Worldwide: Facing Down Complexity: Creating A Global Framework For Compliance

Last Updated: 1 June 2018
Article by TMF Group

TMF Group discusses how in-house general counsels can help organisations in Asia navigate an increasingly complex regulatory landscape by creating a global subsidiary compliance strategy that also addresses regional needs.

Faced with rapidly evolving regulatory requirements, organisations in Asia Pacific must address new challenges when it comes to subsidiary compliance. Particularly for those that are present in multiple jurisdictions, the role of corporate secretarial services (CoSec) is becoming an increasingly important part of the drive to create a robust approach to regulatory compliance that can take into account a range of regulatory regimes.

However, many organisations struggle to develop compliance strategies that work on both a regional and an international basis. "Finding an optimal set-up can certainly be challenging", Leila Szwarc, global head of compliance and strategic regulatory services, said in a March 2018 briefing paper, " 5 truths about global compliance". However, as the paper also points out, there are strategies that organisations can use to create a global framework for compliance.

Dealing with complexity

Globally, there is a growing emphasis on transparency - both internally and externally from regulators, the media and the public. Just as companies have gotten to grips with new international regulatory regimes such as Basel III, the International Financial Reporting Standard (IFRS), the Foreign Account Tax Compliance Act (FATCA) and the Common Reporting Standard (CRS) in recent years, a raft of regional reporting requirements are now being rolled out with the aim of increasing transparency, especially in regulated industries such as financial services.

In addition to efforts by the Monetary Authority of Singapore to overhaul MAS 610, for example, Australia, Hong Kong, Malaysia and India are all currently updating national reporting procedures. Such changes will require organisations to develop better internal systems and processes for collating and managing data, as well as for reporting both internally and to external entities such as regulators and shareholders.

For organisations with a presence in more than one jurisdiction, these efforts to boost transparency will also result in increased complexity as businesses must monitor and react to changing regulations on a number of fronts. In addition to overcoming language barriers, there is often a need to address national compliance requirements, as well as variations within countries. According to the 5 truths about global compliance briefing paper, 19% of countries in the APAC region have different compliance requirements per jurisdiction (province), and 35% of countries have severe penalties for legal administrative non-compliance.

Businesses are also becoming more complex internally due to major disruptions such as digitalisation and individual structural changes such as expansion into new territories. As organisations push these boundaries, there is a growing need to develop an enterprise-wide approach to CoSec duties that also takes into account the array of regional rules and regulations that currently affect companies in Asia.

Furthermore, the cost of non-compliance is increasing: it is no longer enough to concentrate on regulatory consequences alone, it is also important be mindful of the reputational impact of negative media attention.

"In a world where social media exposes organisations to reputational risks, legal counsels have a massive opportunity to proactively define business outcomes. Rather than simply keeping business leaders out of jail, the role has now moved towards helping them to define the company culture," says Shagun Kumar, managing director at TMF India.

In-house general counsels must be able to navigate this rapidly changing landscape and it is increasingly clear that this requires an enterprise-wide approach to compliance. By creating a global framework that provides a solid template for compliance, it is possible to address increasing regulatory pressures and mitigate the reputational risk of a potential compliance issue. However, such a framework also needs to account for regional differences throughout an increasingly complex regulatory picture.

Creating a global framework

In the current regulatory environment, organisations must ensure that they remain, not just on top of new rules, but well ahead of regulatory output across multiple jurisdictions. It is not enough to begin working on a compliance response as new rules are published by regulators. Organisations must be aware of these developments ahead of time so they can prepare for and promote change across the organisation in advance - as well as lobby for adjustments to upcoming rules that might adversely affect the organisation or the wider industry.

And it is up to legal and compliance professionals to stay one step ahead in order to map out the ever-changing parameters in which today's organisations must operate. More specifically, in-house general counsels should take the lead in creating an enterprise-wide response to regulatory change, as well as spearheading the development of systems and processes to ensure compliance.

And while it is important to be an independent source of information and guidance for other business units, those at the forefront of this movement are also now exploring how to be a more effective business partner by listening and responding to changing compliance needs throughout the organisation.

So how can in-house general counsels ensure that increasingly complex organisations are fully prepared to face a changing regulatory landscape? While there is no single approach, a solid first step would be to conduct an audit to assess current standards and potential requirements.

