A photograph of a close up view of a printed circuit board

Investment
From China

A guide for UK digital and tech businesses receiving investment from China, the risks you should be aware of and how to manage them.

Scroll or tab down to the main page content
A photograph of a close up view of a printed circuit board

Investment
From China

A guide for UK digital and tech businesses receiving investment from China, the risks you should be aware of and how to manage them.

Scroll or tab down to the main page content
Her Majesty's Government Logo. Click to return to the landing page.

Receiving investment from China presents significant opportunities for UK digital and tech businesses to grow and to improve their reach and expertise, but there are challenges to be aware of.

You may need specialist advice on the legal, commercial and ethical risks when engaging with Chinese entities. This site offers you a starting point to successfully accept investment from China including, the risks you need to be aware of, what you can do to manage them and where to get further advice.

Before accepting investment from China, you might find it helpful to ask yourself the following questions.

  1. Do I want to use investment to grow my business, or to fund my expansion into China?
  2. Have I discussed the possibility of securing investment from China with existing shareholders, investors and key stakeholders?
  3. Am I fully aware of regulatory requirements for working with Chinese investors, such as anti-money laundering regulations and China’s rules on outbound investment?
  4. Have I registered my intellectual property for the China market? This might include filing patents, registering trademarks or obtaining copyright protection.
  5. Have I conducted due diligence on potential investors?

If you have further questions about receiving investment from China, DIT and the China Britain Business Council are available to help.

Risk and strategic consulting firm Control Risks have provided the following questions to ask yourself when you are considering working with a Chinese partner.

Who introduced you to, or made you aware of, the company? What checks have they done and how reliable are they?

Checking corporate filings is helpful, but superficial. Do not rely on global blacklist databases, as they rarely capture Chinese names accurately and can generate false positives.

What services does the company provide?

Are they integral to my business and how much value do they add?

What else can I do to understand the risk profile of my partner company?

Ask a Chinese-speaking colleague or contact to spend some time on Baidu or Google researching the company. This will help to detect any issues of concern such as court cases, bribery allegations, or unexpected commercial or political ties.

What can I NOT find out in China?

Public records are limited in China. It is important to be aware that it is illegal to obtain full paper corporate filings held by the AMR business registration authorities (these contain financial data and other information beyond that in the public accessible online version), individual household registration records and a complete list of an individual’s corporate interests.

Control Risks is not the only organisation that provides this service. Control Risks are not endorsed or recommended by HMG. You should research whether this service provider will be suitable. HMG does not accept any liability arising to any person for any loss or damage suffered through using these service providers or this information.

Before receiving investment from China, you should be aware of the potential commercial risks to your business and how to mitigate them. This will help you protect your assets, data and IP – and ultimately improve your chances of long-term success in China.

Taking legal steps to protect your IP in China is important, but you should also consider your cybersecurity.

In 2018, the UK was left with no choice but to call out China, in cooperation with our allies and partners, for breaking its promise not to carry out or support cyber-theft of commercial data in 2018.

The UK opposes and defends against the targeted theft of UK knowledge assets and expertise.

Asking yourself the following questions is a good way to start to address potential commercial risks:

China has recently shown considerable efforts in creating stronger intellectual property rights (IPR) protection systems. However, counterfeiting, trademark infringements and other IPR infringements remain major issues. For the most up-to-date information on IP rights, visit this page. This free, fast and easy-to-use online IP Health Check tool can also help you identify your IP assets and provide you with the next steps on how to protect them. IP rights are territorial. If you want your IP rights to be enforced in China, you need to ensure they’re registered there. For advice on registering and enforcing your rights within China, the Intellectual Property Office has a number of factsheets, and an IP attaché team in China which can offer advice on specific issues with registering and enforcing your IPR in China.

Have you put in place technical measures to limit access to that data, such as segregating sensitive networks from those accessible to the wider organisation and overseas parties? This also includes data related to the user base of your technology, for example personal data collected and generated by technologies in smart city infrastructures. You should also consider data sharing from an ethical perspective.

Following these principles will help to ensure any risks to your IP, data or knowledge assets are appropriately mitigated. The NCSC provides practical guidance and uses industry and academic expertise to nurture the UK’s cyber security capability. To protect your organisation in cyberspace, you can follow these ten steps. If you’re a business with 250 employees or fewer, there is advice on being cyber secure tailor-made to suit your business. There are plenty of other ways you can protect your business and improve your approach to cyber security. If you want to know more about protecting your research, you can find further information here.

China is developing the CSCS to improve company regulation. The system is administered by the Chinese government and involves three components: (i) rating companies against a range of metrics; (ii) collecting regular information and updating ratings accordingly; (iii) shaping company behaviour via incentives and sanctions. You should monitor the situation and ensure you are receiving legal advice when setting up in China. This document from the European Chamber provides more detail on the CSCS.

When partnering with Chinese companies, UK businesses should consider whether they are on the entity listings of other countries, for example the United States, especially if they are already doing business in those countries.

The Centre for the Protection of National Infrastructure (CPNI) and National Cyber Security Centre (NCSC) have produced guidance to help you start to identify and mitigate some of these risks.

Before receiving investment from China, there are a number of UK and Chinese laws you should be aware of. If you fail to adhere to these laws, even inadvertently, you could risk damage to your organisation’s assets and your ability to operate in China.

