Category Archives: Vietnam – Compliance

International regulatory compliance: Anti-corruption, competition law, anti-money laundering

Vietnam’s New Cyber-Security Law a Headache in the Making

Vietnam’s National Assembly yesterday overwhelmingly approved a heavily-debated Cyber-Security Law that could have significant impact on all online service providers with clients or customers in Vietnam.  While the stated aim of the new Law is to “protect national defense and ensure social order”, it imposes obligations on digital businesses that could have far-reaching and unintended effects without necessarily advancing the Law’s primary objective.  Key among such obligations are data localization and mandatory commercial presence rules that should worry not only tech giants but any company providing online services to customers in Vietnam.

While much of the commentary has focused on social network providers (e.g. – Facebook, Youtube) or ‘pure tech’ behemoths (e.g. – Google), the language of the Law is broad and potentially captures a wide range of business activities and models.  First and foremost, the Law appears to cover all enterprises (whether based onshore or offshore) that “provide services on the telecommunication network, internet, and other value-added services on the internet in Vietnam.”  In the digital age, this wide language covers a vast array of activity and is clearly not limited to social media services.  Take banks as an example.  If a foreign bank provides an online service to a client in Vietnam (including a non-Vietnamese citizen resident in Vietnam), will it be covered by this Law?  The answer is clearly yes according to the wording of the Law.  Another example would be an online booking services company like AirBnB which is accessible to, and used by, residents of Vietnam.  Again, such service activity is clearly covered by the wording of the Law, whether or not that is the true intent.

Once a company is covered by the Law, other requirements may apply.  For example, the Law requires companies to “authenticate upon registration” and “keep confidential” users’ information.  Critically, companies (wherever located) must also cooperate with the authorities to provide information of their users when such users are investigated or deemed to breach laws on cybersecurity.  Companies also need to grant the authorities access to their information system when there is “a serious breach of law or action causing serious loss to the public order and safety.”  Unclear as ever, these regulations will require further elaboration in implementing Decree(s), as well as implementation in practice, before the true implications can be known.

Another significant requirement is data localization.  Compared with earlier drafts, the version approved by the National Assembly appears to narrow down the kinds of companies which must perform data localization.  Nevertheless, the potential scope is broad: companies which “collect, exploit, analyze, or process” personal information, information created by users in Vietnam and data on the relationship of the users must store data locally for a period of time.  However, the language of the Law on this is still very vague and, absent further guidance, open to discretion of the authorities to interpret.  To take previous examples, a bank could be deemed as “collecting, exploiting, analyzing, processing” personal information of users in Vietnam when it establishes or provides online banking services for such clients.  A booking reservation company, or an online film provider (e.g. Netflix) does the same.  Read literally, all such companies will need to ensure data localization within Vietnam.

Not only that, such companies will also be required to establish commercial presences in Vietnam (either a branch or a representative office).  Oddly enough, it is unclear whether establishment of a fully-fledged subsidiary in Vietnam would be sufficient under the Law.  Many companies supply services to their customers in Vietnam via the internet without having a commercial presence in Vietnam.  This kind of blunt instrument will cause uproar and, one presumes, flagrant violations will abound which, for the most part, authorities in Vietnam will be unable to pursue on any practical level (though the desire and ability to shut off access to individual websites may grow over time).  The Law gives some wriggle rooms on this point by assigning the Government to elaborate the commercial presence requirement further and we may find that the scope will be narrowed down.

Many tech and non-tech companies voiced their concerns in the lead up to this Law. However, the National Assembly justifies its approval based on the need to ensure national defense and security.  A National Assembly spokesperson has stated that the regulations are feasible and not contrary to free trade agreements that Vietnam is a party to.  The jury however remains out on both these points.

The Law will take effect on 1 January 2019.  Implementing Decree(s) are expected to elaborate further prior to then though no drafts are available for review at present.

By Giles Cooper and Le Nguyen Duy Hau.  For more information about the new cyber-security regulations in Vietnam, please contact Giles at GTCooper@duanemorris.com, Hau at HNLe@duanemorris.com or any of the lawyers in our office listing.  Giles is co-General Director of Duane Morris Vietnam LLC and branch director of Duane Morris’ HCMC office.

