The ongoing decoupling and geopolitical tensions between the US and China have had a persistent and far-reaching impact on businesses worldwide. This has created unprecedented, diverse, and formidable challenges, including tightening export control measures, mass sanction designations, and other national security-related restrictive actions. Furthermore, the Chinese government has updated and reinforced its export control and sanction regimes to safeguard national security.
Given these trends, it is highly beneficial for industry practitioners, particularly multinational corporations (MNCs), to carefully review their business operations. Such a review can help to identify potential areas for improvement, which can assist in addressing any compliance and supply chain issues. Additionally, it can ensure that companies remain compliant with any applicable export control and sanction regulations. By taking these steps, businesses can navigate the complexities of these challenging times more effectively and safeguard their long-term success.
KPMG China will be addressing the above challenges, and how businesses can respond, in a webinar at 5pm Beijing time (9am GMT) on January 25.
An overview of export controls and sanctions regimes in China
Since 2017, China has been drafting a new Export Control Law, which was finally promulgated and implemented towards the end of 2020. The law is aimed at prioritising national security and development interests. It is a response to recent significant changes in international politics and economics, especially the trade dispute between China and the US.
After promulgating the Export Control Law, China’s export control system can be divided into three categories.
The first category deals with the export control of dual-use and military items, and it is governed by the Export Control Law and several export control administrative regulations.
The second category is focused on the export control of restricted technologies, which the Foreign Trade Law and the Regulations on Technology Import and Export Administration regulate.
The final category pertains to the restricted parties rules, which include lists such as the List of Unreliable Entities and the Counter-Sanctions List, governed by the Anti-Foreign Sanctions Law and the Provisions on the Unreliable Entity List.
In addition, the Chinese data security regulations encompass export control issues to mitigate national security risks associated with outbound data transfers. These regulations mandate that data related to export-controlled items are subject to export control restrictions. Furthermore, critical data and certain personal information require a security assessment and review by the relevant government agency or other official authorisations before any outbound transfer. This type of assessment entails comparable national security considerations to those involved in authorising export controls.
Export control regulations
China has taken an active role in contributing to the prevention of the spread of nuclear, biological, and chemical weapons since the 1990s and early 21st century.
China has developed regulations pertaining to export controls under the ambit of its existing Foreign Trade Law that encompass nuclear, biological, and chemical weapons, as well as missiles and other related dual-use and military items. These regulations were put in place to monitor and regulate the exportation of crucial items necessary for China to fulfil its international obligations relating to non-proliferation.
China has referred to global best practices to ensure that its domestic export control laws and regulations comply with international standards. In principle, China's domestic regulatory framework aligns with international practices, enabling China to fulfil its global responsibilities as a responsible major country effectively.
The Chinese government is taking steps to update its export control regulations to comply with the new Export Control Law. The Ministry of Commerce has created the Regulations on Export Control of Dual-Use Items (Draft) (the Draft RECDU), which will replace the previous regulations on export control of dual-use nuclear goods, missiles, dual-use biological goods, related technologies, and related equipment.
The new rules will make China's export control system for dual-use items more comprehensive and advanced. The Ministry of Commerce will play a more significant role in export control supervision and law enforcement if the Draft RECDU is approved and enacted.
Technology export restrictions
The Foreign Trade Law has established explicit technology import and export operations guidelines. According to Article 16 of the law, the government is empowered to restrict or prohibit the exportation of certain technologies based on national security and public interests or to safeguard the development of specific industries.
The Regulations on Technology Import and Export Administration provide more detailed provisions for prohibiting or limiting the exportation of particular technologies. The Ministry of Commerce is responsible for formulating and announcing a Catalogue of Technologies Prohibited or Restricted from Export (the Restricted Technologies Catalogue). Exporting restricted technologies will require a licence management process.
In December 2023, the Ministry of Commerce announced the release of a revised version of the Restricted Technologies Catalogue. This new version brings significant changes to the previous iteration by substantially reducing the number of items listed, revising some existing technologies, and adding new ones.
The aim of this revision is to enhance China's technological competitiveness while regulating the exportation of sensitive technologies. One of the most notable changes in the updated catalogue is the removal of many technical items that predominantly belong to traditional industries such as agriculture, food, textile, chemical, machinery, and equipment manufacturing.
On the other hand, the new catalogue adds several cutting-edge technologies related to emerging industries, including biotechnology, rare earth processing, robots, light detection and ranging (LiDAR), photovoltaics, and intelligent vehicles. However, some of the newly added technologies – such as rare earth processing technology, integrated circuit manufacturing technology, and robot manufacturing technology – are designated as prohibited from exportation. Moreover, other technologies – such as unmanned aerial vehicle, laser, LiDAR, and aerospace material technologies – are restricted from exportation.
