We use cookies to distinguish you from other users and to provide you with a better experience on our websites. Close this message to accept cookies or find out how to manage your cookie settings.
Published online by Cambridge University Press: 20 January 2017
Risk management and oversight have long been recognized as core corporate governance issues and have gained renewed attention in the wake of the financial crisis. Recent corporate governance reforms in China follow these global trends. This article is the first to examine the intersections between corporate governance and risk regulation in China from a comparative perspective. It surveys corporate governance tools that have been adopted by Chinese regulators and firms to motivate effective risk oversight and risk management across the corporate enterprise, focusing on China's regulation of internal controls and risk management systems. These internal mechanisms are particularly important given the widely recognized limits of external monitoring and enforcement mechanisms in China.
This article observes that recent guidelines on enterprise risk management (ERM) and internal controls reflect international corporate governance standards and that China adopts a broad perspective on risk oversight that extends to both financial and non-financial risks. China's adoption of international models offers a new opportunity to reexamine longstanding debates on the potential for global corporate governance convergence. This article argues that China has adopted a regulatory approach to internal risk oversight and management that is consistent with its historical law reform trajectory, the reality of China's state-dominated equity markets, and the continued influence of the state on firm management. Its conclusions support the literature on the path dependency of corporate governance systems and prior comparative studies of corporate governance in China that find convergence of form but divergence of function.
1 van Daelen, Marijn, “Risk Management from an Accounting Perspective,” in van Daelen, Marjin and Van der Elst, Christoph (eds.), Risk Management and Corporate Governance: Intersections in Law, Accounting & Tax (Cheltenham, UK: Edward Elgar, 2010), pp. 56 et seq., at p.79.CrossRefGoogle Scholar The International Standards Organization (ISO) has defined risk simply as the “effect of uncertainty on an organization's objectives.” See Marijn van Daelen and Arco van de Ven, “Introducing Risk Management,” in van Daelen et al. Risk Management, id. pp. 1 et sqq. at p. 4. For an approach to defining and mapping firm-level risks, see, e.g. Shenkir, William G., Barton, Thomas L. and Walker, Paul L., “Enterprise Risk Management: Lessons from the Field,” in Fraser, John and Simkins, Betty J., eds. Enterprise Risk Management (Hoboken, NJ: John Wiley & Sons, 2010), pp. 441 et sqq., at pp. 441–448Google Scholar
2 Krivogorsky, Victoria and Dick, Wolfgang, “New Corporate Governance Rules and Practices” in Krivogorsky, Victoria (ed.), Law, Corporate Governance and Accounting: European Perspectives (London: Routledge, 2011), pp. 33 et sqq., at pp. 37–38 (surveying variations across jurisdictions).Google Scholar
3 Organisation for Economic Cooperation and Development, Principles of Corporate Governance (2004), at Preamble, p. 11.
4 Report of the Committee on the Financial Aspects of Corporate Governance (The Cadbury Report) (1992), at ¶2.5, available on the Internet at <http://www.ecgi.org/codes/documents/cadbury.pdf> (last accessed on 23 November 2012).
5 Commission Green Paper on the EU Corporate Governance Framework, COM (2011) 164, at p. 2.
6 “Symposium on the Financial Crisis in the EU,” 3 EJRR (2011); Commission Staff Working Document: Corporate Governance in Financial Institutions: Lessons to be drawn from the current financial crisis, best practices, COM (2010) 284. See also EC Corporate Governance Green Paper, supra note 5; Kern Alexander, Dhumale, Rahul and Eatwell, John, Global Governance of Financial Systems: The International Regulation of Systemic Risk (Oxford: Oxford Univ. Press, 2006).Google Scholar
7 EC Corporate Governance Green Paper, id., pp. 2–4.
8 See, e.g. Lucian Arye Bebchuk and Mark Roe, “A Theory of Path Dependence in Corporate Ownership and Governance”, in Gordon, Jeffrey N. & Roe, Mark R., Convergence and Persistence in Corporate Governance (Cambridge: Cambridge Univ. Press, 2004), pp. 74–77 CrossRefGoogle Scholar. As discussed in Part III, infra, concentrated ownership in China is more a function of the dominance of state ownership and control than in most European jurisdictions, while concentration of ownership in much of continental Europe arises more often from large blockholdings by families, banks, and affiliated entities. Id. at 76–77; Kraakman, Reinier, Davies, Paul and Hansmann, Henry, The Anatomy of Corporate Law: A Comparative and Functional Approach (Oxford: Oxford Univ. Press, 2009), pp. 29–32 Google Scholar. See also OECD, Corporate Governance of State-Owned Enterprises: A Survey of OECD Countries (2005), at pp. 24–36, available on the Internet at <http://www.oecdbookshop.org/oecd/display.asp?lang=EN&sf1=identifiers&st1=262005021e1> (comparing the role of the state in OECD member economies along various measures) (last accessed on 23 November 2012).
