Hongwei Ma: Securities Compliance | New Challenges of Listed Companies

Cross-border listing is an important part of the internationalization process of the capital market. In 2019, China proposed the goal of capital market reform to be "market-oriented, rule-of-law-based, and internationalized." In 2023, the "Trial Administrative Measures of Overseas Securities Offering and Listing by Domestic Companies" and supporting rules were implemented, and the supervision of going overseas will officially enter a new era. For Chinese companies, the U.S. securities market is attractive due to its large scale, mature development, and well-established legal system, making it one of the preferred locations for companies to go public overseas. In this context, domestic companies are facing dual regulatory issues. This article will start with a comparison of the regulatory systems between China and the United States, and then analyze the system, model, and specific regulations for securities public law enforcement in both countries. It will analyze the similarities and differences between them, and provide suggestions for the dual regulatory compliance risks faced by participants in the securities market.

一、Commonalities and Differences in Regulatory Systems

The International Organization of Securities Commissions (IOSCO) has set three regulatory objectives, namely "protecting investors", "ensuring that markets are fair, efficient and transparent", and "reducing systemic risk".[1] Although the securities regulatory agencies in various countries have their own focus, they generally recognize the enforcement goals. In practice, however, due to factors such as the historical background, actual national conditions, and the development of the securities market in each country, there are different regulatory practices.

（一）An Overview of the Regulatory Legal System

China's securities market regulatory legal system is composed of laws, administrative regulations, departmental rules, normative documents and industry norms, among which the Securities Law occupies the core position and plays a leading role, and laws and regulations of other levels are rolled out on this basis. The U.S. securities regulatory laws at the federal level consist of Title 17 of the CFR, "Commodity and Securities Exchanges" which mainly include the Securities Act of 1933, the Securities Exchange Act of 1934, and the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010.[2] The SEC also specifies the rules, forms, regulations and other contents under the above-mentioned Acts. As opposed to federal law, state laws that regulate securities trading within a state are often referred to as the "Blue Sky Bill."

（二）Regulatory Authority Structure and Responsibilities

The key to maintaining a sound and healthy development of the securities market is strict enforcement and the securities regulatory agency is the backbone of this effort. The following will compare the public enforcement regulatory authorities in two countries in terms of system, structure, functions, and other aspects.

1. Commonality: Centralized and Unified Regulatory Model

In terms of regulatory mode, the securities regulatory powers of China and the United States are both concentrated in the national/federal level public regulatory agencies, namely the China Securities Regulatory Commission (“CSRC”), a direct subordinate of the State Council, and the U.S. Congress-authorized independent agency, the Securities and Exchange Commission (“SEC”) (collectively referred to as the “securities regulatory agencies”). Centralized supervision mode can unify and control the national securities market, and coordinate and integrate regulatory resources.

2. Difference: Organizational Structure and Functions of Securities Regulatory Agencies

（1）CSRC：A Unified Law Enforcement Agency

After the establishment of the National Financial Regulatory Administration in 2023, the regulatory framework for financial supervision in China has shown the characteristics of "one bank, one commission, and one administration". As a commission directly under the State Council, CSRC uniformly supervises the securities and futures fund market, drafts relevant laws, regulations and rules. It also conducts investigations and administrative penalties on suspected violators, and provide support for investor protection.

（2）SEC: A Quasi-Judicial Institution with Uniquely Function

In terms of the scope of financial products regulation, the most intuitive difference between the CSRC and the SEC is that the United States has established a Commodity Futures Trading Commission (CFTC) to specifically regulate futures and swap transactions. As the highest administrative body responsible for overseeing the national securities market, the SEC is in charge of reviewing the disclosure and financial reports of publicly listed companies, supervising the equity markets, exchange-traded equity options, the fixed income markets and the activities of registered entities (investment advisers, funds, and securities firms), as well as providing investor education and protection.[3]

Compared to the CSRC, on the one hand, the SEC has a stronger independence in government relations, with direct authorization provided by federal law, independent of the President and federal executive departments. On the other hand, the SEC also has a quasi "judicial power", that is, the SEC has an in-house court, employs administrative law judges (ALJ), and presides over the trial of illegal cases. In administrative actions, the SEC's investigators act as plaintiffs to bring lawsuits against the subjects of the investigation who are in the position of defendants, and the administrative law judges make orders or initial decisions. If either party has objections to the initial decision, they may appeal to the SEC, which can either approve the administrative law judge's decision, overturn the decision, or remand the case for additional hearings. When the SEC reviews the initial decision in the appeal process, it is exercising judicial power.