These changes reflect the Chinese government's commitment to national security and public interest by regulating the exportation of sensitive technologies. By doing so, it also ensures that emerging technologies are appropriately regulated to prevent any potential misuse. The updated catalogue represents China's effort to stay at the forefront of technological advancements while adhering to regulatory measures.
‘Blacklists’ of China
China has implemented a ‘blacklist’ system to protect its overseas development interests. The system is designed to ensure compliance and prevent non-compliant businesses and individuals from participating in any business operations that have relations with China.
The blacklist includes entities and individuals that have violated any of the regulations related to anti-foreign sanctions or blocking measures. The repercussions for inclusion in the blacklist could be severe and may adversely impact the interests of non-compliant parties. Therefore, Chinese businesses and individuals must stay informed about these developments and take necessary measures to comply with the regulations.
The blacklist system is regularly updated, and companies and individuals must stay up to date with the latest developments to remain compliant. Failure to do so could significantly damage their reputation and business interests.
In September 2020, the Ministry of Commerce introduced a new set of regulations called the Provisions on the Unreliable Entity List. This was a significant move away from China's previous approach of adhering to UN Security Council sanctions rules and lists. The new rules established a restricted party system of autonomous sanctions in China, aimed at countering the unilateral sanctions imposed on China by the US and other countries.
The regulations were implemented in response to the increasing use of extraterritorial sanctions by the US government, which have caused significant negative impacts on Chinese entities, individuals, and related sectors. The provisions provide the legal basis for China to take countermeasures against foreign entities that engage in discriminatory or restrictive actions against Chinese companies and individuals, to safeguard China's national security and interests.
The rules require Chinese companies to report any discriminatory or restrictive measures taken against them by foreign entities and provide legal protection to those who report such actions. The new regulations are expected to have a significant impact on the global business environment, particularly for companies that operate in both China and the US, as they may face increased regulatory scrutiny and potential legal risks.
Outbound data transfer security review
The Chinese government has established bodies responsible for regulating and supervising data security and export control in the country. The State Administration of Cyberspace is tasked with overseeing data security, while the Ministry of Commerce is responsible for supervising export control. However, with regard to data related to export-controlled items that pose a risk to national security, such data is also considered as export-controlled items and is subject to export control regulations and licence requirements.
In 2022, the State Administration of Cyberspace published new regulations that govern security assessments for outbound data transfers. These regulations aim to ensure that data transfers do not pose any risks to national security and comply with all the relevant laws and regulations. As data security is a relatively new area of supervision for the Chinese government, the regulations and enforcement practices are regularly updated in response to overall national security risks and feedback from business operators.
A system in transition
In summary, China’s export control legal system is in a transitional period. In the past three years, China has implemented several laws – such as the Export Control Law, the Anti-Foreign Sanctions Law, and the Data Security Law – to address new national security concerns and geopolitical interests. These laws now serve as the basis of China's new export control regime. However, there is still ambiguity surrounding implementing and coordinating the recently developed Provisions on the Unreliable Entity List and the Rules on Counteracting Unjustified Extra-territorial Application of Foreign Legislation and Other Measures with the Export Control Law.
It is highly recommended that MNCs with business relations in China should pay close attention to the updates to regulations and the enforcement practices relating to Chinese export controls and sanctions.
Compliance requirements ‘gaps’ between China and the US
MNCs that maintain business relations in the US and China must comply with the laws of both countries. However, in practical terms, certain gaps or differences exist in the nations' compliance requirements and enforcement approaches.
In the context of internal compliance programmes aimed explicitly at export control, the requirements of the countries differ in terms of what constitutes a sufficient compliance programme.
China operates as a statutory country, while the US functions as a case law country. As per the general logic of China's regulatory agencies, an ideal compliance mechanism should consist of several listed compliance elements within the guidance framework, and the compliance system may take some time to become operational after the framework is established. This is considered a normal phenomenon and is not viewed as any deviation from the norm. However, according to the logic of US regulators, if an established compliance framework exists but the mechanism fails to prevent a non-compliance event, the established compliance mechanism is considered ‘paper compliance’, thereby increasing the accountability of the enterprises for violations.
It is important to note that there is no one-size-fits-all compliance formula for multi-jurisdiction compliance. Correct answers to compliance questions can only be provided based on specific business situations and regulatory requirements. Therefore, enterprises must define the compliance scope from a business operation and jurisdictional perspective before undertaking the overall compliance work. This approach allows for better planning and implementation of compliance measures that are tailored to the unique requirements of the enterprise.