Angel Sze FCIS FCS, Company Secretary, Fosun International Ltd, offers some practical advice on how company/board secretaries can handle the complex issues involved in risk management and cross-border compliance.

Risk management

Managing the timely communication of key information is of great importance to the work of company/board secretaries. This section discusses risk management from four aspects: effective communication of information, handling of inside information, continued enhancement of compliance awareness among employees and making good use of digital management.

1. Effective communication of information

If you do not want to be busy firefighting or learning about the company’s incidents only through the mass media, you cannot overlook the importance of having proper mechanisms in place to communicate information on key or potential crises. Apart from ensuring the effectiveness of communication mechanisms, it is also important to have a Crisis Management Committee that can classify issues according to their risk levels and tackle them as soon as they come up, instead of leaving them unattended until they have reached a higher risk level or have evolved into a stage that is difficult to control. If the news has been widely reported in the media and has resulted in enquiries from the regulators, the company should prepare itself in advance and get a full picture of the events. In the process, the company should thoroughly assess whether and, if so, when the information should be communicated to stakeholders, including shareholders. Where necessary, announcements or statements should be made as soon as practicable.

When analysing potential deals, a full assessment should be made from different perspectives, including the structure of the project, the scale of the transaction, sensitivity, whether a non-competition undertaking is involved, and whether the target of the deal and the counterparty are related parties, listed companies or in regulated industries. If the target and the counterparty are listed in different jurisdictions, close liaison should be maintained regarding compliance with disclosure requirements of various stock exchanges and the timing of disclosure. A mechanism should also be in place to assess whether the transactions of a subsidiary would trigger a disclosure obligation by the parent company and, in particular, whether inside information of a subsidiary would constitute inside information of the parent company. The communication and assessment of relevant information should be swift and timely, and the company should be prepared to issue a joint announcement any time.

2. Inside information versus corporate actions

Where there is inside information, in addition to meeting disclosure obligations, the company should also assess other corporate actions that are in progress at the same time, such as share repurchases and granting of option/share incentive schemes. The operation of different corporate actions might have implications for one another. For example, plans to issue new shares cannot be announced if there is inside information or within 30 days after a share repurchase. When scheduling a share repurchase, one should not assume that the share repurchase can proceed at any time when the period of prohibition of dealing is over and when the company no longer possesses any inside information. This is because the proposed repurchase may affect other corporate actions of the company. Therefore when a company is in possession of inside information, extra caution should be taken to assess all implications.

3. Continued enhancement of compliance awareness

Compliance cannot be achieved by the company/board secretary department alone. A company should make it clear that everyone within the organisation should be fully aware of the importance of risk control. While it is necessary to provide compliance training to all staff regularly, reminders on compliance in respect of specific risk issues can be given to a smaller and more targeted audience. Frequent reminders on various occasions, including new staff orientation, lunchtime sharing sessions, regular compliance newsletters and compliance FAQs, briefings on compliance issues at morning assembly and quizzes on risk control knowledge, could help raise compliance awareness among staff. In addition to keeping abreast of the latest regulatory requirements and information, regular knowledge-sharing sessions within the department can cover the latest business developments of the company, new terminology in the market and the industries, and innovative means to handle daily issues. These sessions can promote a continuous learning environment and, more importantly, the continuity of professional knowledge and procedures about compliance work.

4. Promotion of digital management

Technological innovation often drives business development. Digitalisation is also important to the work of the company/board secretaries. They should attach importance to electronic and digitalised designs and settings. Open and frequently used information is made available through an internal open system for access by the investment teams and relevant staff. On the other hand, confidential information is stored and maintained in an internal database. Examples of digital management include the collection and updating of particulars on directors of special purpose vehicles, maintenance of lists of group companies, electronic approval of staff dealings in the company’s securities, sharing of compliance information, etc. Digital platforms can not only reduce the risks of omissions in information processing and enhance the accuracy of information, but also increase efficiency and ensure timeliness.

Cross-border compliance

1. Differences in regulatory approach

Different jurisdictions have different regulatory requirements. Often we may come across requirements that are similar or totally new. The flexibility of regulators also varies across different jurisdictions. Active communication with relevant regulators and asking questions, such as whether certain documentary requirements can be met by alternative means, can often expedite compliance work. For example, can some information requirements be satisfied by a statement signed by the company/board secretary? Or can certain certifications from relevant authorities be replaced by legal opinion issued by a lawyer in the relevant jurisdiction? By learning from the successful experience in other jurisdictions and exercising appropriate flexibility, the company can smoothly take forward its projects despite cumbersome approval procedures, avoiding delays while ensuring compliance.

2. Effective cooperation with service providers

When communicating with overseas service providers, we should be aware of local rules and regulations as well as cultural differences. In recent years, new laws on labour protection have been introduced in Europe, prohibiting even the taking of instructions after work. So we may not be able to accomplish urgent tasks simply by paying urgent charge or overtime charge. In setting up new companies or bank accounts overseas, it is necessary to know about the public holidays in these jurisdictions and plan ahead to allow sufficient time for the service providers to handle the instructions.

3. The importance of complete records

Designated staff should be assigned to keep a complete and detailed written record of all information throughout a transaction. After the completion of large-scale transactions like open offers and privatisations, the transaction parties may receive written enquires from regulators. The details at various stages of the transactions, including the date, time and place where negotiations were held and transactions were confirmed, the parties and service providers involved and other related information, should be properly recorded as basis for response to future enquiries.


Company/board secretaries play a crucial role in both corporate disclosure and compliance, but their departments should not be accustomed to just saying no – constructive advice should be suggested at the same time. While strictly adhering to relevant rules and regulations, company/board secretaries need to recognise the importance of the commercial interests and needs of the company, and properly play a role in supporting various internal departments. The company/board secretary department should maintain good corporate governance and give sufficient reminders on compliance risks, and at the same time offer the best professional support and solutions.

Angel Sze FCIS FCS, Company Secretary
Fosun International Ltd


风险管控与跨境合规 – 给公司秘书/董事会秘书的实用建议

复星国际有限公司公司秘书史美明FCIS FCS为公司秘书/董事会秘书提供实用建议,以处理风险管理及跨境合规所涉的复杂事务。



1. 信息的有效传递



2. 内幕信息之前瞻后顾


3. 合规意识之点滴累积


4. 智能中台管理推动



1. 多地规则的对比思维


2. 中介服务商的有效合作


3. 记录完整的重要性




公司秘书史美明 FCIS FCS