Risk Intelligence (01/03/2021) - China

Our risk intelligence specialists, led by Ian BETTS, take a 24/7 coverage approach to local, regional and global emerging threats and occurrences. Below is a small sample of our reporting, and you can discuss gaining comprehensive material through our risk intelligence function, and by using our 247 App.

THE NEW COMPLIANCE RISK REALITY:

THE INCREASING OVERLAP OF REGULATION, POLITICS AND SECURITY IS CREATING TOUGH CHOICES

Last week, the Financial Times ran an editorial on HSBC’s “pivot to Asia,” a decision underpinned both by business interests and, according to the Editorial Board, a “recognition of the new political reality.” HSBC, perhaps more so than any other company, has found itself between a rock and a hard place in Hong Kong. It has had to alternate between complying with conflicting orders and pressures from Washington and London, and Beijing, respectively. The editorial warns that the decoupling that began in technology will spread to all industries, and that “businesses will have to choose between western markets and access to China, and between liberal and authoritarian value systems.”

The editorial reflects two important and related trends that Hill & Associates have been tracking over the past several years: the confluence of regulation and politics, and the increasingly important notion of nationality for global Western companies. Corporates have been subject to geopolitical competition for at least as long as their operations have straddled borders, for instance via import restrictions or boycotts. But these two trends are helping to transform them into the vehicles of that competition.

A key turning point occurred in 2017-18 when China, both the state and public, began to scrutinize corporate references that touched on territorial issues. Apologies were demanded of Audi and Gap over their use of Chinese maps that failed to denote Taiwan as part of China, or China’s claims in various territorial disputes. In early 2018, the political challenge entered the regulatory compliance space when the Civil Aviation Administration of China (CAAC) ordered foreign airlines to amend any “incorrect” territorial references on their websites. Less widely reported, the Chinese National Administration of Surveying, Mapping and Geoinformation warned foreign companies of violations for publishing “incomplete” maps of China, including Japanese retailer Muji, which printed a map that did not include the Diaoyu (or Senkaku) Islands, controlled by Japan.

It has not taken long for the issue to come back around from the other side. In October 2019, a number of Southeast Asian nations pulled the Dreamworks animated film Abominable from theatres due to the presence in one scene of a map showing China’s so-called “Nine-dash Line” claim to the South China Sea. Around the same time, the fallout from NBA manager Daryl Morey’s Tweet in support of the Hong Kong protesters gave the issue much greater mainstream recognition. In July last year, then-Attorney General William Barr threatened US corporates that certain actions designed to “appease” the Chinese government could run afoul of the Foreign Agents Registration Act. Just this week, Reuters reported that a bi-partisan group of Senators including Marco Rubio and Elizabeth Warren would reintroduce a bill that would address “Chinese censorship of US companies.” A Democratic Senate aide told the news agency that the bill seeks to “help insulate companies from [Chinese] pressure,” although US leaders have often looked askance at certain corporate choices.

This issue brings to the fore the very notion of political control over private organizations in the democratic system. In some cases this is, and will remain, a kind of elevated pettiness: maps printed on T-shirts and the specific arrangement of drop-down menus on air ticketing websites will not decide territorial disputes, although corporates caught in the middle could see millions of dollars put at stake.

Other cases are altogether more serious. HSBC faced pressure last year to endorse the Hong Kong National Security Law (NSL) in what felt like a loyalty test, and the matter has been problematic. Conversely, in the wake of the rollout of the NSL, the US, which exerts considerable political control over the international financial system, compelled HSBC, Chinese state-owned banks and others to comply with sanctions against Chinese citizens in the Mainland and Hong Kong, including Chief Executive Carrie Lam. And in what appeared to be at least partially a response to this, China’s Ministry of Commerce (MOFCOM) in January introduced new “blocking rules” on US extraterritorial legislation, although these have yet to be applied.

As we remarked in China Country Risk Report No.1441, the MOFCOM rules do not, contrary to the views of some, herald an imminent choice between China and the west on the part of corporates. Neither do we believe that global corporates may be faced with the need to pick sides in a “new cold war”, as the FT’s Editorial Board termed it. Conflict in the classic Cold War was defined by rigid divisions, even literal walls. The “strategic competition” of today is characterized by precisely the opposite phenomenon: interconnectedness to such a degree that many lines (digital boundaries, corporate nationalities, legal jurisdictions) are difficult to even discern. This state of affairs may be more difficult for organizations and governments to grapple with than one of simplistic binary choice.

The flexibility of regulations, both in formulation and enforcement, seems to make them ideal instruments for this type of environment. At the corporate level, we foresee the geopolitical struggle playing out in terms of policy competition (pull) and compliance conflict (push). The complexity of the latter is only just beginning to become apparent. While banking sanctions are at least familiar, having been used for many years, the most critical areas are also the most novel: cybersecurity, data regulation, and concerns over collaboration in the development of emerging technologies.

These phenomena are an intimidating combination of technical complexity, regulatory underdevelopment and “securitization,” or the creeping expansion of what counts as “national security.” Companies may struggle to maintain their global operations in their current form when they are required, for example to comply both with the US CLOUD Act, which can subpoena data held outside the US, and China’s developing data security framework, which strictly regulates the transfer of information abroad. Caught between the two, the compliance dilemma threatens to become a political problem to which both Washington and Beijing seek to write the rulebook.

The outcome is far from clear, but some companies are already beginning to de-globalize certain aspects of their operations in anticipation of these challenges. This is the “new risk reality.”