This should compare and contrast each jurisdiction in terms of its present level of compliance and performance, including an assessment of CoSec data to ensure harmonisation and accuracy across all sources of information within the company. An audit should also help to map out the lines of communication within regional entities and between these units and the rest of the organisation. A new global framework can then be created to address any gaps or areas in need of improvement identified by the audit, as well as current and future compliance needs.

Communication is key

In-house general counsels need to work with the compliance, risk and audit teams in order to develop a global framework that can be disseminated throughout the organisation's regional hubs.

Also, Kumar adds: "There is a need to balance global compliance frameworks with fast moving local knowledge." Locally-based employees must be given the knowledge, ability and confidence to tweak the global framework to suit local regulations and cultural differences. Internal communications systems and processes will play a key role here by reinforcing the company culture and ensuring full buy-in from all employees.

Local experts should be empowered to tailor the global framework to fit regional needs, informing employees of their responsibilities and any changes on an ongoing basis.

And these lines of communication should not be one-way only. "Where there are changes in law, it is expected that the board be trained or briefed to ensure that regulatory and compliance risks are well managed through the compliance team," says Sharon Yeoh, director, head of corporate secretarial at TMF Singapore.

As such, local units need to be able to convert rules and regulations from their jurisdictions into a standard format that can be understood by management and used to develop an overview of the organisation's overall compliance status. For many firms, a simple but effective strategy is to schedule regular phone calls between head office and regional hubs in order to keep the wider organisation abreast of regulatory developments. Maintaining an ongoing dialogue in this way can also help to break down any resistance to change that might come about due to unexpected policy adjustments, for example.

Most organisations face a range of overlapping standards across jurisdictions and in terms of internal policies. Adopting the highest standard is usually the safest way forward in such circumstances, but to do this effectively everyone in the organisation must be on the same page with regards to local and international regulations. The legal team must work more closely than ever with compliance to co-ordinate this communication and ensure full understanding.

In addition to a strong internal communications function, many organisations find that a training framework focused on compliance is also a useful tool. This helps employees to gain a deeper understanding of the company's overall compliance needs and also reinforces a culture across the organisation that compliance should be at the forefront of all activities. By conducting this training online and tracking employee progress, it is possible to ensure that all employees have equal access to the relevant information rather than relying on regional business heads to get the point across in a uniform manner.

Exploring outsourcing

Many organisations have the necessary skills and knowledge to develop a response that can adapt to fit both global and regional needs, particularly if it is impossible to have an in-house expert or local compliance officer for every region. However, others require external support and this is where outsourcing can be of great value to the CoSec function.

Engaging a partner that can provide on-the-ground expertise can fill in the gaps, particularly as organisations expand into new regions and business areas. For example, some organisations outsource certain business transactions to locally-based service providers such as lawyers, accountants and professional services firms.

The service provider can then feed information about common issues or changes through to the group compliance division, which can then create a reponse on a firm-wide basis, if necessary, such as updating relevant training programmes. While the organisation itself creates the global solution, service providers act as a key source of local expertise to ensure the company remains a step ahead of regulatory change in all regions.

It should be noted that outsourcing may not be the best option for every organisation, but it is certainly worth considering as companies attempt to tackle growing levels of compliance complexity. Those that do wish to explore this route should begin with due diligence work to identify the full range of organisational obligations - from mission critical to those of lesser importance.

Any obligations that are earmarked as candidates for outsourcing should be discussed and agreed upon by all internal stakeholders before finding and engaging professional providers. It is also worth noting that this process of identifying, discussing and outsourcing activities could take time to complete - as much as two years for some activities.

And then, even once an obligation has been outsourced, ultimate responsibility always remains with the organisation. As such, it is important to act in partnership with outsourcing firms to ensure sufficient communication of objectives and understanding of corporate goals, strategies and overall culture on an ongoing basis.

A new approach

Compliance has moved beyond simply satisfying legal and regulatory issues - reputation is an increasingly precious commodity as organisations face growing pressure from both regulators, stakeholders and the media to be good global actors. As company culture and conduct plays a more important role in compliance, organisations need to broaden their perspective in terms of their overall compliance goals.