（三）Sanction Measures and Models

1. Commonality: Similar Types of Penalties

In terms of the types of penalties, both CSRC and SEC mainly impose restrictions and penalties on the rights and obligations of parties through fines, reprimands/warnings, suspension or revocation of securities business licenses, market bans, and restrictions on the appointment of senior executives, which can be generally categorized as financial penalties and qualifications penalties.

2. Differences: More Diverse Enforcement Mechanisms

Although the two are quite similar in terms of the type of penalty, there are significant differences in the enforcement mechanism. In order to ensure that federal securities laws have not been violated or if there is suspicion that federal securities laws have been violated, SEC investigators may conduct preliminary investigations. Based on the findings and recommendations of the investigators, the SEC may decide not to take any action, or it may initiate enforcement proceedings. Common enforcement actions include the following.

（1）Civil (Enforcement) Action

The SEC may bring civil actions in federal district court against entities it believes have violated federal securities laws. The civil injunctions are the most frequent sanctions sought by the SEC, which prohibit any further violations of the law or rules. Furthermore, the SEC may seek civil penalties and disgorgement of any money obtained from the illegal conduct. The court may also prohibit or suspend individuals from serving as corporate executives or directors. Individuals who violate court orders may be considered in contempt of court and subject to additional fines or imprisonment.

（2）Administrative Proceedings

As mentioned above, in addition to administrative enforcement functions, the SEC also has quasi judicial powers. The SEC can seek various sanctions through the administrative proceedings. The difference between the administrative proceeding and civil action is that it is the ALJ of SEC who presided administrative proceedings and make preliminary decisions, including findings of fact and legal conclusions. 

（3）Settlement

In many cases, the SEC and the parties choose to terminate the investigation by reaching a settlement agreement. One classic example of financial fraud that we are familiar with is the case of RX. In December 2020, the SEC filed a civil lawsuit against RX, accusing it of accounting fraud for overstating revenue and underreporting net losses. Afterwards, both parties reached a settlement agreement and signed a consent decree. RX, without admitting or denying the allegations, expressed willingness to pay a civil penalty of 180 million US dollars. The court approved the settlement agreement in February 2021. 

The invitation for settlement discussions can be proposed by either party. Generally, SEC staff would provide the opportunity for settlement discussions to one of the parties involved in appropriate circumstances, as an alternative to issuing a Wells Notice (Wells Notice is SEC's informal reminders to a prospective respondent before initiating civil litigation).  In other situations, the respondent may also express interest in settlement before SEC staff completes the testimony. 

（四）Enforcement Content and Penalty Intensity

1. Commonality

There are some similarities in the enforcement focus of CSRC and SEC. Violations of information disclosure, illegal securities trading activities (insider trading, market manipulation), and intermediary accountability are all high-frequency regulatory issues in the securities markets of both China and the United States over the past three years.

Both Chinese and U.S. securities regulatory agencies attach great importance to cases of illegal information disclosure, and impose severe penalties. Similarly, insider trading and market manipulation have been the focus of supervision, which would seriously undermined investor confidence, affected the objectivity of securities prices, and disrupted the order of the securities market.

2. Differences

The SEC has made more comprehensive regulatory requirements for securities market entities. One of the core principles of law enforcement is to "keep pace with technological change".[4] In 2017, the SEC established a Cyber Enforcement Unit, and since 2018, the focus of enforcement in each fiscal year has included combating securities violations related to personal data and information security. The SEC remains vigilant in regulating entities and individuals, such as publicly traded companies, broker-dealers, and investment advisers, who have access to a significant amount of electronic data, ensuring that market participants disclose significant cybersecurity risks and events appropriately.

SEC is also concerned with internal compliance and corporate social responsibility. The actions taken by the SEC in the 2022 fiscal year against a certain securities company, as well as 15 other broker-dealers and 1 investment adviser, serve as examples because "they have generally and long-termly failed to retain and preserve work-related text communications on their employees' personal devices".[5] These companies paid a total of $1.235 billion in fines and committed to hiring compliance consultants to conduct a comprehensive review of policies and processes related to electronic communications on company and personal devices.

二、Institutional Changes and Compliance Suggestions

Due to national conditions, the level of capital market development, and differences in securities trading models, securities regulation cannot be simply copied, but it can still draw certain inspiration from the United States. The following will start from the impact on China and the changes it has brought about and provide compliance suggestions for listed companies and other securities market entities in China. 

