The Securities and Exchange Commission turned up the pressure on auditors in China when it recently initiated enforcement proceedings against the Chinese affiliates of the Big Four accounting firms and BDO. On December 3, 2012, the Commission filed an administrative action alleging that each firmDeloitte Touche Tohmatsu CPA Ltd., Ernst & Young Hua Ming LLP, KPMG Huazhen, PricewaterhouseCoopers Zhong Tian CPAs Ltd., and BDO China Dahua Co. Ltd.violated Sarbanes-Oxley and the Securities Exchange Act by failing to provide the Commission copies of audit workpapers.
The case is the latest step in an ongoing dispute between U.S. regulators and the auditors of Chinese companies trading on U.S. markets.
While Sarbanes-Oxley requires foreign accounting firms to provide audit workpapers to the SEC and the Public Company Accounting Oversight Board (PCAOB) on demand, this requirement has not been generally followed in China, where a number of civil and criminal laws restrict the transmission of information that could harm the national or economic interests of the country. The current SEC disputewhich could lead to five of the largest audit firms in China being barred from providing public accounting for companies listed on U.S. exchangescould have a significant impact on corporations with large operations in China.
An Uneasy Relationship Between Regulators
Beginning in 1994, the SEC entered into a series of agreements with the China Securities Regulatory Commission (CSRC) in anticipation of China joining the global financial community. These agreements sought to create an enhanced relationship between the regulators with the stated goal of building and maintaining open, fair, efficient, and sound securities markets. None of these agreements creates a direct obligation for the regulators to produce documents to each other, however, and each provides that assistance may be denied if a request would violate domestic law.
In September 2011, the public was given a window into the difficulties the SEC has faced in obtaining documents in China when the Commission filed a subpoena enforcement action against Deloitte Touche Tohmatsu CPA Ltd. (DTTC). The SEC sought the workpapers for the audit of Longtop Financial Technologies Limited, a Chinese company whose securities were then traded on the NYSE.
In opposing the SECs application, DTTC argued, inter alia, that if it produced Longtops workpapers directly to the SEC, China regulators would be authorized to dissolve the firm entirely and to seek prison sentences up to life in prison for any DTTC partners and employees who participated in the violation. To support its position, DTTC provided the court with a letter from the CSRC directing the auditing firm to comply with the States Secrets and Archives laws in China and stating that the SEC should work with the CSRC to find a solution.
The case was stayed this past summer to allow the SEC to seek a larger diplomatic resolution with Chinese authorities regarding the exchange of documents. Following months of diplomatic meetings, the regulators reached an impasse due in part to the CSRCs insistence that, if documents were produced, the SEC would be precluded from using them in any legal action without the CSRCs advance written authorization. The SEC moved to lift the stay, and DTTC argued in court filings the stay should be maintained until the conclusion of the related administrative proceeding against the auditing firms. The court heard argument on this issue on January 21, 2013. No decision has been made.
At the heart of the dispute between the SEC and auditors in China are a number of Chinese laws that provide potentially serious penalties for transmitting protected information overseas. Understanding these laws, and the sanctions for violating them, is important to understanding the challenges Chinese accounting firms face when trying to comply with U.S. regulatory requirements.
State Secrets Law
Originally enacted in 1989 and amended in 2010, Chinas State Secrets Law prohibits the transfer of information relating to Chinas national security and interests outside of Chinas borders without the approval of relevant Chinese authorities. While many nations prohibit the disclosure of their state secrets, Chinas law is remarkable for the sheer breadth of information it potentially covers. Article 9 of the law defines state secrets as matters affecting [Chinas] national security or interests, and whose disclosure may harm Chinas political, economic, security, diplomatic, or other interests, including information relating to national economic and social development, scientific or technical secrets, or other information so classified by the State Secrets Protection Administration.
The most well-known example of the enforcement of the State Secrets Law is that of American geologist Xue Feng. A native of China, Xue became a naturalized U.S. citizen and returned to China as an employee of a U.S. petroleum industry research firm. In 2005, Xue obtained publicly available information on Chinas oil reserves and sent it to his employer in the U.S. Two years later, the Chinese government held that his transmitting that information violated the State Secrets Law and sentenced him to an eight-year prison term (which he is now serving).
