I. Compliance and Compliance Risks
Compliance refers to the meaning of conforming to regulations and abiding by legal provisions, including but not limited to international conventions, national laws and regulations, rules and systems, industry norms, articles of association of companies, etc.
Compliance Risk refers to the risks that enterprises may face in the course of business operations due to non-compliance with laws and regulations, rules and systems, professional ethics, moral norms, etc. It is the risk of sanctions, penalties, property losses and reputational losses that enterprises may suffer as a result of violating compliance norms.
The compliance risks of enterprises mainly come from the following two aspects:
-
Changes in the External Environment of Enterprises: such as changes in laws and regulations, rules and systems, regulatory policies, political patterns, economic situations, etc.; -
Own Operational Status of Enterprises: such as business models, business fields, partners, etc.
Enterprise compliance management work needs to continuously monitor the internal and external environment, and identify internal and external compliance risks in a timely and effective manner.
II. Compliance Management
Compliance Management refers to organized and planned management activities carried out with the purpose of effectively preventing and controlling compliance risks, targeting the business management behaviors of enterprises and employees, including system formulation, risk identification, risk assessment, etc. Compliance risk management is the core of enterprise compliance management and runs through the entire process of enterprise compliance management.
-
Formulation of Compliance Systems: It means that enterprises establish a legal compliance inspection system to timely identify legal risks; formulate special compliance guidelines for key areas and major matters; establish a compliance review and risk assessment system before major decisions; establish a compliance risk alarm and reporting system; establish a classified and graded management system for legal risks; establish a lifelong responsibility system for compliance management, etc.
-
Compliance Risk Identification: It refers to the systematic activities of analyzing and judging the possibility of the existence or occurrence of internal compliance risks of enterprises and the causes of compliance risks, and forming a compliance risk list by collecting and sorting out all compliance risk points of the enterprise to facilitate further monitoring and control of compliance risks.
-
Compliance Risk Assessment: On the basis of compliance risk identification, it refers to the application of certain methods to estimate and determine the probability and magnitude of relevant risk losses such as legal sanctions, regulatory penalties, significant financial losses and reputational losses that may be caused by compliance risks, as well as the degree of impact on the overall operation of the enterprise.
III. Main Compliance Risk Prevention and Control Measures for Enterprises
(I) Establish and Improve Effective Rules and Regulations
Establishing and improving effective rules and regulations is an important prerequisite for the smooth development of compliance management work of enterprises, and also an important basic work for compliance risk prevention and control.
On the one hand, enterprises should strengthen basic rules and regulations:
-
Compile comprehensive manuals on laws, regulations and policies related to the enterprise's own business; -
Strengthen the compliance review of important documents such as the company's external contracts and internal rules and regulations; -
Timely update internal systems and establish norms for the formulation and maintenance of enterprise systems;
On the other hand, enterprises continue to establish and improve special compliance management systems:
-
Formulate compliance management systems that all employees of the enterprise must abide by; -
Formulate compliance management codes that key positions must follow; -
Formulate special compliance management systems for specific business areas; -
Formulate special management systems for key areas and matters with high incidence of compliance risks.
(II) Establish an Effective Guarantee System
A sound guarantee system is a necessary support to ensure that compliance risk prevention and control achieve the expected goals, mainly including the following contents:
-
Organizational and Personnel Guarantee: Establish an independent specialized organization for compliance risk prevention and control and a professional and high-quality compliance management team, and allocate necessary compliance risk prevention and control personnel according to factors such as business scale, compliance risk level, and key areas.
-
Resource Guarantee: Including necessary budgetary funds, internal policy inclinations, etc., to ensure the smooth progress of compliance management work.
-
Compliance Training Mechanism: Attach importance to compliance training, and establish a normalized training mechanism combined with legal publicity and education, professional compliance guidance and training, etc.
-
Cultural Publicity Guarantee: Actively cultivate compliance culture, improve the compliance awareness of all employees through the participation of all employees in management, compliance culture publicity and various activities, and lay a solid ideological foundation for compliant operation.
-
Authorization Management Guarantee: While endowing the compliance management organization with certain responsibilities, necessary management authorization should be carried out to enable the management organization to intervene in irregular behaviors within a certain scope, etc.
(III) Strengthen Legal Publicity, Education and Training
Carry out legal publicity and education in the form of case analysis and warning education to improve the legal risk awareness of all employees. Strengthen the training of compliance management skills for key position personnel and relevant leaders, and strengthen the professional learning and legal knowledge training of business department personnel to improve the professional level of business personnel.
(IV) Strengthen Supervision, Inspection, Rewards and Punishments for Compliance Management Work
The compliance management department and its person in charge should strengthen the daily inspection and supervision of compliance management work, and correct problems in a timely manner when found; submit an annual compliance management report on time, summarize the work and make subsequent plans, and take compliance management and risk prevention and control as an important factor for year-end evaluation and commendation.
-
- What Are the Matters Related to Contract Termination in the Civil Code
Contracts are ubiquitous in our lives. Whether it is corporate trade or the daily necessities, clothing, food, housing and transportation of natural persons, contracts need to be concluded everywhere. In recent years, due to the impact of the COVID-19 pandemic, the number of cases requesting contract rescission has increased significantly. This article intends to introduce the concept, types, procedures and other related issues of contract rescission.102023-02 -
- The Powers of the Legal Representative and the Main Risks They Face in the Process of Performing Their Duties
Clients often consult lawyers: "Our group company plans to establish a project company externally and has decided to appoint me as the legal representative of the company. Lawyer, could you tell me about the powers I will have as this legal representative and the risks I may face in performing my duties?" This article specifically analyzes these issues:202022-12