（一）Stricter Regulation and Prevent Multi-Level Legal Risks

1. Stricter Penalties – Continue to Raise Awareness of Compliance

In the context of limited law enforcement resources, penalty cases should have the effect of "punishing one to warn a group." In this regard, the U.S. SEC does not pursue exhaustive investigation, and its enforcement actions and penalties have a highly concentrated feature. According to public data, the top 5% actions of financial relief (including the seizure of illegal gains and penalties) from fiscal year 2017 to fiscal year 2020 accounted for the vast majority of all cases, essentially maintaining at 70% or more each year. As for the severity of individual cases, settlement payments reaching tens or even hundreds of millions of dollars and targeted famous publicity are advantageous for enhancing the deterrent effect of securities regulation.

After the issuance of the new Securities Law, the most immediate impact of the CSRC on the market is the significant increase in the punishment. The penalty intensity of “confiscate the amount of illegal gains and ten times penalty” and the fixed fine of millions have a very significant warning effect on the relevant entities. In addition, the CSRC strengthens the integrated accountability system of administrative, criminal, and civil responsibilities through multi-party cooperation, attaches great importance to compensating investors, and transferring criminal cases. Through legislative reforms and law enforcement practices, the CSRC has woven a comprehensive and three-dimensional network of liability, with hundreds of millions of yuan civil liability for false statements and the strengthened criminal liability for a "small number of key individuals" . In this situation, the responsible entities in the securities market need to continuously enhance their compliance awareness and prevent various levels of legal liability. 

2. Broader Scope of Supervision - Comprehensively Improve Governance Capacity

Regarding the latest focus of SEC enforcement on information security, environment, and social responsibility, CSRC has implemented new regulations to further improve enforcement efficiency and enhance the breadth of enforcement.

Regarding the issue of information security and personal data, CSRC has issued and implemented the Administrative Measures for Cybersecurity and Information Security in the Securities and Futures Industry (hereinafter referred to as the Administrative Measures). Technical Indicators for Core Trading System of Securities Companies, Regulatory data collection specification for futures companies Part 1: Basic information and brokerage business, focused on network and information security. In December 2023, the Jilin Regulatory Bureau ordered one futures limited company that violated the Administrative Measures to make corrections. The futures company failed to effectively implement the network security level protection system, carry out level assessments, and establish a specific backup center.[6]

Regarding ESG disclosure, the current ESG disclosure is mainly voluntary, with mandatory disclosure for some environmentally focused enterprises and other sample enterprises as a supplement. As voluntary disclosure of ESG-related information can demonstrate the company's good performance in ESG aspects, it is beneficial for the company to build its brand image, enhance social reputation, and gain consumer trust. Therefore, as of the first half of 2022, a total of 1431 companies in the A-share market have published ESG reports. In the Guidelines for Investor Relations Management of Listed Companies implemented by CSRC in May 2022, it is stipulated that the content of communication between listed companies and investors should include the company's environmental, social, and governance (ESG) information. At the Second Sustainable Investment and Financing (ESG) and Free Trade Port Construction Forum on September 7, 2023, the Deputy Director of the Listing Department of the CSRC stated that the CSRC is currently guiding the Shanghai and Shenzhen Stock Exchanges in drafting guidelines for the disclosure of sustainable development by listed companies in response to market demand.

Data compliance and ESG are the two core elements of the new round of corporate governance reform. Faced with more comprehensive and higher quality regulatory requirements, the participants of the securities market should comprehensively improve their governance capabilities.

Firstly, The traditional corporate governance strategy that emphasizes business and revenue is no longer suitable for the environmental and social responsibilities that companies need to take on in the current stage of development. Companies should re-examine market demand and establish reasonable and feasible development goals and plans. Issuers, listed companies, securities service agencies, and other entities should enhance their comprehensive governance capabilities by hiring professional organizations to assess the risks in the process of data collection, storage, and use. They should establish a compliant organizational structure, formulate internal operating and management systems, and regularly organize staff training and self-inspections.

Secondly, ESG disclosure is the primary means for companies to demonstrate their ESG governance achievements to the public, and it is also a window for market entities to understand companies and make investment decisions. Companies should pay attention to the important role of corporate governance and information disclosure in the long-term development，and should improve the relevant capabilities. In terms of information disclosure, companies should comprehensively assess the differences between mandatory disclosure and voluntary disclosure, and reasonably set the agenda for ESG information disclosure to ensure that the disclosure is true, complete, accurate, timely, and fair.

（二）Regulatory innovation, proper application of the commitment system

In recent years, China has actively explored the localization of administrative reconciliation systems, and has developed into an administrative law enforcement system that involves commitments from the parties involved. The following will base on the characteristics of the system and its implementation to provide suggestions for the applicability of the system to various securities regulatory concerns.