Given the dominant role played by state-owned enterprises in numerous sectors of Chinas economy, the quantity of information potentially classified as state secrets is vast. The Xue Feng case highlights that information that would be viewed as market research in many other jurisdictions has the potential to be classified as national secrets in China.
The definition of national security is equally broad. For example, matters that may affect Chinas healthcare system are viewed as affecting national security. In its litigation with the SEC, DTTC filed a declaration from a professor at Qinghua University opining that because DTTCs audit clienta financial services companyworked for three of the four largest state-owned commercial banks and two large insurance companies, it is very likely that state secrets . . . are included in DTTCs workpapers.
Though less well known than the State Secrets Law, Chinas Archives Law also has the potential to impose broad restrictions on the transfer of information outside the countrys borders. The law defines archives as records and writings by government entities, social entities, or individuals whose preservation is of value to the state and society. The scope of the Archives Law has been expanded through its implementing regulations that require an enterprise, including private companies, to retain all documents and materials in connection with its operation and management and have a department in charge of their documents and files. The regulations do not specify, however, which documents must be retained or the length of the retention period.
The Archives Law limits the sale and transfer of archives in several ways. Article 24, Section 2 prohibits the provision, copying, or publication of state-owned archives without authorization; Section 4 bans the unauthorized transfer or sale of state-owned archives or archives which are of value to the state; and Section 5 of Article 24 prohibits the sale or transfer of archives to foreigners. Additionally, Regulation 29invoked in the DTTC caserequires Chinese government agencies to approve any disclosure of state secrets or any archives that involve national security or vital interests of the State. Regulation 29 contains additional limits on the transfer of archives, requiring that:
"Any archives, including workpapers, which are created in mainland China by the securities company and securities service institution providing relevant securities service in the course of any overseas issuance and listing of the securities, shall be stored in mainland China."
Finally, Regulation 29 imposes limitations on the ability of overseas regulators and securities service companies to inspect Chinese-listed companies, requiring approval from the relevant Chinese government agencies for on-site inspections.
Trade Secrets and Personal Privacy
Two other potential barriers to transfer of data outside China are the countrys trade secret regulations and privacy regulations. Under Chinas laws regulating public accountants, accountants are required to keep their clients trade secrets confidential. In fact, Chinas Criminal Law outlaws disclosure of trade secrets in violation of a duty of confidentiality. Similarly, although Chinas civil privacy regulations are not yet fully developed, Chinas Tort Law lists privacy rights as one of the rights protected, and Chinas Criminal Law makes it a crime to provide citizens personal information obtained during the course of performing duties or providing services.
An Unclear Path Forward
By initiating administrative proceedings to bar five of the top accounting firms in China from conducting public accounting for U.S.-listed companies, the SEC has shown it remains determined to force Chinese auditors to comply with U.S. regulatory standardsor pay a price.
That price would be a bar from appearing before the Commission, a result that would lead scores of China-based companies trading on U.S. exchanges to have to find new auditors to certify their financial statements. This potential penalty would be severe, but given the significant civil and criminal laws affecting the transfer of information in China, it seems unlikely Chinese auditing firms will soon change their stance on providing workpapers to U.S. regulators. A diplomatic resolution between the CSRC and the SEC is in order. Short of that, turbulent times may follow for Chinese companies wanting to maintain their listings on U.S. exchanges.
Terence Healy is a partner in Reed Smiths securities enforcement and litigation group in the firms Washington, D.C., office. His practice focuses on matters related to SEC enforcement, internal investigations, regulatory compliance, and complex litigation. He can be reached at firstname.lastname@example.org. John Tan is a member of Reed Smiths global regulatory enforcement group. Based in the firms Shanghai office, John focuses his practice on internal investigations, corporate compliance, and dispute resolution. He can be reached at email@example.com. Jennifer Achilles is a senior associate in Reed Smiths global regulatory enforcement group in the New York office. Her practice is devoted to securities and regulatory matters, white-collar cases, and internal investigations. She can be reached at firstname.lastname@example.org.