9 Bebchuk and Roe, “A Theory of Path Dependence in Corporate Ownership and Governance,” supra note 8, at p. 73; Kraakman, et al., The Anatomy of Corporate Law, supra note 8, at p. 29.
10 Because of its utility in incentivizing management, executive compensation is another tool that has been linked to risk management. See, e.g. DoddFrank Wall Street Reform and Consumer Protection Act of 2010, Pub. L. No. 111–203, 124 Stat. 1376 (2010) § 953 (requiring executive compensation disclosures); Securities and Exchange Commission (SEC), Proxy Disclosure Enhancements, 74 Fed. Reg. 68,334 (Dec. 23, 2009, amended Feb. 23, 2010) (mandating disclosure of compensation policies and practices as they relate to risk management). However, a complete treatment of evolving executive compensation regimes and their connection to risk in China and in Europe is beyond the scope of this article.
11 See, e.g. supra note 6; Sweeting, Paul, Financial Enterprise Risk Management (Cambridge: Cambridge Univ. Press, 2011)CrossRefGoogle Scholar; Brumer, Chris, Soft Law and the Global Financial System: Rule-Making in the Twenty-First Century (Cambridge: Cambridge Univ. Press, 2012).Google Scholar
12 See, e.g. Shi, Chenxia, Political Determinants of Corporate Governance in China (London: Routledge, 2012), pp.143–153 Google Scholar (discussing enforcement limits under Chinese corporate and securities laws). See generally Chen, Jianfu et al. eds., Implementation of Law in the People's Republic of China, (Leiden: Martinus Nijhoff, 2000)Google Scholar; Zhang, Zhong, “Legal Deterrence: the Foundation of Corporate Governance,” 15 Corporate Governance (2007), pp. 741 et sqq.CrossRefGoogle Scholar; Chen, Jianfu, Chinese Law: Context and Transformation (Leiden: Martinus Nijhoff, 2008), pp. 653–690 Google Scholar; Clarke, Donald C., “Law Without Order in Chinese Corporate Governance Institutions,” 30 Northwestern Journal of International Law and Business (2010), pp. 131 et sqq.Google Scholar
13 Several excellent comprehensive volumes on Chinese corporate governance have been published in recent years, but none address the role of risk oversight and risk management in corporate governance. See, e.g. Xi, Chao, Corporate Governance and Legal Reform in China (London: Wildy, Simmonds and Hill, 2009)Google Scholar; Shi, Political Determinants, supra note 12.
14 Jamil Anderlini, “China Investment in Europe Triples,” Financial Times (online), 6 June 2012.
15 Shi, Political Determinants, supra note 12, pp. 38–124; Xi, Corporate Governance, supra note, at 13, pp. 38–42, 220–224.
16 This is not to say that risk regulation in Europe is entirely disclosurebased. For example, as described in Part II, fiduciary duties play a role in mandating risk oversight in E.U. member states. Substantive regulations that require firms to internalize the risk of harms to third-party stakeholders, and rules governing risk monitoring in insurance and banking industries and other financial institutions are an important part of the framework of risk regulation in these jurisdictions as well.
17 On this history, see generally Shi, Political Determinants, supra note 12.
18 See Easterbrook, Frank H. and Fischel, Daniel R., The Economic Structure of Corporate Law (London: Harvard Univ. Press, 1991), at pp. 99–100 Google Scholar (“Managers especially want to avoid risk because they cannot diversify the value of their human capital. Shareholders, however, readily diversify through capital markets.”). These concerns are most salient in economies with widely dispersed shareholders, such as the United States, where firm governance is characterized by a separation of ownership and control. However, even where concentrated ownership is the norm, as in both Europe and China, aligning the objectives of parent and subsidiary entities within complex organizational structures can raise similar principal-agent challenges. Kraakman, et al., The Anatomy of Corporate Law, supra note 8, pp. 35–45 (discussing the three core agency problems of the firm).
19 Jr.Coffee, John C., “Shareholders versus Managers: The Strain in the Corporate Web,” 85 Michigan Law Review, pp. 15 et sqq.Google Scholar (advancing the managerial risk aversion model); Easterbrook & Fischel, Economic Structure, supra note 18, at pp. 99–100.
