In-House Legal Counsel and Enterprise Risk Management
Total Page:16
File Type:pdf, Size:1020Kb
International In-house Counsel Journal Vol. 3, No. 9, Autumn 2009, 123–1410
Zhang Jianbin
Zhang Jianbin Zhang Jianbin, Zhang Jianbin, P.R.Zhang Jianbin
Abstract: No investment can be effective in the long term without proper risk management, and the outcomes of inadequate risk management turned out to be expensive. So from a certain perspective the duty of the in-house counsels is to work on risk management together with other function sectors.
Currently the Chinese telecommunications operators have begun reengineering their risk management systems for the sake of healthy growth in the process of transition following the evolution of technology and customer demands. Meanwhile, the trend of global regulatory frameworks placing higher requirements on the corporate governance and risk management also accounts for the operators’ efforts on the risk management. In this process, in-house counsels have played an important role. In this paper, the author tries to give a whole picture of current Chinese telecommunications industry, including the market, competition and regulation, upon which the author tries to show the readers a snapshot of the risk management in Chinese telecommunications operators. Further, the author will also discuss several key issues for the purpose of incorporating risk management into day to day work of the in-house counsels.
Key Words: Enterprise Risk Management Telecommunications Legal Counsel
1. Enterprise risk management and in-house counsel Risk is the threat or probability that an action or event will adversely or beneficially affect an organisation's ability to achieve its objectives1, and so risk can be positive and negative. But many people tend to consider risk more as possibility of bad things. So rrisk management is the identification, assessment, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events2.
Enterprise Risk Management (ERM) was developed in the mid-1990s, and ERM is a systematic, integrated approach to manage all risks facing an organisation3. There are more than 80 risk management frameworks reported worldwide4, including the ERM Framework by the Committee of Sponsoring Organisations of the Treadway Commission (COSO). From 2005 the Chinese telecommunications operators have begun their ERM
1 See the http://en.wikipedia.org/wiki/Risk. 2 Douglas Hubbard, "The Failure of Risk Management: Why It's Broken and How to Fix It”, John Wiley & Sons, 2009. 3 Dickinson, “Enterprise risk management: Its origins and conceptual foundation”, The Geneva Papers on Risk and Insurance, (2001) 26. 4 David L. Olson, Dasheng Dash Wu, “Enterprise Risk Management”, World Scientific Pub., 2008.
International In-house Counsel Journal ISSN 1754-0607 print/ISSN 1754-0607 online 124 Zhang Jianbin programmes. As listed companies in Hong Kong Stock Exchange and New York Stock Exchange, the operators need to raise their risk management level to follow listing rules including the US Sarbanes-Oxley Act of 2002. In 2006 the State-owned Assets Supervision and Administration Commission of State Council of China (SASAC)5 also issued the Guide On The General Risk Management For The State-owned Enterprises.
In the recent development of risk management in Chinese telecommunications operators, the in-house legal counsels have taken an active and important role, and they also need to think about how to enhance effectiveness and efficiency by incorporating the risk management into day to day work.
2. Recent development of ERM in the Chinese telecommunications operators For the Chinese telecommunications operators ERM is not only an outside requirement, but also a necessity for their own growth in the changing market. Restructuring of the industry, new technology, changing customer demands, and evolving industry regulation give rise to more uncertainties, and ERM is one of the approaches to cope with the complicated environment.
2.1 Changes and restructuring of the Chinese telecommunications industry
2.1.1 Separation and restructuring of the operators The capital-intensive nature of building a network has meant that the evolution process of telecommunications industry is from monopoly to competition. In China the Ministry of Posts and Telecommunications (MPT) has been used to run the telecommunications network in the nation-wide before 1995, when Directorate General of Telecommunications, P&T, China (China Telecom in short, and the predecessor of current China Telecom) was registered as a company. In 1994 China Unicom was established to compete with China Telecom, and in 2000 China Mobile was separated from China Telecom with the wireless service. In 2002 China Telecom was divided geographically into two companies, China Telecom with the fixed-line business in southern China, and China Netcom with the fixed-line business in northern China. In 2008 China Telecom acquired CDMA network from China Unicom, and China Unicom merged with China Netcom, and then three operators with both fixed-line and wireless license, China Telecom, China Unicom, and China Mobile, began their new round of competition in the telecommunications service market.
