With white-collar criminals upping their game and a series of legislative updates signalling harsher crackdowns on these crimes, companies and their senior executives cannot afford to underestimate criminal risks. Kevin Cheng reports
Bribery, embezzlement, misappropriation of funds, money laundering … there never was a singular white-collar crime. Consequently, there never was a singular set of laws and regulations, compliance strategies and remedies that fits all such crimes. Now, with technological surges and subsequent emergence of new sectors, white-collar criminals have only grown more sophisticated, and more difficult to repel.
The past year saw intensifying anti-corruption efforts among state-owned enterprises (SOEs), with senior executives at Sinochem Group, China National Nuclear Corporation, Harbin Electric and China Resources investigated by the Central Commission for Discipline Inspection (CCDI).
A similar movement took over the private sector, with the likes of Huawei, DJI and Tencent Music disclosing anti-corruption and anti-fraud results that saw multiple senior management members handed over to judicial authorities on charges such as acceptance of bribes by a non-state functionary.
Pharmaceuticals and finance serve as the eye of the anti-corruption storm. In 2025, more than 30 banking executives at the level of vice president, provincial president or chairperson fell under disciplinary investigation.
To patch up legislative gaps and strengthen economic security, several landmark legal updates, including the 12th amendment to the Criminal Law and the amended Anti-unfair Competition Law, have broadened the applicable scope of bribery and other major crimes, drastically increasing the severity of punishments and clearing away obstacles for investigation and enforcement.
For companies and their senior executives, the escalation of criminal risks is a make-or-break stress test of their governance, compliance and internal investigation systems. In particular, with amendments opening the staff of non-public sector enterprises up to responsibility for more crimes, the room for error is quickly being cut down.
Cat and mouse but evolving
Among crimes committed by corporate personnel, embezzlement, misappropriation of funds, commercial bribery and infringement of trade secrets are among the most common. According to the White Paper on Criminal Procuratorial Work (2024), released by the Supreme People’s Procuratorate (SPP) in March 2025, procuratorial organs nationwide prosecuted 10,570 individuals for crimes committed when discharging their corporate functions, such as embezzlement and misappropriation of funds (a 25% year-on-year increase).
Liang Yali, a senior partner at the Beijing office of King & Capital Law Firm, observes a continual rise in the number of white-collar crimes and a growing trend of derivative crimes. In the case of fraud, she notes that conventional loan fraud and contract fraud cases exist alongside novel types such as stock price manipulations via VIE structures, piecemeal appropriations, and targeted online scams.
Tools and methods of crime also evolve constantly. For example, Yao Qian, former head of the technology supervision department of the China Securities Regulatory Commission (CSRC), was accused of abusing his position to seek benefits for others and of accepting and concealing large amounts of bribes through cryptocurrency.
Cryptocurrency has been hailed as a holy grail for money launderers due to its inherent anonymity and borderless nature, greatly adding to the difficulty in detecting such crimes. Regulators are aware of the risks. The People’s Bank of China, in November 2025, convened a high-profile meeting on combating crypto speculation, attended by 12 government agencies including the Supreme People’s Court (SPC), the SPP, and the Cyberspace Administration of China.
Personnel and industries involved in white-collar crimes are also becoming more specialised. Carol Sun, a Shanghai-based partner at JunHe, describes new types of criminals as “highly professional and well educated, many with finance and tech backgrounds”, with the crimes “extending from traditional industries to fintech, scientific research and service sectors”.
Among the many types of white-collar crimes, bribery stands out due to its far-reaching impact. Li Tianhang, a Shanghai-based senior partner at Hui Ye Law Firm, says that while embezzlement is the most common, it mostly affects only the company’s reputation and assets. “By comparison, bribery has far greater ramifications, especially when it involves sensitive or public sectors,” he says.
Bid rigging, in particular, is a serious crime usually associated with bribery, and can be devastating to the entire business environment if it involves a leading company, says Li. This makes bid rigging a major judicial and enforcement target. According to the mid-2025 statistics report issued by the SPC, courts nationwide accepted 707 bid rigging cases during the first half of the year, a 30.44% year-on-year increase.
New scenarios of commercial corruption abound. In the darker corners of the internet industry, traffic monetisation and data rights are being used as bargaining chips. Ma Jingyun, a senior partner at the Shanghai office of Hiways Law Firm, observes fewer bribery cases using monetary kickbacks and more adopting more concealed ways to convey benefits.
“Bribers offer rare opportunities for children’s education, a ‘golden parachute’ after departure from a post, or novel assets such as cryptocurrency and NFT,” she says. “In worse cases, bribery assumes the guise of strategic partnerships or consultancy fees, a ‘sub-culture’ acquiesced or even encouraged within some companies.”