20 For example, the fiduciary risk oversight duties described below potentially give rise to personal liability of directors and officers for breach that result in substantial harm to the firm or third parties. Such rules effectively shift some of the risk associated with corporate decision-making from the firm and third parties to directors and officers.
21 Easterbrook & Fischel, Economic Structure, supra note 18, at 99–100; Ross, Stephen A., Westerfield, Randolph W., and Jaffe, Jeffrey, Corporate Finance (New York: McGraw-Hill Irwin, 9th ed. 2010), at pp. 347–348.Google Scholar
22 Such risks are also described as undiversifiable risks. Id.
23 EC, “Corporate Governance in Financial Institutions,” supra note 6, at p. 17.
24 Hawley, James P. and Williams, Andrew T., The Rise of Fiduciary Capitalism (Philadelphia, PA: Univ. Penn. Press, 2000), at p. 3 Google Scholar (defining “universal owners”). Examples of such costs include the cost of environmental harms, corruption, and anti-competitive behavior. See id. at pp. 4–5.
25 EC Corporate Governance Green Paper, supra note 5, at p. 10.
26 See section 2, infra.
27 EC Corporate Governance Green Paper, supra note 5, at p. 10. See also EC, “Corporate Governance in Financial Institutions,” supra note 6, at p. 17.
28 See, e.g. Beasley, Mark S. and Frigo, Mark L., “ERM and its Role in Strategic Planning and Strategy Execution,” in Fraser, John and Simkins, Betty J., eds. Enterprise Risk Management (Hoboken, NJ: John Wiley & Sons, 2010), at pp. 31–50 Google Scholar; Ho, Virginia Harper, “‘Enlightened Shareholder Value’: Corporate Governance Beyond the Shareholder-Stakeholder Divide,” 36 Journal of Corporation Law (2010), pp. 61 et sqq., at pp. 82–86.Google Scholar
29 Council Directive 2006/46/EC Amending Directives on the Annual Accounts and Consolidated Accounts of Certain Companies, OJ 2006 L 224/1 (Amendment to Accounting Directive), at Art. 1, par. 7 (adding Art. 46(a) in Directive 78/660/EEC relating to corporate governance codes); EC Corporate Governance Green Paper, supra note 5, at p. 2.
30 See <http://www.unglobalcompact.org> (last accessed on 23 November 2012).
31 For example, Section 7(2) of the United Kingdom's Anti-Bribery Act, c. 23 (2010), provides a defense to liability if the defendant firm can show that it had established “adequate procedures designed to prevent persons associated with [the organisation] from undertaking such conduct.” Internal reporting and compliance systems are required under the U.S. Foreign Corrupt Practices Act of 1977, 15 U.S.C. § 78dd-1, et seq., and can justify a penalty reduction under the U.S. federal criminal organizational sentencing guidelines. See United States Sentencing Commission, Guidelines Manual (Nov. 2011), at §3E1.1 available on the Internet at <http://www.ussc.gov/Guidelines/2011_Guidelines/index.cfm> (last accessed on 29 October 2012).
32 EC Corporate Governance Green Paper, supra note 5, at pp. 3–5; OECD Principles of Corporate Governance (2004), at VI(D)(7). The German Stock Corporation Act gives the supervisory board direct oversight over the firm's auditor and over management board functions, including oversight of circumstances that may materially impact the company. Stock Corporation Act [Aktiengesetz (AktG)] (1965), as amended (9 Dec. 2010), §§ 90, 111.
33 EC Corporate Governance Green Paper, id., at p. 10. In dualboard systems, risk management falls within the purview of the management board; monitoring and oversight functions are exercised by the supervisory board. German Stock Corporation Act, id. at §§ 90 (reports to supervisory board), 91(2) (requiring monitoring of potential threats to the company), 93 (general duties). Similar rules apply in the United States, as articulated most clearly in In re Caremark Int'l Inc. Deriv. Litig., 698 A.2d 959 (Del. Ch. 1996). See also Stone v. Ritter, 911 A.2d 362 (Del.2006); In re Citigroup Inc. S'holder Deriv. Litig., 964 A.2d 106 (Del. Ch. 2009).
34 In Germany, these duties apply equally to the management and supervisory boards. See, e.g. German Stock Corporation Act, supra note 32, at §§ 93, 116.
