Overview of the corporate compliance reform in criminal cases

What is the 3PM (Third Party Mechanism) Compliance Reform and why does it matter？

A new system allows amnesty or leniency for businesses implicated in crimes that agree to implement internal reforms. In some cases, a “third-party” team of non-governmental experts is formed to monitor the fulfillment of the business’s pledges to improve compliance.

Inspired by US ‘deferred prosecution agreements’ the system is poised to be used expansively in China, as it can be applied in both cases where the business itself is suspected of crimes, or where key personnel are suspected of crimes that are closely related to (or in furtherance of) the business’s operations. Moreover, there are no restrictions on what size business the system may be applied to, and small or micro businesses are explicitly included.

The system is meant to recognize and minimize the adverse impact a criminal investigation (or record) can have on a business, allowing it to continue normal operations while correcting existing problems and ensuring that future violations are prevented.

Background and Progress

During the pilots, the 10 provinces applied the system in 766 cases, with 504 using a third-party mechanism; and other regions applied the system in 223 cases, with 98 using a third-party mechanism.

From March 2021-August 2022, the system was applied in 3,218 cases with 2,217 applying the third-party mechanism.

The Players:

1. The Key Ministries/departments involved: The system is largely operated by nine stakeholder departments that jointly drafted the primary legal authority to date, namely: The Supreme People’s Procuratorate (SPP), the State-owned Assets Supervision and Administration Commission of the State Council (SASAC), Ministry of Finance (MOF), and the All-China Federation for Industry and Commerce (ACFIC), in collaboration with the Ministry of Justice (MOJ), Ministry of Ecology and the Environment (MoEE), State Administration of Taxation (SAT), State Administration for Market Regulation (SAMR) and the China Council for the Promotion of International Trade (CCPIT).
2. Management Commissions (“Commissions”): Commissions composed of key department members are responsible for the overall management of the new system, ensuring that it operates smoothly, effectively, and in accordance with law. A national level Commission is to draft system rules, debate law and policy issues, set rules on the eligibility of participating professionals, regulate and inspect system operations, and coordinate with professional bodies and industry associations. Commissions at local levels are responsible for coordinating efforts at that level, primarily forming and overseeing third-party case organizations by establishing directories of eligible local participant professionals, selecting organization membership, providing training, and inspecting and overseeing organizations.
3. Third-party Organizations (“Organizations”): Temporary bodies comprised of between 3-7 professionals (as low as 2 for small business cases) that are established by commissions to investigate, oversee, appraise, and monitor enterprises’ implementation of compliance plans. The members are selected randomly from professionals with relevant experience listed in directories of all eligible professionals maintained by the commissions. An organization will generally only assess a single enterprise, but may sometimes assess more where the enterprises are in the same case or are closely related. Organizations are dissolved at the completion of their work.
4. Third-party professionals (“professionals”)- The members of organizations as selected by commissions. They primarily include lawyers, accountants, tax agents, business compliance agents, members of relevant industry and professional associations, and persons with expertise in relevant fields such as retired judges and procurators. Government workers with expertise, such as from departments for environmental protection and taxation, may be included in organizations, or may be brought in for consultation. Commissions are to maintain directories of eligible professionals, and of professionals barred from participation due to previous misconduct, for the corresponding area..
5. Enterprises involved in Cases (“enterprises”): Includes enterprises that are suspected of committing financial or malfeasance crimes either as an entity, or where key management or technical personnel are suspected of committing such crimes if they are closely related to business operations.
6. The procuratorate handling the case: The procurators pursuing the criminal case are responsible for initiating the third party mechanism and also for compliance review- meaning the evaluation of organizations’ work and conclusions. In cases involving small businesses, the procuratorate may also directly monitor the business’ compliance efforts in place of an organization. Based on the enterprises’ successful participation in establishing compliance, procurators may choose not to prosecute, not to approve arrests, and to modify restrictive measures.

The General Process:

Initiation

Prosecutors are to be on the lookout for cases involving enterprises that would benefit from application of the compliance reform, and the parties or their representatives may also apply to the procuratorate to have the system applied. Application requires an admission of guilt and acceptance of punishment (a plea), and the enterprise also needs to be able to carry out normal activity during the process, make pledges to improve internal compliance systems, and agree to apply the third party mechanism. It must never be applied where the business involved was established solely to commit crimes or has primarily been used to commit crimes, or where the case includes crimes endangering national security or terrorism.