In this respect, the development of an enterprise-wide approach is key. Further, legal counsels play a major role in putting the entire business on the same page when it comes to satisfying an increasingly complex web of rules and regulations, particularly across multiple jurisdictions. This will ensure all parts of the business operate according to the highest standards and can satisfy both internal and external reporting needs in an effective and efficient way.

Talk To TMF Group

Organisations that are operating in multiple jurisdictions can partner with TMF Group to address corporate secretarial (CoSec) challenges in the Asia Pacific region – in terms of both establishing a presence in a new region and managing ongoing compliance in areas including entity life cycle management, accounting, tax and transactional reporting, HR and payroll.

With regional offices throughout APAC and experts that can provide insight and guidance on the full spectrum of local regulatory requirements, TMF Group can help clients to create a global framework to manage regulatory compliance risk.

This article was originally published on Asia Risk.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on

Click to Login as an existing user or Register so you can print this article.

Events from this Firm
16 May 2019, Webinar, Rotterdam, Netherlands


Executing an acquisition integration plan is one of the most difficult assignments in the M&A life cycle. Every merger involves “negative synergies”, including the departure of key talent, sales losses, incompatible systems, productivity declines, turf battles and cultural friction. The key is limiting the costs and preparing for the unknown challenges that may arise.

Some comments from our readers…
“The articles are extremely timely and highly applicable”
“I often find critical information not available elsewhere”
“As in-house counsel, Mondaq’s service is of great value”

Related Topics
Related Articles
Up-coming Events Search
Font Size:
Mondaq on Twitter
Mondaq Free Registration
Gain access to Mondaq global archive of over 375,000 articles covering 200 countries with a personalised News Alert and automatic login on this device.
Mondaq News Alert (some suggested topics and region)
Select Topics
Registration (please scroll down to set your data preferences)

Mondaq Ltd requires you to register and provide information that personally identifies you, including your content preferences, for three primary purposes (full details of Mondaq’s use of your personal data can be found in our Privacy and Cookies Notice):

  • To allow you to personalize the Mondaq websites you are visiting to show content ("Content") relevant to your interests.
  • To enable features such as password reminder, news alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our content providers ("Contributors") who contribute Content for free for your use.

Mondaq hopes that our registered users will support us in maintaining our free to view business model by consenting to our use of your personal data as described below.

Mondaq has a "free to view" business model. Our services are paid for by Contributors in exchange for Mondaq providing them with access to information about who accesses their content. Once personal data is transferred to our Contributors they become a data controller of this personal data. They use it to measure the response that their articles are receiving, as a form of market research. They may also use it to provide Mondaq users with information about their products and services.

Details of each Contributor to which your personal data will be transferred is clearly stated within the Content that you access. For full details of how this Contributor will use your personal data, you should review the Contributor’s own Privacy Notice.

Please indicate your preference below:

Yes, I am happy to support Mondaq in maintaining its free to view business model by agreeing to allow Mondaq to share my personal data with Contributors whose Content I access
No, I do not want Mondaq to share my personal data with Contributors

Also please let us know whether you are happy to receive communications promoting products and services offered by Mondaq:

Yes, I am happy to received promotional communications from Mondaq
No, please do not send me promotional communications from Mondaq
Terms & Conditions (the Website) is owned and managed by Mondaq Ltd (Mondaq). Mondaq grants you a non-exclusive, revocable licence to access the Website and associated services, such as the Mondaq News Alerts (Services), subject to and in consideration of your compliance with the following terms and conditions of use (Terms). Your use of the Website and/or Services constitutes your agreement to the Terms. Mondaq may terminate your use of the Website and Services if you are in breach of these Terms or if Mondaq decides to terminate the licence granted hereunder for any reason whatsoever.

Use of

To Use you must be: eighteen (18) years old or over; legally capable of entering into binding contracts; and not in any way prohibited by the applicable law to enter into these Terms in the jurisdiction which you are currently located.

You may use the Website as an unregistered user, however, you are required to register as a user if you wish to read the full text of the Content or to receive the Services.

You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these Terms or with the prior written consent of Mondaq. You may not use electronic or other means to extract details or information from the Content. Nor shall you extract information about users or Contributors in order to offer them any services or products.