35 See, e.g. UK Companies Act (2006), at c. 46, § 172.
36 Mark Beasley, Bruce Branson, and Bonnie Hancock, “Enterprise Risk Oversight: A Global Analysis,” (AICPA, Sept. 2010), at p. 4, available on the Internet at <http://www.ucop.edu/riskmgt/erm/documents/aicpa_cima_ermrpt.pdf> (last accessed on 29 October 2012). See also Council Directive 2006/43/EC on statutory audits of annual accounts and consolidated accounts, OJ 2006 L 157/87, at Art. 41, par. 2, sub. a and b (requiring public-interest entities to establish audit committees to monitor financial reporting processes, internal controls, and risk management systems).
37 To be sure, fiduciary duties are backed by threat of personal liability for individual directors, supervisors, and officers, but liability is rarely imposed. See Mantysaari, Petri, Comparative Corporate Governance: Shareholders as Rule-Maker (Berlin: Springer, 2005), at p. 413 Google Scholar (noting the rarity of enforcement of fiduciary duties against German management board members). In the United States as well, a breach of oversight duty claim is “possibly the most difficult theory in corporation law upon which a plaintiff might hope to win a judgment.” Caremark, supra note 33, at 967.
38 The IFRS do not themselves require implementation of internal controls or assurance systems, but compliance with the “fair presentation” standard of IAS 1 requires a reporting entity to adopt some form of internal financial reporting system. International Accounting Standard (IAS) 1, par. 15 (2010). See also IAS 1, par. 125 (requiring disclosure of future assumptions and uncertainty with potential material effect on financial reports). Audit and accounting regulations, infra note 40, make such obligations explicit.
39 Hertig, Gérard, “Convergence of Substantive Law and Convergence of Enforcement: A Comparison,” in Gordon, Jeffrey and Roe, Mark (eds.), Convergence and Persistence in Corporate Governance (London: Cambridge Univ. Press, 2004), pp. 328 et sqq., at pp. 333–336.CrossRefGoogle Scholar
40 Council Directive 2004/109/EC on the harmonization of transparency requirements (Transparency Directive), OJ 2004 L390/38, at Art. 4, par. 2(c) (contents of the annual report, requiring a description of the company's principal risks and uncertainties); Amendment to Accounting Directive, supra note 29, at Art. 1, par. 6 (amending Art. 43 of Directive 78/660/EEC), Art. 2 par. 1–2 (amending Arts. 34 & 36, Directive 83/349/EEC); OECD Principles, supra note 32, at V. As amended by the Amendment to Accounting Directive in 2006, id., the EC Fourth Directive on Annual Accounts requires annual reports to contain appropriate non-financial performance indicators and to discuss the company's financial risk management objectives and financial risk exposure, Fourth Council Directive 78/660/EEC, 1978 OJ L222, at Art. 46, par. 1–2. New Art. 46a(1)(c) of the EC Fourth Council Directive requires a “description of the main features of the company's internal control and risk management systems” as relates to financial reporting, Id. These Directives are described in further detail in Christoph Van der Elst and Marijn van Daelen, “Risk Management in European and American Corporate Law,” ECGI Working Paper No. 122/2009, available on the Internet at <http://ssrn.com/abstract=1399647> (last accessed on 29 October 2012).
41 van Daelen et al, “Introducing Risk Management,” supra note 1, at p. 5.
42 Commission Recommendation 2004/913/EC on fostering an appropriate regime for the remuneration of directors of listed companies, 14 Dec. 2004. See also OECD, “Board Practices: Incentives and Governing Risks, Corporate Governance” (OECD Publishing, 2011), available on the Internet at <http://dx.doi.org/10.1787/9789264113534-en> (detailing regulatory frameworks on executive compensation in Sweden, the UK, Brazil, Japan, and Portugal) (last accessed on 20 July 2012). For comparable U.S. regulations, see supra note 10.
43 Council Directive 2006/43/EC on statutory audits of annual accounts and consolidated accounts, OJ 2006 L 157/87, at Art. 41, par. 2, Art. 42, par. 4.
44 Beasley et al., “Enterprise Risk Oversight,” supra note 36.
45 COSO, Enterprise Risk Management Integrated Framework, Executive Summary, Sept. 2004, available on the Internet at <http://www.coso.org/documents/coso_erm_executivesummary.pdf> [COSO ERM Framework] (last accessed 29 October 2012); The Conference Board, Emerging Governance Practices in Enterprise Risk Management: Research Report, R-1398-07-WG, 2007 [Emerging Governance].
46 COSO ERM Framework, id., at pp. 3–4.
47 For a survey of the intersections between ERM and legal compliance, see The Conference Board, Emerging Governance, supra note 45, pp. 21–26.