2.1.2 Evolution of a national telecommunications regulatory system In 1998, the Ministry of Information Industry (MII) was founded in place of MPT, which is the first independent telecommunications regulatory body established in China, and which was reorganized as the Ministry of Industry and Information Technology (MIIT) in 2008. In the end of 2001, China formally became the 143rd member of the WTO, and the commitments under The WTO Agreement On Basic Telecommunications Services have also influenced the regulatory framework of the industry in China. A set of rules has also been established during the past ten years. The regulative policies of license requirements for telecommunications services, interconnection and interconnection pricing, telephone number administration, and universal service are
5 SASAC was established in 2003, and under the authorization of the State Council of China, SASAC performs the responsibility as the investor to the state-owned assets to supervise the preservation and increment of the value of state-owned assets. Enterprise Risk Management 125 developed to reflect the situations in Chinese market, and are still in the process of developing. Meanwhile, how does newly promulgated Anti-Monopoly Law effective from August 1, 2008 influence the telecommunications market is still not clear, and it is expected that the Telecommunications Law will be released in the near future, which will undoubtedly lead to a new era.
2.1.3 Market Expansion and Changing Customer Demands Chinese telecommunications industry began the high growth when the opening-up policy was adopted by the government. The successful results can be seen in the Figure 1.1 and Table 1.1 indicates. Figure 1.1 shows growth of the number of subscribers, and Table 1.1 shows the tele-density of China and other selected countries.
Figure1.1 Number of telephone subscribers, 1975-2009 (selected years) s r e b
i 12 r 10.306 c
s 10 b
u 7.438 s 8
n
o 6 i l
l 4
i 2.294 m
2 0.443 0 0.017 0.021 0.031 0.069 0
1 0 1975 1980 1985 1990 1995 2000 2005 2009
Note: Figures for 2009 are for July of 2009. Sources: For 1975: Statistical Yearbook of China, 1981, (English edn.), Hong Kong: Economic Information & Agency, 1982; for 1980-2000: Zhongguo Tongji nianjian (China Statistical Yearbook), Beijing: zhongguo tongji chubanshe, 2005: ; for 2005: ibid, 2006, CD-ROM ver., chart 16-40; for 2009: MIIT’s telecommunications report on website: http://www.miit.gov.cn/n11293472/n11293832/n11294132/n11302706/12426281.html
Table 1.1 Number of telephone subscribers and teledensity for China and other selected nations in 1998 and 2008
Nation Total subscribers in Teledensity Total subscribers Teledensity 1998 (in millions) (subscribers per in 2008 (in (subscribers per 100 inhabitants in millions) 100 inhabitants in 1998) 2008) China 111.284 8.93 912.943 68.69 Japan 109.721 86.88 158.571 124.47 India 22.789 2.26 384.79 32.57 USA 249.059 88.61 421.437 136.53
Sources: International Telecommunications Union (ITU) website, http://www.itu.int/ITU-D/icteye/Reporting
In the early of the 21st century, wireless service and internet service play a major role in the development of telecommunications industry. Currently the total subscribers of 126 Zhang Jianbin wireless service have exceeded the subscribers of fixed-line service in China. Figure 1.2 shows the growth of the number of subscribers from 2004 to 2008. The number of mobile subscribers has outrun the number of fixed-line subscribers. Internet use has also grown at a tremendous pace. As of December of 2008, there were almost 298 million Chinese with online access6.
Figure1.2 Subscribers of fixed-line and mobile service,2004-2008, 100 million (selected years) subscribers 8 fixed-line 6 4 mobile 2 0 2004 2006 2008
(Sources:MIIT’s telecommunications report on website: http://www.miit.gov.cn/n11293472/n11293832/n11294132/n11302706/12426281.html)
Together with the expansion of the telecommunications market and the subscribers’ base, the Chinese telecommunications operators have experienced a high growth, but the saturation of the traditional market, fierce competition and changing customer demands force them to improve risk management level. Nowadays people have more choices than traditional fixed-line telephone and mobile phone, and various communications solutions make people’s life easier, some of which are provided for free of charge. That is the challenge for the telecommunications industry, and from a certain perspective ERM programme is one of the steps the operators are taking to raise management efficiency and effectiveness.
2.2 ERM in Chinese telecommunications operators Corresponding to the changing environment and the restructuring of the industry, recently there are some new developments in ERM of Chinese telecommunications operators.
2.2.1 Framework The COSO ERM framework model7 is shown as a three-dimensional cube with the following components: Objectives of enterprise risk: strategic, operation, reporting and compliance. Eight risk components: Internal environment, objective setting, event identification, risk assessment, risk response, control activities, information & communication, and monitoring. Multiple levels of the organisation: headquarters, division, business unit, and
6 Statistical Report of Chinese Internet Network Development, China Internet Network Information Centre (CNNIC), issued on January of 2009, see: http://www.cnnic.net.cn/uploadfiles/pdf/2009/1/13/92458.pdf 7 Robert R. Moller, “COSO Enterprise Risk Management: Understanding the new integrated ERM framework”, John Wiley & Sons, 2007. Enterprise Risk Management 127
subsidiary.