1. The Implementation of the Party Commitment System

After the initial practice of the Measures on the Pilot Implementation of Administrative Reconciliation in 2015, the new Securities Law for the first time confirms the commitment system of the parties at the legal level, and then the State Council and CSRC issued supporting rules. At this point, China has officially entered a new stage of administrative reconciliation with the commitment of the parties as the core.

Recently, the first case of the implementation of the commitment system- the four major intermediary institutions in the ZJCC case have already signed an agreement on recognition of commitment with the CSRC. Meanwhile, the intermediary institutions of ZDYS announced in the civil settlement that they have applied for the application of the commitment system to the CSRC. The two cases share a high degree of similarity, with both involving false statements and applying the intermediary organization's advance compensation mechanism.

2. System Application and Compliance Suggestions

Regarding the application of the relevant legal provisions and case law, the author would like to propose the following recommendations for the parties involved in the application of this system.

First of all, the parties should fully evaluate the effectiveness of the commitment system and promptly correct suspected illegal behavior. The commitment system is conducive to reducing regulatory resistance, increasing the participation and discourse power of the parties in the investigation process. Not only can the parties concerned unify administrative investigation and civil litigation, reduce the cost of multiple risks, but also they can reduce reputational damage and consolidate investor confidence through self-correcting behavior. If the parties concerned fully fulfill the agreement on recognition of commitment, the CSRC will terminate the investigation of this matter, no longer issue administrative penalties or initiate a second investigation, and the parties concerned can avoid the impact of administrative violation record.

Secondly, the parties should actively communicate with the CSRC and negotiate an agreement on recognition of commitment. The initiation of the administrative enforcement party's commitment system needs to be actively applied for by the parties. Against the background of the accelerated speed of administrative punishment, the parties need to react quickly and submit their application and relevant materials to the CSRC as early as possible. If the application is accepted, the parties should negotiate and sign an agreement on recognition of commitment with the CSRC regarding the suspected illegal behavior.

Thirdly, the parties involved should carry out compliance rectification according to the agreement, and actively fulfill their obligations. For the parties involved, only by transforming external and passive regulatory drivers into internal and active compliance forces, can the securities compliance management system truly take effect. Therefore, the parties involved should seize the opportunity for compliance rectification, comprehensively investigate internal risks from aspects such as system design, organizational structure, and personnel arrangements. Also, they are recommended to establish a top-down corporate compliance system, and formulate effective and smooth securities compliance operation processes. After the parties complete the rectification, they should also prepare a written rectification report as required and submit it for inspection and acceptance by institutions such as CSRC.

Furthermore, the parties involved should seek professional help as soon as possible. Securities regulation investigations are relatively complex and often accompanied by multiple concurrent risks. Therefore, the author recommends that the parties involved seek timely assistance from professional lawyers. Lawyers can comprehensively assess whether the parties involved meet the application requirements for the commitment system, prepare the necessary application materials, represent the parties involved in negotiation with CSRC, formulate effective and feasible securities compliance and risk control systems.

Conclusion: On one hand, the CSRC adhere to the existing national conditions, carry out various new regulations' consultation, pilot projects, and comprehensive promotion, guarding against "incompatibility." On the other hand, in terms of enforcement efforts and response speed, the CSRC are closely following the international pace, absorbing beneficial regulatory experience from mature capital markets represented by the United States, constantly adjusting and testing the reform process, enhancing regulatory levels, and strengthening regulatory effectiveness. Against this background, all entities in the securities market need to see the determination of CSRC enforcement, guard against various risks, proactively perform compliance work beforehand, closely follow regulatory pace in the process of participation, and actively seek to minimize adverse impacts after the investigation.

[1]‘IOSCO Objectives and Principles of Securities Regulation and the IOSCO Assessment Methodology’,<https://www.iosco.org/about/?subsection=display_committee&cmtid=19&subSection1=principles> last accessed 1 February 2024

[2] It also includes Trust Indenture Act of 1939, Investment Company Act of 1940, Investment Advisers Act of 1940, Securities Investor Protection Act of 1970, Sarbanes-Oxley Act of 2002, Jumpstart Our Business Startups Act of 2012 (the "JOBS Act").

[3] ‘About the SEC’,last accessed 1 February 2024

[4] SEC, ‘Division of Enforcement 2019 Annual Report’, (2019 Nov 6th), last accessed on 1 February 2024

[5]‘SEC Announces Enforcement Results for FY22’, (2022 Nov 15) <https://www.sec.gov/news/press-release/2022-206> last accessed on 1 February 2024

[6] For details, please see Ji Zhengjian Jue [2023] 22