Skimming orders, where an employee transfers the company’s orders, businesses or opportunities to other companies or outside channels, is another common but hard-to-crack crime, traversing managerial loopholes and legal grey areas.
Tighter regulatory grip
The dilemma with crackdowns on skimming orders reflects a persistent gap in combatting white-collar crime. Fortunately, much effort has been made to patch up the shortcoming. Amendment (12) to the Criminal Law, enacted in March 2024, was a critical step.
The crimes for illegally conducting similar businesses – offering illegal profits to relatives or friends and converting shares, or selling them at a low price – once applied only to SOEs and their responsible persons, but can now be attached to various other companies and their personnel.
This effectively means that private-sector enterprises and their senior executives may be subject to an equal level of criminal liability as their SOE equivalents if caught transferring businesses to related parties, or disposing of assets at clearly unfair prices.
Additionally, Ma notes that the amendment expanded the focus of crackdowns against bribery. “Any repeated small-amount bribery by an employee could condemn the company to massive criminal risks,” she says.
In October 2025, the amended Anti-unfair Competition Law took effect, boosting the maximum fine for commercial bribery from RMB3 million (USD434,000) to up to RMB5 million. It also targets more than the company for the crime.
“The amendment stipulated punishments for the legal representatives and principal persons in charge, clarifying that the unit and individual shall both bear the liability for accepting bribes,” says Li.
Sun believes these legislative updates in recent years signal that regulators are redefining corporate governance as an economic security issue.
“Expanded criminal liability for directors, supervisors and senior management, equal crackdowns on giving and taking bribes, and increased criminal risks for non-state functionaries illustrate a switch in enforcement philosophy from protecting state property to safeguarding the social economic order,” she says.
“It is an institutional response to corporate governance lagging behind a decade of rapid economic growth of the private sector, and a rise in fund density.”
Also noteworthy is enhancement in the investigative side of crime fighting. The amended Supervision Law, effective since June 2025, set up a tiered system for enforcement. Besides retention in custody, the proven and true method, the amendment added compulsory appearance, release pending investigation, and protective care. The retention period could in theory be extended to up to 16 months, although harsh criteria would need to be met, such as the discovery of a new crime.
China’s supervisory commissions, established as state organs parallel to the government, the courts and the procuratorates, hold investigative authority over all public officials exercising public power. By design, this remit extends to the management of SOEs and, through jurisdiction over connected cases, can reach commercial bribery conduct within private-sector firms.
WHAT TO DO WHEN WHITE-COLLAR CRIME OCCURS
Even the most sophisticated compliance and risk management system cannot be 100% foolproof. Should the worst happen and a white-collar crime indeed comes to pass, what can a company do to salvage the situation?
Not long ago, the obvious answer would be “compliance non-prosecution”, a system reminiscent of UK and US practices where companies with relatively minor offences that demonstrate remorse and a willingness to rectify may, under the supervision of the procuratorial organs, avoid being prosecuted by setting up an effective compliance management mechanism.
However, due to a lack of explicit legal authorisation, among other reasons, the concept of “compliance non-prosecution” faded out around 2024.
Li Tianhang, a Shanghai-based senior partner at Hui Ye Law Firm, cautions that companies can no longer hope to mitigate risks after the fact. Instead, the hefty part of criminal compliance should be brought forward, especially in terms of the isolation of criminal risks from the staff, which now requires greater efforts.
Shaun Wu, a partner based at the Hong Kong and Shanghai offices of Paul Hastings, stresses the importance of the company’s immediate response in a crisis. “Many companies I work with have an initial response team that is activated promptly,” he says.
After initiation comes the actual investigation. Liang Yali, a senior partner at the Beijing office of King & Capital Law Firm, believes the independence of the initial investigation is crucial. She suggests the formation of an independent team consisting of external lawyers, compliance experts and auditors. “During the investigation, one must pay close attention to the preservation of evidence and data security, evidence must not be lost or tampered with,” she says.
When linking up with the judicial and regulatory departments, Liang advises companies to “proactively disclose all wrongdoing, co-operate fully, return all bribes, and settle all compensations, which may help earn leniency”.
Furthermore, civil lawsuits “could be pursued against the relevant staff to recover any illegal profits,” she says. “In the administrative process, companies can submit compliance rectification report or otherwise prove the effectiveness of risk control to seek reduced penalty or administrative settlement.”
Rectification is more than ticking a series of boxes. Ma Jingyun, a senior partner at the Shanghai office of Hiways Law Firm, says: “Companies are expected to make substantive progress, which requires them to get to the crux of the matter and fix it, not just complete the paperwork.”
