Home / Publications / JunHe Legal Updates / details of junhe law review

ESG Special Topic Series (XV) - The Enhancement of Compliance Management Systems in ESG Practice

2022.09.23 George Zhu, Carey Ni, Fran Cui and Zhilian Huang

In recent years, the government has attached great importance to the compliance management of enterprises. It has issued instructions for enterprises to strengthen their compliance management systems and operate in a legal manner. This is to enhance their competitiveness through compliance with the latest laws and regulations. In April this year, the State-owned Assets Supervision and Administration Commission in the People’s Government of Guangdong Province (Guangdong SASAC) issued an action plan for provincial enterprises to comply with international standard compliance management system ISO 37301:2021 (ISO 37301) to have all provincial enterprises pass ISO 37301 standard certification, build compliance systems and develop a compliance culture. This program may be subsequently promoted to other provinces. With an increasing emphasis on the development of enterprises (including foreign-invested enterprises) from a regulatory perspective, enterprise compliance management has become a hot issue. Compliance management is also an important part of ESG performance to measure the sustainability of an enterprise’s development. This article aims to explore the relationship between compliance management systems, ESG management systems and ISO 37301 standard certification and provide suggestions for enterprises, their investors and managers.


I. Compliance management is an essential part of ESG management.


In 2018, the State-owned Assets Supervision and Administration Commission of the State Council (SASAC) and other national departments issued the Guidelines for Centrally Administered Enterprises on Compliance Management (for Trial Implementation) and Guidelines for Enterprises on the Compliance Management of Overseas Operations. In 2021, “compliance” was emphasized in the Outline of the 14th Five-Year Plan (2021-2025) for National Economic and Social Developmentand Long-Range Objectives for 2035. Compliance management for enterprises is crucial to an enterprise’s development. Drawing from the standards first introduced by the International Organization for Standardization (ISO), China has launched several universal standards for compliance management systems in fields such as the environment, production safety, anti-bribery, automobiles, communication, and aerospace. However, compliance management requires the attention of enterprises and institutions across all industries. As an important dimension for measuring a company’s sustainable development in terms of their ESG performance, enterprise compliance is an integral part of establishing sound ESG management systems. The Guidelines for Enterprise ESG Disclosure (T/CERDS 2-2022) was the first domestic standard for corporate ESG disclosure, and it officially came into force on June 1, 2022 (the Guidelines). It points out that  corporate governance mechanisms include supervision, compliance management and risk management, which are compatible with corporate compliance management.


II. The establishment of compliance management and ESG management systems shall follow scientific risk identification and control procedures


In general, the corporate governance dimension of ESG requires enterprises to identify and manage their compliance risks, which requires enterprises to identify these risks based on departmental duties, position duties and different types of organizational activities. They should define their compliance risk status according to each compliance risk source and develop lists of compliance risk sources and their compliance risk status. The ISO 37301 standard and other risk management standards and assessment techniques (for example, the Risk Management Standard (ISO 31000) and the Risk Assessment Techniques for Risk Management (IEC 31010)) can be used as a base for the identification of systematic risks in their ESG management systems. Considering that both compliance management and ESG management requires systematic risk identification and control, a compliance management system should be integrated into the establishment of an ESG management system. The ISO 37301 standard and certain risk management standards and assessment techniques are suitable to be integrated into the establishment of ESG management systems. It should be noted that the ISO 37301 standard is not simply aimed at passing the certification (certification is an endorsement while the results are often empirical) but should be based on a deep understanding of ESG concepts and practices and compliance factors to shape a better ESG management system, as a well-established ESG management system can effectively prevent and reduce systemic risks.


III. Our Suggestions


For investors and managers of enterprises, we suggest:


1. Scientifically Designed Paths.  Employ staff to study the relationship between compliance management and ESG management systems; track compliance and ESG related laws, regulations, rules and international and domestic standards, scientific methodology, materiality issues of compliance management systems and ESG management systems according to their unique characteristics, and allocate resources to undertake compliance management and/or ESG management promotion. And then set a preliminary plan to improve compliance management and/or ESG management systems as a whole or in gradual stages based on the actual situation (for example, deal with individual materiality issues or key areas first).


2. Adopting Standards.  When building or upgrading compliance management and ESG management systems, (whether ISO 37301 standard certification has been carried out or not), we may consider using ISO 37301 standard and certain risk management standards and assessment techniques as a methodological basis to build a scientific and comprehensive compliance management system and provide adequate counseling. This will not only improve the scientific nature of the systems, but also avoid re-counseling when considering ISO 37301 standard certification in the future.


3. Two Systems Combined.  If an enterprise decides to build or improve its compliance management system or requires ISO 37301 standard certification counseling, it should take into consideration the requirements of their ESG management system (especially the methodology of identifying materiality issues and stakeholders, the localized supervision requirements corresponding to the identified materiality issues and the mainstream ESG rating requirements), so as to save resources and time if an enterprise  needs to build an ESG management system in the future.


Please contact us by email: ecoenvpro@junhe.com if you would like to know more about  establishing or improving compliance management systems or ESG management systems. We can also assist in ISO 37301 standard certification and ESG management system counseling including drafting or auditing relevant rules and regulations, conducting due diligence and staff training. 


JunHe’s EHS and ESG Team: JunHe, with over 1000 professionals, is one of China’s largest full-service law firms with a stellar international reputation for providing high quality legal services. As one of the pioneers in the practice area of ESG in China and with one of the largest teams of environment, health and safety (EHS) lawyers in the country, JunHe provides clients with a full range of EHS and ESG legal services. JunHe is sustainability-oriented and provides EHS compliance audit services to enterprises with different industrial backgrounds depending on the specific needs of the clients, either independently or in collaboration with third-party agencies. JunHe relies on different legal and professional compliance teams (including ESG, EHS, antitrust, labor and employment, intellectual property, trade and data, finance and tax, business, criminal compliance and other professional teams related to ESG) to provide ESG due diligence services in supply chain management and M&A matters and cooperates with enterprises and third-party agencies in drafting ESG reports. Based on our experience in serving clients from different industrial backgrounds, we can provide specialized services for the daily operations of enterprises. This includes specialized ESG-related legal and compliance diagnosis, as well as drafting and reviewing ESG-related terms and clauses in contracts with business partners, construction and enhancement of ESG systems, identification of ESG disclosure requirements, green finance, and ESG training.

JunHe is the only Chinese law firm to be admitted as a member of Lex Mundi and Multilaw, two international networks of independent law firms. JunHe and selected top law firms in major European and Asian jurisdictions are “best friends.” Through these connections, we provide high quality legal services to clients doing business throughout the world.