Navigating Blockchain Law – Presentation at Vietnam Blockchain Week – 8 Mar 2018

7-8 March 2018, Vietnam Blockchain Week organized by Infinity Blockchain Labs — probably the first big, international blockchain event in Vietnam. Reportedly, more than 2,000 registered visitors and 50 speakers.

My speech and slides on “Navigating Blockchain Law” covered multiple jurisdictions and blockchain topics, including cryptocurrencies, exchanges, ICOs, AML/KYC, personal data protection, regulatory sandboxes and innovation space. The message is that  innovators and big investments go to places that have clear and “friendly” regulations for them to thrive.

Unregulated - what does it mean?

Every day is different though, and we constantly receive new statements from regulators and other authorities. Technology moves much faster than the law. The information in my slides is already old by the time they are uploaded. Likewise, the heat map below is very subjective and  represents only a momentary snapshot.

Blockchain Legal Heat Map

For more information, please contact Manfred Otto at MOtto@duanemorris.com or any other lawyer you are regularly communicating with at Duane Morris.

Disclaimer: This post has been prepared and published for informational purposes only and is not offered, nor should be construed, as legal advice. Each case should be analyzed individually with the support of competent legal counsel. For more information, please see the firm’s full disclaimer.

“RegTech in Asia – Opportunities & Challenges” – 23 Nov 2017 Presentation

Slides from my recent presentation in Ho Chi Minh City on “RegTech in Asia – Opportunities & Challenges” on 23 November 2017 organized by QRC HK & Infinity Blockchain Labs:

171123 RegTech in Asia-Otto-EN

Main topics:

  • AML/KYC (anti-money laundering and “know your customer”)
  • Compliance costs in Asia
  • e-Government (e-Customs, e-Courts, e-Tax)

Statutory KYC Requirements in Vietnam

For more information , please contact Manfred Otto at MOtto@duanemorris.com or any other lawyer you are regularly communicating with at Duane Morris.

Disclaimer: This post has been prepared and published for informational purposes only and is not offered, nor should be construed, as legal advice. Each case should be analyzed individually with the support of competent legal counsel. For more information, please see the firm’s full disclaimer.

Annual Vietnam Labour Law Reporting Obligations

See our handy chart in the link below outlining employers’ annual labour law reporting obligations in Vietnam.

Employment Reporting Obligations in Vietnam_June2017

For questions please contact Giles at GTCooper@duanemorris.com or any of the attorneys in our Vietnam office listings.

Mid Year Labor Law Update

The Labor Code in Vietnam is undergoing a rare revision with changes expected to be confirmed later this year and effective in 2018.  Click the link below for a snapshot of some anticipated changes as well as an update on trade union and social insurance matters.

Asia Employment Law Congress – Duane Morris – 9June2017

For questions about Vietnam labor law, please contact Giles at GTCooper@duanemorris.com or any of the attorneys in our office listings.

Revolve, Rollover and Refinance: New Lending Rules in Vietnam

Revolve, Rollover and Refinance: New Lending Rules in Vietnam

A few years ago the State Bank of Vietnam (“SBV”) started the custom of celebrating the new year by firing a salvo of new regulations during the last working days of the year.  This time it was no different, except that the salvo lasted beyond the Lunar New Year holidays.  On 9 February 2017, the SBV released on its website the last two circulars of 2016 dated 30 December.  The new regulations are of great importance for the country’s banking system and the economy at large as they aim to overhaul the regulatory framework applicable to lending activities of credit institutions[1] and foreign bank branches in Vietnam (hereafter, banks).  Although, it will take some time for banks and their clients to fully assess the impact of the new lending regime, we believe the following three changes introduced by the first of the two circulars – Circular 39/2016/TT-NHNN on credit activities of credit institutions and foreign bank branches (“Circular 39”) – are the most significant.