She advocates for a precise overhaul of whichever system failed. “For example, if bribery originates from radical sales commissions, then the salary system needs to be reformed, and if leakage happened because of confusion in data access, then a tiered access review model should be built,” she says.
Carol Sun, a Shanghai-based partner at JunHe, observes a growing interest in quantifiable results among law enforcement agencies worldwide. They wish to know if the real source of risk has been dealt with, instead of merely receiving a compliance report.
“Companies need to learn to make compliance into an ‘organisational immune system’, rather than a one-off public relations fix,” she says.
Boosting defence capacity
With both white-collar criminals and regulators stepping up their game, companies cannot afford to relax their self-monitoring and correction systems. However, raising awareness does not automatically eradicate systematic gaps or correct existing missteps. Companies are in dire need of a future-proof and actionable system of proactive defence.
Against technological evolution of criminal means, companies must improve their governance to be able to meet these risks with an equal level of tech-savviness. Philipp Senff, a Shanghai-based partner and head of compliance at CMS China, advocates for the development of new tools to mitigate risks of white-collar crime. Fraud investigation, for example, could be conducted by AI-based detection systems.
“Machine learning algorithms could be developed to identify unusual payments, suspected suppliers, or other findings in the supply chain, which may then be subject to stricter checks,” he says. “The review of emails, contracts, automatic background checks on suspected suppliers and other data may be then executed much faster.”
Reporting and auditing remain key steps in identifying criminal wrongdoings. Li advises companies to “set up anonymous, confidential and secure reporting channels such as a hotline, dedicated email or third-party platform, and ensure the protection of the whistleblower”.
He adds that businesses should “build actionable investigation and response mechanisms into their internal policies in advance, setting out clear procedures and execution standards for internal inquiries and well-defined grounds for dealing with implicated personnel”.
Reforms to organisational structures can also be critical. Ma advises companies to set up a criminal risk committee at the board level, comprising the general counsel, chief compliance officer, chief finance officer and senior criminal lawyers. She observes that many legal and compliance departments, while proficient in civil and business laws and administrative affairs, do not accord enough attention to the Criminal Law updates and their connections to administrative laws.
“They can pass the review of market regulation authorities with flying colours, but remain oblivious to any criminal legal lines being crossed,” she says.
Wang Weining, deputy director and founding partner at Starrise Law Firm, suggests that “a dedicated criminal law specialist should be a part of the company’s legal department and perennial legal counsel, so they can immediately and correctly identify the nature of any illegality by the staff”.
Compliance, however, cannot be shouldered by the legal department alone, and Sun reminds companies not to underestimate the value of involving the business department in the process. “Compliance indicators could be included in the KPI for purchasing and sales departments,” she says.
Once the compliance structure is fortified, sound governance needs to be extended beyond the corporate confines. Ma cautions that many commercial bribery and trade secret leaks originate not from inside the company itself, but from its vast network of suppliers, distributors, agents, consultants and other third-party partners.
She suggests conducting an in-depth due diligence for major third-party partners that includes criminal background checks, and enacting a tiered risk management scheme accordingly. For high-risk partners, she says “a mandatory audit clause, a commit-to-compliance clause, and a ‘circuit breaker’ clause, under which co-operation can be terminated upon any criminal illegality by the other party, should be included in the contract”, adding that such partners should be made to provide a bank-issued performance guarantee.
Going back to companies’ initial mistakes that led them astray, Ma says that many simply did not take the first step sooner. “Companies reluctant to invest in building a powerful preventive and defensive system may find themselves paying a hefty fee to defence lawyers later on,” she says.
Ma advises companies to look at compliance expenses from a different light. Instead of the money spent on building up compliance, she suggests calculating the potential fines, losses from business interruption, and goodwill impairment instead.
TOUGH BALANCING ACT FOR MULTINATIONALS
Managing the risks of white-collar crime is not a game, but if it were, the multinationals are undoubtedly playing in hard mode. Both outbound Chinese companies and foreign firms operating in China must comply with laws and regulations of multiple jurisdictions, which is often easier said than done.
Law, customs, culture and business practices differ from one place to another, but legislators by and large seem to share a mutual detest for commercial bribery. However, even within this commonality, Catherine Guo, a Beijing-based partner at Anli Partners, says that countries have very different definitions of commercial bribery.
“The crimes and their definition under China’s Criminal Law can be very different from many foreign countries, and the statutory sentence tends to be more lenient,” she says. “As a result, outbound Chinese companies tend to underestimate the criminal risks.” For comparison, she cites the US Foreign Corrupt Practices Act (FCPA) and the UK Bribery Act as much stricter in definition and harsher in penalty.