48 COSO ERM Framework, supra note 45; Emerging Governance, supra note 45.
49 Section IV, OECD Principles of Corporate Governance, supra note 32; Section IV, OECD Principles of Corporate Governance for State-Owned Enterprises (2006), at p. 15. See also Pascale Delvaille, “Analysis of Changing Institutional Environments, New Accounting Policies, and Corporate Governance Practices in France,” in Krivogorsky, Law, Corporate Governance, and Accounting, supra note 2, pp. 131 et sqq., at pp. 143–144. See also supra note 35.
50 Numerous commentators have identified short-termism as a threat to the stability and growth of the capital markets. See, e.g. Aspen Institute, “Overcoming Short-Termism: A Call for a More Responsible Approach to Investment and Business Management,” 9 Sept. 2009.
51 Krivogorsky & Dick, “New Corporate Governance Rules,” supra note 2, at pp. 42–44; Axel Haller and Martin Wehrfritz, “Analysis of Changing Institutional Environments, New Accounting Policies, and Corporate Governance Practices in Germany,” in Krivogorsky, supra note 2, pp. 154 et sqq., at p. 171.
52 See, e.g. United Nations Principles for Responsible Investment, available on the Internet at <http://www.unpri.org> (last accessed on 20 July 2012); Harper Ho, “Enlightened Shareholder Value,” supra note 28.
53 Xi, Corporate Governance, supra note 13, at pp. 24–25, 49–51. China's securities exchanges were in fact created to facilitate organizational reform of the state sector and to provide state-owned firms with access to new sources of capital. Shi, supra note 12, at pp. 46–49 (detailing this history).
54 Data from 2010 confirm that over 85% of Chinese private enterprises are majority-owned by a family group and over 50% are also directly managed by the controlling family group. Xinhua, “Zhejiang Family Businesses Exceed the National Ratio, 30% of Owners' Children Aren't Interested in Running the Business” 
, 13 Dec. 2011, available on the Internet at <http://www.zj.xinhuanet.com/newscenter/2011-12/13/content_24323280.htm> (citing data from the China Family Business Development Report, 2011) (last accessed on 28 October 2012).
55 Xi, Corporate Governance, supra note 13, at pp. 56–57; Alice de Jonge, Corporate Governance and China's H-Share Market (Cheltenham, UK: Edward Elgar, 2008), at pp 82–83.
56 China Securities Regulatory Commission (CSRC) and State Economic and Trade Commission (SETC), Code of Corporate Governance for Listed Companies in China, 7 Jan. 2001 (Zhengjianfa No. 1 (2002)), available on the Internet at <http://www.csrc.gov.cn>.,, at ch. 2 & paras. 49–51 (last accessed on 29 October 2012); 2001 Guidelines for Introducing Independent Directors to the Board of Directors of Listed Companies, 16 Aug. 2001; PRC Company Law, St. Committee National People's Congress, amended eff. 1 Jan. 2006, at Art. 123; Donald Clarke, “The Independent Director in Chinese Corporate Governance,” 31 Delaware Journal of Corporate Law (2006), pp. 125 et sqq.
57 This phenomenon is widely observed. Xi, Corporate Governance, supra note 13, at pp. 57–61; Shi, Political Determinants, supra note 12, at pp. 133–136; Xi, Chao, “In Search of an Effective Monitoring Board Model: Board Reforms and the Political Economy of Corporate Law in China,” 20 Connecticut Journal of International Law (2006), pp. 1 et sqq.Google Scholar; Ah Pak, Donald Henry and Ding, Xiaoming, “The Role of State Government in SOEs,” in See, John (ed.), China and the Global Economy in the 21st Century (London: Routledge, 2011), pp. 10 et sqq., at 14.Google Scholar
58 Zhang, “Legal Deterrence,” supra note 12, pp. 741 et sqq.; Clarke, “Law Without Order,” supra note 12 pp. 131 et sqq.
59 Xi, Corporate Governance, supra note 13. The 2005 Company Law prohibits controlling shareholders from prejudicing the interests of minority shareholders and provides for direct shareholder liability for shareholder abuse of the corporate form that disadvantages creditors. 2005 Company Law, at Art. 20.
60 See section 3, infra, on the ERM guidelines. The State Assets Supervision and Administration Commission (SASAC), which promulgated the ERM guidelines discussed below, has direct regulatory and supervisory authority over state-owned enterprises. Accordingly, guidelines and policy statements that lack enforcement mechanisms, such as the ERM guidelines, are nonetheless mandatory as a practical matter.
