Apr 25

Apr 25 Compliance Risk Management

1.Risk Categories for a Company

Strategic Risk: Risk from mistakes of strategic decisions.
Compliance Risk: Risk and loss from not in complaince with legal requirement
Operational Risk: operational activities fail to meet the goal
Financial Risk: Within certain period, the difference between the expected capital gain vs. actual capital gain

Corporate Management: Registration, Certification, and Administration
Business: Industry requirement, web security, information security, import and export, patterns, anti-bribery, competition, EHS and Commercial Law.
Operations: Labor law (Employment, Contracting, Visa, Personal Income Tax, PIC protection, Employee conduct), Tax

Marketing: to avoid using extreme language in marketing materials. e.g. the best….
Sales: to avoid extreme languages or anything against competition law
Production and Delivery: to avoid ignoring the compliance and security requirement during manufacturing and project implementation.
R&D: Patents and IP Protection
Procurement: Bribery
HR: Interview Scam and Background Check

Overseas Project PE (Permanent Establishment) Risk: if overseas delivery is over 183 days, need to pay 4% PE tax to local government.
- Separate contract - Hardware and software - overseas HQ with client while local service and delivery side with client
- Expat needs proper visa from local establishment
Misleading commercial ads
- Wording need to be objective and needs to go through audit
- Control partnership messages
Unlawful competition
- Proper bidding process through company formal process
- Avoid badmouthing competitors
- Business information protection
EHS (Environment, Health, Safety)