The Chinese operators’ frameworks are established as8: Objectives of enterprise risk: strategic, finance and account, market, operation, and legal compliance. Four risk components: risk assessment, risk response, control activities, and monitoring. Multiple levels of the organisation: headquarters, division, business unit, and subsidiary. The framework of Chinese telecommunications operators are very similar to that of COSO, except that the description of objectives has minor differences, and event identification is incorporated into risk assessment. The component of information and communication also attracted the attention of the operators, and several companies have built up an integrated risk management IT system.
2.2.2 Approaches Risk assessment includes three steps: risk identification, risk analysis, and risk prioritization. Using brainstorming sessions, nominal group techniques, management surveys, or other approaches, a first step is to identify the risks both on a subsidiary level and on an enterprise entity level. The risk analysis is taken from likelihood and significance. A simple approach is to circulate questionnaire to the participants of the first step to evaluate the likelihood and significance of each risk, and scoring ranges should be set to reflect the possibility and potential financial or legal outcome. The scores are then averaged by both factors and are plotted on a risk assessment analysis chart. The quadrants of high likelihood and high significance should receive immediate management attention. Other risk assessment techniques are also used from time to time, such as Delphi Method, Monte Carlo Simulation, Decision Tree Analysis, etc.
Based on the risk identification and risk assessment, some outstanding risks which can be fixed may occur and then some immediate responsive actions should be done to correct the risk, and some higher-risk areas may be reviewed to reduce the risk exposure. In some identified risk areas where a risk event may occur because of external factors, the factors should be monitored, and sometimes a plan need to be in place, and there is no need to activate it until the risk event does occur. For the lower-likelihood but higher- significance risks, an approach of “fire extinguisher on the wall” is effective.
Just as COSO ERM has moved the risk management function from a more traditional risk-by-risk approach to a perspective that covers the entire enterprise on a continuous monitoring approach9, the ERM in Chinese operators is also dedicated to incorporating ERM into enterprise culture. The risk management function is not run by a small group of people, and it is allocated to all units and levels. The operators should develop some risk management policies and standards that are followed by units in the enterprise under a consistent strategy.
3. In-house legal counsel in the Chinese operators’ ERM framework
8 Different operators may have different framework, and in this article the framework is just a general introduction. 9 Robert, R. Moeller, “COSO Enterprise Risk Management: Understanding the new integrated ERM Framework”, John Wiley & Sons, 2007. 128 Zhang Jianbin
3.1 Role of in-house legal counsel in the ERM There are many types of risks that can affect a business (or an organisation for that matter), and a systematic approach to risk can lead to more rational organisational management. For the Chinese telecommunications operators, the risks are defined as five types: strategic, finance and account, market, operation, and legal compliance. For the in- house legal counsels in these operators, it is essential to take approaches managing the legal risks, for which the legal counsels will spend time to identify and assess the risks in the strategic, financial and accounting, marketing and operational fields. So during risk identification and risk assessment, the in-house legal counsels need to work jointly with other teams.
Whether a relatively small company or a multi-division, multi-country type of enterprise, any risk management function will follow the same general ERM standards and guidelines, under which specific policies should be developed to respond to the risks. For the purpose of legal compliance, the in-house legal counsels should develop guidelines to both specific risks and regulatory requirements, and generally these guidelines need to be push down to the lines of business for execution. But if the risks are closely inter-related and high penalty follow the compliance issues, the in-house legal counsels need to be more aggressive and take the central position for the risk management, in case that the fault of one business unit place the whole company at risk.
The in-house legal counsels should periodically perform an overall assessment of all legal risks impacting the business operation, and report to the general counsel on the status of these risks and actions to control them. Meanwhile, a constant review and evaluation to ensure that enterprise legal risk issues within the organisation are being appropriately evaluated, investigated and resolved is also necessary.
3.2 Execution of risk management programme in day-to-day work of legal department For the execution of risk control, standards, guidelines, specific policies, and procedures need to be implemented in day-to-day operation of the enterprise. For the effective management of the legal risks, communications, training, preventative actions, and cooperation with law firms should not be neglected.