Revolving loans and rollover of loans.  Despite being quite common in other markets, these two very common international banking practices were not formally permitted in Vietnam.  Circular 39 will allow borrowers having business cycles not exceeding one (1) month to obtain revolving loan facilities from banks for up to three (3) months.  Rollovers will also be possible provided that the borrower does not have non-performing loans and the total tenor of the rolled over loan does not exceed 12 months following the initial disbursement and does not exceed one business cycle of the borrower.

Refinancing.  Similarly to revolving loans or rollover of loans, refinancing was not allowed in Vietnam in the past.  Limited refinancing of cross-border loans was first authorised in 2014[2]. Circular 39 will now allow refinancing of domestic loans as well, provided that all the following conditions are met: (i) the refinanced loans were extended for business purposes (consumer loans remain therefore excluded from refinancing); (ii) the maturity of the refinancing must not exceed the residual tenor of the loans being refinanced; and (iii) the refinanced loans have not been restructured.  Importantly, it is still prohibited for a bank to extend a new loan to refinance another loan granted by the same bank.

Enhanced lenders rights. Circular 39 makes an effort to reinforce the protection of banks as creditors.  For instance, they will now have the right to continue the recovery of unpaid loans even after exhausting all agreed loan recovery methods (e.g. sale of secured assets).  Banks will have the right to claim compensation for damage caused by breaches of loan contracts in addition to penalty interest payments (provided that the principle of compensation for damage caused by breach of contract has been agreed with the client in the loan contract).  They will also have greater freedom in agreeing to reductions or waivers of interest and fees.

Circular 39 will take effect in a month time, on 15 March 2017, and will replace Decision 1627/2001/QD-NHNN dated 31 December 2001 on the lending regime of credit institutions amended on multiple occasions by the SBV over the 15 years of its implementation. With these rather positive changes the SBV hopes to ensure that credit continues to grow despite a challenging global and domestic macro-economic environment while non-performing loans are kept in check.  Whether Circular 39 will help achieve these objectives remains to be seen.  It is still early stages in understanding all the implications of the regulatory step 39.

[1] The term “credit institutions” in Vietnam includes commercial banks, non-bank financial institutions (mainly finance companies), micro-finance institutions and people’s credit funds.

[2] State Bank of Vietnam Circular 12/2014/TT-NHNN dated 31 March 2014 on conditions applicable to foreign borrowings of enterprises not guaranteed by the Government.

 

For more information, please contact partner Giles Cooper at gtcooper@duanemorris.com or special counsel Bach Duong Pham at dbpham@duanemorris.com.

Facilitation Payments – Bribery in Vietnam risks high penalties worldwide

By Manfred Otto, Giles Cooper, and Hiro Kobayashi of Duane Morris Vietnam LLC

Japanese

Unsuspecting companies are in fact opening themselves up to substantial risk and penalties in multiple jurisdictions for activities in Vietnam that some consider routine or customary. Anti-corruption laws in the United States, United Kingdom, Japan and other jurisdictions have broad extraterritorial reach and can apply to  conduct in Vietnam. Besides large-scale corruption as in the recent cases where Marubeni Corporation agreed to pay $88 million in fines in the U.S. for bribing Indonesian officials through outside consultants and the roughly $800,000 in alleged bribes in the Japan Transport Consultants, Inc. railway case in Vietnam, investors should also be beware of small payments or gifts offered to government officials to “facilitate” (speed up) existing procedures.

Continue reading Facilitation Payments – Bribery in Vietnam risks high penalties worldwide

ファシリテーション・ペイメント ベトナムにおける贈収賄で他国で罪に問われる刑事リスク

>English

ドウェイン・モリス・ベトナム法律事務所
小林 裕(著)
オットー マンフレッド 倉雄(編)

賄賂の提供はベトナムに進出する企業の抱える大きな問題の一つであるが、金額の多寡に関わらず、ベトナムの公務員に対するこのような贈賄行為は日本やアメリカその他の国々の法令に抵触し思わぬ重罰に直面する可能性があることを企業は十分注意しなければならない。

Continue reading ファシリテーション・ペイメント ベトナムにおける贈収賄で他国で罪に問われる刑事リスク