In your use of the Website and/or Services you shall: comply with all applicable laws, regulations, directives and legislations which apply to your Use of the Website and/or Services in whatever country you are physically located including without limitation any and all consumer law, export control laws and regulations; provide to us true, correct and accurate information and promptly inform us in the event that any information that you have provided to us changes or becomes inaccurate; notify Mondaq immediately of any circumstances where you have reason to believe that any Intellectual Property Rights or any other rights of any third party may have been infringed; co-operate with reasonable security or other checks or requests for information made by Mondaq from time to time; and at all times be fully liable for the breach of any of these Terms by a third party using your login details to access the Website and/or Services

however, you shall not: do anything likely to impair, interfere with or damage or cause harm or distress to any persons, or the network; do anything that will infringe any Intellectual Property Rights or other rights of Mondaq or any third party; or use the Website, Services and/or Content otherwise than in accordance with these Terms; use any trade marks or service marks of Mondaq or the Contributors, or do anything which may be seen to take unfair advantage of the reputation and goodwill of Mondaq or the Contributors, or the Website, Services and/or Content.

Mondaq reserves the right, in its sole discretion, to take any action that it deems necessary and appropriate in the event it considers that there is a breach or threatened breach of the Terms.

Mondaq’s Rights and Obligations

Unless otherwise expressly set out to the contrary, nothing in these Terms shall serve to transfer from Mondaq to you, any Intellectual Property Rights owned by and/or licensed to Mondaq and all rights, title and interest in and to such Intellectual Property Rights will remain exclusively with Mondaq and/or its licensors.

Mondaq shall use its reasonable endeavours to make the Website and Services available to you at all times, but we cannot guarantee an uninterrupted and fault free service.

Mondaq reserves the right to make changes to the services and/or the Website or part thereof, from time to time, and we may add, remove, modify and/or vary any elements of features and functionalities of the Website or the services.

Mondaq also reserves the right from time to time to monitor your Use of the Website and/or services.


The Content is general information only. It is not intended to constitute legal advice or seek to be the complete and comprehensive statement of the law, nor is it intended to address your specific requirements or provide advice on which reliance should be placed. Mondaq and/or its Contributors and other suppliers make no representations about the suitability of the information contained in the Content for any purpose. All Content provided "as is" without warranty of any kind. Mondaq and/or its Contributors and other suppliers hereby exclude and disclaim all representations, warranties or guarantees with regard to the Content, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. To the maximum extent permitted by law, Mondaq expressly excludes all representations, warranties, obligations, and liabilities arising out of or in connection with all Content. In no event shall Mondaq and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use of the Content or performance of Mondaq’s Services.


Mondaq may alter or amend these Terms by amending them on the Website. By continuing to Use the Services and/or the Website after such amendment, you will be deemed to have accepted any amendment to these Terms.

These Terms shall be governed by and construed in accordance with the laws of England and Wales and you irrevocably submit to the exclusive jurisdiction of the courts of England and Wales to settle any dispute which may arise out of or in connection with these Terms. If you live outside the United Kingdom, English law shall apply only to the extent that English law shall not deprive you of any legal protection accorded in accordance with the law of the place where you are habitually resident ("Local Law"). In the event English law deprives you of any legal protection which is accorded to you under Local Law, then these terms shall be governed by Local Law and any dispute or claim arising out of or in connection with these Terms shall be subject to the non-exclusive jurisdiction of the courts where you are habitually resident.

You may print and keep a copy of these Terms, which form the entire agreement between you and Mondaq and supersede any other communications or advertising in respect of the Service and/or the Website.

No delay in exercising or non-exercise by you and/or Mondaq of any of its rights under or in connection with these Terms shall operate as a waiver or release of each of your or Mondaq’s right. Rather, any such waiver or release must be specifically granted in writing signed by the party granting it.

If any part of these Terms is held unenforceable, that part shall be enforced to the maximum extent permissible so as to give effect to the intent of the parties, and the Terms shall continue in full force and effect.

Mondaq shall not incur any liability to you on account of any loss or damage resulting from any delay or failure to perform all or any part of these Terms if such delay or failure is caused, in whole or in part, by events, occurrences, or causes beyond the control of Mondaq. Such events, occurrences or causes will include, without limitation, acts of God, strikes, lockouts, server and network failure, riots, acts of war, earthquakes, fire and explosions.

By clicking Register you state you have read and agree to our Terms and Conditions