3.2.1 Communications Strong communication procedures are essential for an effective ERM function. An open-door policy is effective to encourage the persons from different departments to talk with the in-house legal counsels about the problems and ideas they have, which helps the counsels to identify the risk as early as possible. For the specific issues with high possibility and significance, early consultancy of the in-house legal counsel is safer in most cases. Group information flow among in-house legal counsels is also very important. A monthly teleconference and an in-house sharing website could easily help the in-house legal counsels to smooth the group communication. When in-house counsels from different units and subsidiaries in different locations come to the teleconference on a regular basis, and share their views and concerns on the website from time to time, they come to know each other as well as the work going on in the different subsidiaries.
3.2.2 Training Training needs to be done at two levels. One is the continuing training of the corporate risk management procedures and requirements, and especially when the Enterprise Risk Management 129 procedures and requirements are updated according to the changing situations, and when there is new recruitment. Actually for some companies continuing training of the risk management has become a part of the execution. The other is the continuing education of the in-house legal counsels. As professionals, the in-house legal counsels need to be trained to keep up with the new development of the legal and compliance requirement. Continuing Legal Education (CLE) programme organized by in-house counsels’ association, enterprises internal CLE programme, and periodical workshop with the law firms are all valuable.
3.2.3 Preventative actions The best reaction to the risk is to take preventative measures before the risk becomes a real problem. Preventative action is also one of the components of the risk control policy. In most cases R&D programme within the legal department of large companies also takes the responsibility of preventative research, which helps the legal counsels to track the commercial practices of the company, the new development of industry regulation and legal environment, and to identify, assess, and control the related risks.
3.2.4 Cooperation with law firms On specific issues and risks, in-house counsels could rely on the resources of the law firms, and such cooperation is also valuable both for the in-house counsels to keep tracking of the domestic and overseas legal service market, and for the outside counsels to get more information of the industry and commercial operation.
4. New opportunities and challenges 4.1 Transformation of the industry Sir Karl Popper, one of the greatest philosophers of the 20th century, once said: “The future is uncertain—otherwise we would surely know it.” In view of the telecommunications industry characterized as innovation and new technologies, it is very hard to predict what is the future of the industry. But planning for the future is a matter of survival for every company, and people always try to find clues of tomorrow in today’s life.
Tomorrow we will be linked with internet and thus always accessible via phone call, email, SMS, or video. The previously separated technology may come to merging, and fixed network and mobile network, telecom and information technology, all kinds of devices and terminals, and even the operators and other service providers, will move toward one another. Telecommunications industry may collaborate with information technology and media industries, and then the collaboration between content, devices, technologies and systems will provide clients with new value. The operators may move from the world in which they live today to a world in which they are able to provide differentiation with value.
The changes of the industry and operators will not happen without new strategies and plans and execution of the strategies and plans. During the transformation, the in-house counsels will face more difficulties to ensure that the legal risk management programme keeps up with the pace of the new business models. Meanwhile exploration of new business models will also bring an opportunity for the in-house counsels to add the value of legal risk management.
130 Zhang Jianbin
4.2 Globalization and localization Recent financial crisis may be regarded as a strong beat to the globalization, but the globalization could not be stopped. More and more companies run as multinational companies, and the others relate to each other globally by market and supplying. Although most of nations have their own license requirement to the operators, there are still more and more operators who like to provide one-stop communication solution to the customers, in view of the existence of lots of multi-national companies and more and more individuals’ cross-border movement in different countries and regions.
As opposed to the global expansion of the operators, fragmentation and entry in local communications forces the operators to run locally. Meanwhile, as what the operators provide to the customers is service, they have to run locally to adapt to the appetite and preference of the local people. In this process, the legal risk management of the operators also needs to be further developed.
Biography: Mr. Zhang Jianbin, is head of legal department of China Telecom Corporation Limited. He joined in China Telecom in 1998, and before that he worked in the Ministry of Posts and Telecommunications of People’s Republic of China. He has nearly twenty years of experiences in telecommunications industry, and concurrently serves as an arbitrator of China International Economic and Trade Arbitration Commission (the “CIETAC”), and a councillor of China Intellectual Property Society (the “CIPS”). He also worked in a panel of experts during the revision of the Chinese Company Law. Mr. Zhang holds bachelor of law degree, master of law degree and EMBA degree of Peking University, China.
Organisation: China Telecom Corporation Limited is a full services integrated operator and the world's largest wireline telecommunications and broadband services provider, providing telecommunications and information services including wireline voice, mobile voice, data, video and multimedia in the PRC. As of the end of 2008, the Company has wireline access lines in service of 208 million, broadband subscribers of over 44 million and mobile subscribers of about 28 million. The Company's H shares and American Depositary Shares ("ADS") are listed on The Stock Exchange of Hong Kong Limited and the New York Stock Exchange, respectively.