Any company with more than a small presence in China is likely to need to conduct an internal investigation there at some point.
While investigations in China are not wholly different than in other jurisdictions, our experience handling scores of such investigations leads us to the conclusion that companies can take certain steps in advance to minimize headaches if and when such an investigation in China is needed.
1. Properly adopt company policies under PRC law. Most companies have a global code of conduct and likely a global anti-corruption policy that applies to employees in China. A company may not realize that in order for the policies to be effective under PRC law, they need to be provided to the trade union (if one exists) or to all local employees for review, discussion, and comment. Failure to do so (or failure to provide these policies in Chinese) materially increases the risk that employees may challenge or seek to invalidate these policies as being inapplicable, particularly in cases of termination of employment based on serious violations of company policy.
2. Include privacy provisions in contracts and notices. Collecting electronic data from employees’ IT assets is often needed in the initial stages of an investigation. PRC privacy laws have evolved quickly in recent years. Employers are required to keep employee data confidential, and should obtain advance consent prior to sharing such information outside of the company. In view of such a requirement, companies can best protect themselves and mitigate risk by:
- Implementing an IT use policy stating that the company has the right to access, monitor, review, and disclose to third parties information on company-owned IT assets. It is important to ensure that the policy is available in Chinese and to adopt the policy pursuant to the PRC Labor Contract Law.
- Having each employee acknowledge receipt and, if possible, acceptance of the policy by signing a hard-copy document or via electronic means. Ideally, the acknowledgment should be in Chinese or the working language used by the employee to avoid any confusion or future dispute with respect to the content of the policy.
- Placing prominent notices (in Chinese and any other working language) around the workplace and/or online (for example, displaying it as a customized legal notice or start-up message when employees log in to company computers or networks) that reminds employees of the policy.
- Including provisions in employment contracts referencing the policy and the company’s rights over company-owned IT assets.
3. Conduct a front-end state secrets analysis. The PRC Law on Protecting State Secrets — an often misunderstood law — broadly prohibits unauthorized individuals and entities from acquiring, possessing, recording, storing, or transferring outside of China information deemed to be a “state secret.” For many — perhaps most — multinational companies, the law will not significantly impair an investigation in China or require additional steps. However, in some cases, state secrets may be post more significant risks that will need to be navigated.
In most cases, these risks can be analyzed in advance — before an investigation arises — working with a China-based lawyer who has experience with both China investigations and state secrets issues. The analysis usually turns on factors such as the industry, whether the Chinese affiliate has sales to or is in a joint venture with a government or state-owned entity, and what information the Chinese affiliate has access to.
Conducting this front-end analysis can often spare significant handwringing in the early days of an investigation when decisions need to be made about how to structure (or restructure) an investigation to account for potential state secrets sensitivities.
The next post will look at IT assessments and Chinese laws regarding bribery.
Eric Carlson, a contributing editor of the FCPA Blog, is a Shanghai-based partner at Covington & Burling LLP specializing in anti-corruption investigations and compliance, with a particular focus on China. He speaks fluent Mandarin and Cantonese and can be contacted here. He’ll be a speaker at the FCPA Blog NYC Conference 2016.