61 See <http://www.unglobalcompact.org/participants/> (last accessed on 29 October 2012).
62 PRC Company Law, supra note 56, at Art. 47, Art. 109; Code of Corporate Governance, supra note 56, at Art. 78–80 (regarding oversight of management). The board of directors is analogous to the management board under German law.
63 The supervisory board must be composed of at least three members, but the number of shareholder representatives is not specified. PRC Company Law, supra note 56, at Art. 118. Directors and senior managers may not serve as supervisors. Id. Per Articles 99 and 104 of the Company Law, supervisors are elected by straight voting, which can lead to majority shareholder domination of the supervisory board. See
Feinerman, James, “New Hope for Corporate Governance,” 91
China Quarterly (2007), pp. 590
et sqq., at p. 607Google Scholar. At least one-third of the supervisory board of a wholly state-owned company must also be composed of employees. PRC Company Law, id. at Art. 71. According to survey data from publicly traded firms in 2001, prior to the most recent Company Law amendment, supervisory boards were generally composed of 1/3 internal members and 2/3 external members. On average, approximately 1/3 of the internal supervisors were union representatives and less than 1/10 of the internal supervisors were members of the firm's internal audit function. The vast majority of the external supervisors were shareholder representatives with less than 1/10 of the external supervisors coming from a government agency. Li Jianwei 
, “On Improving China's Listed Company Supervisory Board System 
”, 2 Legal Studies 
, 2004, pp. 75 et sqq., at p. 76.
64 PRC Company Law, supra note 56, at Arts. 54, 55, 119; Code of Corporate Governance, supra note 56, at Arts. 59–68.
65 CFA Institute, China Corporate Governance Survey (2007), at pp. 8–9; Xi, Corporate Governance, supra note 13,, at p. 152; On Tam, Kit, “Ethical Issues in the Evolution of Corporate Governance in China,” 37 Journal of Bus. Ethics (2002), pp. 303 et sqq. at p. 308–311.CrossRefGoogle Scholar
66 Code of Corporate Governance, supra note 56. The Code was modeled after the OECD Principles for Corporate Governance. Shi, Political Determinants, supra note 12, at p. 165.
67 PRC Company Law, supra note 56, at Arts. 148–151; Code of Corporate Governance, supra note 56, at Arts. 33–43.
68 See, e.g. id. at p. 172. A primary practical difficulty is that the state is often the controlling shareholder. In serious cases, however, administrative, civil or even criminal liability could be imposed on a director for breach of duty causing substantial harm to the corporation. Id. at 167–190.
69 PRC Company Law, supra note 56, at Arts. 20–21.
70 Code of Corporate Governance, supra note 56, at Art. 54.
71 For example, in 2006, the China Banking Regulatory Commission (CBRC) issued a number of guidelines on risk management for commercial banks. See, e.g. CBRC Guidelines on Compliance Risk Management, 25 Oct. 2006. Chinese financial regulators continue to focus on improving risk monitoring among banking and financial institutions in order to reduce systemic risk and promote financial stability. “Financial Regulators to Minimise Systemic Risks,” China Daily, 9 Jan. 2012, available on the Internet at <http://www.china.org.cn/business/2012-01/09/content_24361196.htm> (last accessed on 29 October 2012).
72 PRC Securities Law, St. Committee National People's Congress, prom. 27 Oct. 2005, amended 27 Oct. 2005, eff. 1 Jan. 2006, at Arts. 150, 152–153.
73 PRC Securities Law, id., at Sect. III; CSRC, Administrative Measures on Information Disclosure by Listed Companies, eff. 30 Jan. 2007.
74 Id. at Art. 21(7)–(8), Art. 30.
75 Id., at Art. 21–23; CSRC, Governance of Listed Companies in China: Self-Assessment by the CSRC (Paris: OECD Publishing, 2010), at pp. 51–75.
76 PRC Securities Law, supra note 72, at Ch. III, sect. III; CSRC, Corporate Governance Self-Assessment, supra note 75, at pp. 51–75.
77 PRC Securities Law, supra note 72, at Art. 68–69 (requiring directors, supervisors and senior managers to guarantee disclosure accuracy and providing for joint and several liability for misleading statements or omissions).
78
See, e.g. Guidelines of Shanghai Stock Exchange for the Internal Control of Listed Companies 
, prom. 5 June 2006, eff. 1 July 2006, at Ch. II.