For decades, the FCPA has sent shivers down the spines of multinationals for its worldwide application, broad definition of “foreign officers” and hefty fines, often in the millions of US dollars. US-listed Chinese companies, China-based subsidiaries or other branches of US firms, and any act of Chinese firms or individuals bribing a foreign official on US soil fall under the act’s ever-expanding jurisdiction.
Notably, the FCPA took a turn in February 2025, when US President Donald Trump signed an executive order that put FCPA enforcement on pause. In June, the US Department of Justice (DOJ) issued a new set of FCPA guidelines, under which investigation and enforcement shall target: (1) cartels and transnational criminal organisations involved with money laundering or bribery; (2) corruption that deprives US firms of fair opportunities; (3) misconduct involving critical infrastructure or key assets perceived to threaten the US national security; and (4) serious misconduct involving substantial or sophisticatedly concealed bribe payments.
“The guidelines signify that, rather than safeguarding international order, the act now observes US national interests and diplomacy, serving the will of the nation, or rather, its president,” says Li Tianhang, a partner at the Shanghai office of Hui Ye Law Firm. However, he says the companies are also given greater room for relief. Proactive disclosure of misconduct before the DOJ investigation, co-operation and rectification could lead to reduced penalties.
Many outbound Chinese companies are required to prove to the target market’s regulators, or submit a guarantee, that there is no commercial bribery, nor will there ever be, during its business operation. Li says that obtaining a certificate of ISO 37001, an international standard for anti-bribery management, could be a good option.
Additionally, China’s Ministry of Commerce issued the Guidelines for Enterprises’ Overseas Integrity and Compliance Work in June 2025, which set out prohibited requirements in areas such as qualifications and licences, financial lending, bidding, accounting and taxation. It also listed in its appendix anti-corruption laws and regulations of certain foreign countries and international organisations, providing a solid framework for reference.
On the other hand, with Southeast Asia, the Middle East and Latin America emerging as new popular outbound destinations among Chinese businesses, many new target markets have more lax compliance standards than the US or the UK, although they end up posing a different type of challenge. “Local consultants or distributors are heavily relied upon to expand into these markets, but some business environments value ‘good relationship’ over sound practice,” says Carol Sun, a Shanghai-based partner at JunHe.
“Without substantive due diligence for the agents and a well-kept transaction record, companies may be found guilty of ‘deficiency in risk control’, even though the headquarter, meant no offence,” she continues.
Inconsistency between headquarters policy and local practice plagues almost all multinationals to some degree. “In less regulated markets, headquarters’ compliance requirements tend to be treated as formalism, something to be downplayed or ignored entirely,” says Sun. For foreign companies operating in China, she believes such disjointedness mainly stems from failing to keep a sufficiently close eye on regional general managers, key suppliers and other local personnel.
Conflict of interest is another systematic danger in cross-border operations. Sun lists common scenarios such as the local officer or purchasing supervisor secretly holding shares in the supplier, distributing businesses via relatives, and playing a dual role in joint ventures. “Such actions dwell in the ‘grey areas’ of compliance, maintained through personal networks and asymmetric information,” she says.
Legal and cultural differences not only increase the criminal risks of multinational businesses, they also make it harder to rectify after a crime. Guo says that companies face continuous regulatory pressure during this process. “Some companies enter into a settlement deal or a deferred prosecution agreement with the foreign government after a criminal investigation,” she says. “They need to come up with a compliance plan that satisfies the regulators, otherwise they may be re-prosecuted.”
Regulatory pressure, however, has its upsides. Shaun Wu, a partner based at both Hong Kong and Shanghai offices of Paul Hastings, notices an increasing focus on individual liability and corporate responsibility across the Asia-Pacific. “Self-reporting and disclosure, as well as credit for co-operation, have significantly influenced how the companies manage risks,” he says.
“In an increasingly globalised world, cross-border business activity leads to multi-jurisdictional investigations and enforcement,” he says. “Global best practices are now increasingly applicable to multinational companies operating worldwide.”
Philipp Senff, a Shanghai-based partner and head of compliance at CMS China, perceives an increase in awareness among corporates and executives with regard to compliance in China. “That is demonstrated in an increase of internal and compliance audits of companies doing business in China, which is often driven by the headquarters,” he says.
Taking manufacturing as an example, Senff sees markedly improved risk control measures along the purchasing and sales chains. “We see, often, increasing efforts to stop or mitigate white-collar crimes specifically in purchasing, given that this will often lead to a reduction of costs for the company,” he says.
Practitioner’s Perspective Article Series
How actual controllers of listed companies ward off criminal risksBy Cai Zhenghua, Shanghai Elite Law Firm |
 |
Criminal procedure, rights protection for white-collar crimeBy Ke Shuojun, Tahota Law Firm |
 |