Where the procuratorate believes application is appropriate, it will consult with the commission at that level. The commission will then form the third-party organization, randomly selecting professionals from the relevant categories of a directory of eligible professionals (the directory) based on the nature of the case and the size and specifics of the enterprise involved. Professionals outside the directory may be brought in where the directory lacks professionals with the necessary expertise.

Once formed, the commission will publicly announce the organization’s membership on relevant web pages for at least five business days, and provide channels for submitting objections. Where there are no objections and the procuratorate does not find the membership improper, the group is formally established and the membership should remain fixed until its work is completed. The commission may designate a point person for the organization, or allow it to elect its own leader subject to commission approval.

Compliance Assessment: The Organizations’ study, appraisal, oversight, and monitoring of compliance establishment.

The organization is to work with the procuratorate to learn about the case and fully understand the enterprises’ compliance issues. They will then request that the enterprise submit one or more compliance plans aimed at establishing full compliance, but particularly focused on specific problems related to the alleged offense. The plans should contain concrete actions aimed at establishing or improving mechanisms for risk prevention, personnel management, and fixing existing vulnerabilities. The organization is to review the plans’ feasibility, efficacy, and comprehensiveness, emphasizing the likelihood it can be completed, how well it will prevent the type of violations alleged or similar incidents; then seek the procuratorate’s input and submit comments to the enterprise.

Once a plan is finalized, the organization will determine the period for monitoring based on the specific circumstances and the amount of time allotted in the plan to fulfill compliance pledges. While no specific time limit has been set for the monitoring period, until the Criminal Procedure Law is amended to expand the system, it should not be longer than one year- the period in which the procuratorate must usually decide whether to prosecute a case.

During the monitoring period, the organization is to oversee and assess the plan’s implementation. They may conduct inspections using a variety of methods such as observation, document and file review, spot inspections of business practices, comparison of data from different sources for consistency, and checking management tracking and oversight tools. They will also request that the enterprise submit regular written reports on its efforts, which are to be sent to the procuratorate for comment as well. The enterprises must cooperate with the ongoing monitoring and evaluation, and provide truthful information.

In their assessment work, organizations and their members must abide by relevant laws, and remain objective and impartial. They have a duty to protect the confidentiality of any state secrets, commercial secrets, or personal information they learn of in the course of their work, and must not use their position to interfere with the enterprises’ normal business operations. Taking of bribes, or otherwise using their position to extort or obtain benefits is, of course, prohibited, and may result in punishment. Enterprises have the right to report misconduct by the organization and its members to the commission or the procuratorate, which will investigate and make punishment recommendations.

At the completion of the monitoring period, the organization will perform an overall inspection and appraisal, and draft a written report for the procuratorate and commission. The assessment should focus on the enterprise’s establishment of risk identification and control systems, prompt handling of violations, adequate compliance staffing and equipment, normalized operation of compliance mechanisms, and progress toward establishing ongoing, dynamic compliance mechanisms and a culture of compliance. Specific indicators should be identified for the evaluation, based on industry standards, and weighted in consideration of the type and scale of business and the specific offense involved. The final report is to include the organization’s methodology and actions, assessments of progress and fulfilment of pledges, comments, and recommendations. The report is to be submitted collectively by the organization’s members, but dissenting opinions should be included and explained.

Compliance Review

When commissions and procuratorates receive the organization’s report, they are to conduct a thorough review. This includes consideration of the appropriateness of the compliance plan, and whether the materials provided are complete, professional, and sufficient to support the conclusions reached. Any improper conduct by the organization members should also be evaluated, and where it may have impacted the fairness of the evaluation, the commission is to form a new organization for further monitoring and assessment. Where there are other questions about the report, the procuratorate may ask the organization to explain, and may also conduct its own investigation into them.

The report and supporting materials are to be a reference for the procuratorate in making decisions to not prosecute, to modify compulsory materials (such as release on bail), or in making lenient sentencing recommendations to the court.