79 See Ministry of Finance, China Securities Regulatory Commission, National Audit Office, Basic Internal Control Norms for Enterprises 
[Internal Control Norms], No. 7, prom. 21 May 2008, eff. 1 July 2009, at Art. 5, 12, 13. The five core principles must be included in firm internal controls. Id. at Art. 5. They are (i) internal environment, (ii) risk assessment, (iii) control activities, (iv) information and communication tools, and (v) internal monitoring. COSO ERM Framework, supra note 45.
80 See, e.g. Richard Meyer, “China's SOX: A Pipe Dream at Best,” Compliance Week, 30 Sept. 2008 (online ed.).
81 Internal Control Norms, supra note 79, at Art. 2.
82 Ministry of Finance, CSRC, National Audit Office Notice on the Issuance of Guidelines for the Application, Evaluation, and Auditing of Enterprise Internal Controls 
, No. 11, 15, Apr. 2010 [Application Guidelines].
83 For example, Guideline 13 on outsourcing identifies three key related risks (including bribery) and then is devoted almost entirely to standards for bidding and contractor qualifications and selection. Id. Similarly, the guideline on “asset management” identifies inventory backlog poor asset maintenance or overcapacity, and dated and inadequate technology as three risks enterprises must minimally consider within internal controls. Guideline No. 8 of the Application Guidelines, id. at Art. 3. The remainder of the 22 articles deal broadly with various aspects of inventory management, warehousing fixed asset inspection, and protection of intangible assets that typically would be considered the purview of management. Id. Each of the guidelines identifies three primary risks each enterprise must consider in the relevant area.
84 For example, Chapter IV of the Internal Control Norms, supra note 79, on “Control Activities” emphasizes accounting, asset management, budget, and operational controls that directly impact financial reporting.
85 For example, Guideline No. 3 on Human Resources simply duplicates basic requirements of Chinese labor law. It provides, in part, that “the enterprise shall conclude employment contracts” with new personnel “in accordance with law.” Id. at Art. 7. Other guidelines seem to echo the slogans of the planned economy. For example, Guideline No. 5 of the Application Guidelines, supra note 82, addresses the “Construction of Enterprise Culture” and provides that “an enterprise shall … sum up fine traditions, extract the core value … and form the norms of enterprise culture … into an important part of [its] code of conduct.” Id. at Art. 6.
86 No. 108, 6 June 2006 
, at Ch. 2–7. Under the Internal Control Norms, risk-related functions are undertaken by the audit committee. Internal Control Norms, supra note 79, at Art. 13. Risk committees are optional under the Guidelines. Guidelines, Id. at Art. 46–51.
87 The list of these firms is available on the Internet at <http://www.guozi.org/Gzwsite/cce.htm> (last accessed 23 November 2012).
88 COSCO Sustainable Development Report (2009) 
.
89 Standardization Administration of China (SAC), Enterprise Compliance Risk Guidance 
, 1 Feb. 2011, GB/T 27914-2011; SAC, Risk Management Principles and Implementation Guidelines 
, 1 Dec. 2009, GB/T 24353-2009.
90 Fraser, John and Simkins, Betty, Enterprise Risk Management (Hoboken, NJ: Wiley & Sons, 2010), pp. 505–524 Google Scholar (surveying firm practices in India, Egypt, Turkey, and Ukraine, among others).
91 PRC Company Law , supra note 56.
92 Code of Corporate Governance, supra note 56, at Art. 81–86. Art. 86 provides: “While maintaining the listed company's development and maximizing the benefits of shareholders, the company shall be concerned with the welfare, environmental protection, and public interests of the community in which it resides, and shall pay attention to the company's social responsibilities.”
93 CSRC, Corporate Governance Self-Assessment, supra note 75, pp. 51–75.
94 Guideline No. 4 of the Application Guidelines, supra note 82.
95 Shenzhen Stock Exchange, Social Responsibility Instructions for Listed Companies 
No. 115, 25 Sept. 2006; Shanghai Stock Exchange Notice on Strengthening Listed Companies' Assumption of Social Responsibility and on Issuing the Guidelines on Listed Companies' Environmental Information Disclosure 
, 14 May 2008. A rising number of non-listed PRC companies produce CSR reports that address firm impacts on stakeholders, though studies suggest their quality is mixed. Chinese Academy of Social Sciences (CASS) CSR Research Center, 2010 PRC CSR Report 
(Beijing: CASS, 2011).
96 SASAC, Notice of the Guiding Opinion Regarding the CSR Implementation of Centrally Managed Enterprises 
[SASAC CSR Notice], 4 Jan. 2008, at Arts. 17.
