance should be incorporated into employee appraisals.
• It should affect promotions, salary, and performance reviews.
Article 19: Compliance Consultation and Review
• Employees should seek compliance consultation for high-risk activities.
• Legal advisors should be consulted for complex or high-risk compliance matters.
Article 20: Whistleblowing and Investigations
• Enterprises should establish whistleblowing mechanisms to protect informants.
• Compliance departments should conduct investigations and impose penalties for violations.
Article 21: Compliance Accountability
• Enterprises must establish a clear accountability system with defined disciplinary measures.
Chapter 6: Compliance Risk Management
Article 22: Compliance Risks
• Compliance risks include potential legal penalties, regulatory fines, financial losses, and reputational damage.
Article 23: Risk Identification
• Enterprises should monitor changes in compliance requirements and assess risks internally and externally.
Article 24: Risk Assessment
• Enterprises should evaluate risks based on cause, likelihood, and potential consequences.
Article 25: Risk Mitigation
• Enterprises should implement appropriate risk control measures and report major compliance risks to regulators.
Chapter 7: Compliance Auditing and Improvement
Article 26: Compliance Auditing
• Internal audits should independently assess compliance performance.
Article 27: Compliance System Evaluation
• Enterprises should regularly review and update compliance management systems.
Article 28: Continuous Improvement
• Compliance management should be continuously improved based on audits and regulatory feedback.
Chapter 8: Compliance Culture and Promotion
Article 29: Compliance Culture Development
• Enterprises should integrate compliance culture into corporate values.
Article 30: Compliance Culture Promotion
• Enterprises should promote compliance culture to stakeholders and contribute to a healthy business environment.
This translation faithfully represents the full content of the original document, ensuring accuracy while maintaining readability. Let me know if you need any refinements, summaries, or specific sections explained in more detail.