97 Id. at Arts. 1, 8.
98 Id. at Arts. 18–19.
99 Other examples include cumulative voting provisions in the 2005 Company Law, derivative mechanisms for the private enforcement of the Securities Law, China's independent director reforms in both 2001 and in the Company Law revisions, and Chinese takeover regulations. See Xi, Corporate Governance, supra note 13, at pp. 219–224.
100 Gilson, Ronald, “Globalizing Corporate Governance: Convergence of Form or Function,” 49 American Journal of Comparative Law (2001), pp. 329 et sqq.CrossRefGoogle Scholar
101 Coffee, John C., “The Future as History: the Prospects for Global Convergence in Corporate Governance and its Implications,” 93 Northwestern University Law Review (1999), pp. 641 et sqq.Google Scholar
102 See, e.g. Xi, Corporate Governance, supra note 13, at pp. 221–224 (citing as examples the mandatory bid rule in China's takeover regulations and the independent director requirement); Howson, Nicholas, “The Doctrine that Dared Not Speak its Name: Anglo-American Fiduciary Duties in China's 2005 Company Law and Case Law Intimations of Prior Convergence,” in Kanda, Hedeki et al. (eds.) Transforming Corporate Governance in East Asia (New York: Routledge, 2008), at p. 193.CrossRefGoogle Scholar
103 Clarke, “Law Without Order,” supra note 12; Xi, Corporate Governance, supra note 13, pp. 150–184.
104 See, e.g. Chen, Chinese Law, supra note 12, pp.653–701 (exploring the limitations of legal implementation); van Rooij, Benjamin and Wing-Hung Lo, Carlos, “Fragile Convergence: Understanding Variation in the Enforcement of China's Industrial Pollution Law:,” 32 Law & Policy, at 14 et sqq.Google Scholar (exploring sources of regional variation in environmental compliance and enforcement).
105 Bebchuk, Lucian Arye and Roe, Mark, “A Theory of Path Dependence in Corporate Ownership and Governance,” 52 Stanford Law Review (1999), at pp. 127 et sqq.CrossRefGoogle Scholar; Xi, Corporate Governance, supra note 13, pp. 216–229. See also Jonge, China's H-Share Market, supra note 55, at p. 3 (observing evidence of path dependency among mainland Chinese companies listed on the Hong Kong stock exchange).
106 Bebchuk et al., id., pp. 139–153.
107 Huang, Yasheng, Capitalism with Chinese Characteristics: Entrepreneurship and the State (Cambridge: Cambridge Univ. Press, 2008)CrossRefGoogle Scholar; Tsai, Kellee S., Capitalism Without Democracy: The Private Sector in Contemporary China (Ithaca, NY: Cornell, 2007)Google Scholar
108 Bebchuk et al., Path Dependence, supra note 105, at pp. 153–166.
109 The lack of legal authorization for private enterprise early in the reform period caused many entrepreneurs to engage in adaptive, informal, and often illegal practices; thus, structural-driven and rule-driven path dependency shed light on current attitudes toward law and compliance. Tsai, supra note 107.
110 Internal Control Norms, supra note 79, at Art. 3.
111 See, e.g. Ma, Shiguang, The Efficiency of China's Stock Market (Burlington, VT: Ashgate, 2004)Google Scholar. According to the Efficient Capital Market Hypothesis, a market is semi-strong efficient if stock prices reflect all publicly available information. Ross, et al., Corporate Finance, supra note 21, at 435.
112 Bainbridge, Stephen M., “Caremark and Enterprise Risk Management,” 34 Journal of Corporation Law (2009), 967 et sqq., at p. 986.Google Scholar
113 See Part II, supra.
114 As noted above, for state-owned firms under the direction of SASAC, compliance with voluntary guidelines and policy directives is often not discretionary.
115 Donald Clarke explains that because the Company Law, and indeed, the Securities Law, were designed to promote SOE reform, “[t]he entire corporate sector has come to be governed, in significant degree, by principles that are needed and applicable, if at all, only to the state sector.” Clarke, Donald, “Corporate Governance in China: An Overview,” 14 China Economic Review (2003), pp. 494 et sqq., at p. 501.CrossRefGoogle Scholar
116 See, e.g. SASAC CSR Notice, supra note 96, at Art. 18 (offering this rationale). Practically, media exposure offers the most obvious way this oversight might be carried out.
117 See Preamble, Internal Control Norms, supra note 79. These concepts are highlighted in China's Twelfth Five-Year Plan (2011–2015), although their origins lie farther back.