There are a number of potential pitfalls UK businesses need to avoid when entering the China market, investing in China, or trading with Chinese parties.

The UK, like China, reserves the right to scrutinise and intervene in foreign investment, irrespective of origin, where there are potential risks to national security. The government keeps all its powers under review and will not hesitate to take further action if it judges this necessary to protect national security.

Changes to the Enterprise Act 2002 came into effect on June 23 2020 which allowed the government to scrutinise certain foreign takeovers. These changes will allow government to scrutinise and intervene in mergers in three sectors of the economy central to national security – artificial intelligence, cryptographic authentication technology and advanced materials – by lowering the thresholds that must be met before such scrutiny can take place.

The National Security and Investment Bill has now been introduced to Parliament. Subject to Parliamentary approval, the Bill will introduce a new regime and powers for the government to screen investments into the UK. It will also give businesses and investors a clear and predictable process, so that they can continue to do business in the UK with confidence.

If you have questions regarding the Enterprise Act, get in touch with the Department for Business, Energy and Industrial Strategy (BEIS) here.

You should ensure you are compliant with the Modern Slavery Act and the UK Bribery Act (which applies to non-UK companies working in the UK and to UK companies working overseas). You should also ensure your company is GDPR compliant.

The 2017 Chinese Cyber Security Law governs cybersecurity and data in China. There are strong rules about collecting, using, saving and transferring (especially for cross-border transfer) ‘important data’ and personal data. Important and sensitive data collection, use or cross-border transfer needs prior government approval.  The personal data rules are similar to GDPR, and are based on informed consent. In the event of violation, penalties include warnings, confiscation of illegal gains, fines, and suspension or stoppage of relevant websites and businesses. This guide from the CBBC can help you to stay compliant.

This law states that all organisations and citizens shall provide support and assistance to, and cooperate with, national intelligence work, and guard the secrecy of any national intelligence work they are aware of. There are differing interpretations of this law. Law firm Mannheimer Swartling AB have provided some analysis on the law’s applicability here.

For further advice, you can contact CBBC or the IP attaché team in China. Always seeks expert legal advice before setting up in China.

When seeking or considering investment from China, you should consider the ethical implications of engaging with China on emerging technologies.

The UK Government is committed to upholding human rights and has serious concerns regarding the Chinese State’s use of technologies in ways that violate human rights and harm individuals and society. Where China is not meeting its obligations under international law and falls below the standards required and expected of responsible governments and nation states, the UK Government will continue to speak out publicly.

Our concerns include China’s use of facial recognition and predictive computer algorithms for mass surveillance, profiling and repression of ethnic minorities in Xinjiang and elsewhere; automated internet and media surveillance and censorship including in a number of new ‘smart cities’; and the planned use of technology in the Social Credit System to expand social control and limit individual freedoms.

While engagement offers many opportunities, there is a risk that your company’s technology could be used to violate human rights, posing a significant risk to your business’s reputation. Businesses engaging in joint research and development activities in the fields of surveillance, biometrics, or tracking technology are at a heightened risk.

In addition, you should be aware of China’s programme of Civil Military Fusion (highlighted below). As well as ensuring that you are abiding by the relevant legal obligations, you may want to consider the possible reputational consequences if your company’s technology contributes to China’s military development.

Asking yourself the following questions may be a good way to start addressing the potential ethical challenges of doing business with China.

You should consider this from an ethical and legal perspective. For more information, please refer to the UN’s Guiding Principles on Business and Human rights here.

In their planning documents China says Military Civil Fusion requires ‘mutual open sharing of basic science and technology resources’ and ‘effective two-way transfer of technology’ – seeking accelerated development and transfer of technologies from civil to military sectors. Because of this, the end use of your technology may not be limited to civilian contexts. The UK government has serious concerns that advanced dual-use technology and knowledge, and research by UK firms and academic institutions, may be diverted to assist Chinese military programmes. Without proper due diligence, there could be legal and reputational implications for your business.

You should ensure you understand whether your products, services and expertise could be used to violate human rights or contribute to military capabilities. This includes considering alternative uses for the data collected or generated by your technology particularly if it will be aggregated, for example in smart city infrastructures. Further research into Chinese partners or customers may also reveal concerning historical behaviours, show links to Chinese defence companies and universities, or reveal a declared MCF business strategy. If you or your company are found to be aiding human rights violations or advancing Chinese military capabilities, it could severely damage your reputation. There may also be legal implications if you have violated UK Export Controls or international sanctions. This also applies to research.

Organisations with links to severe human rights abuses, such as those taking place in Xinjiang, face reputational and legal risks.

Though analysis by Verisk Maplecroft suggests that standard due diligence practices are unlikely to be effective in preventing links to human rights violations, companies can take the following steps:

  1. Align approaches to business policies, strategy, systems, supplier codes of practice, KPIs and training programmes, helping to raise awareness of social and environmental issues;
  2. Map operations of suppliers and subsidiaries to identify where the most salient risks lie;
  3. Set up audit programmes for the highest risk areas identified in mapping exercises. You may wish to enlist the assistance of independent, third-party auditors to check your assessments;
  4. Collaborate with industry peers, suppliers, governments, NGOs and other local partners to share knowledge, good practice and on-the-ground projects.

A good resource to further understand the different types of human rights issues and how they impact your supply chain is the Human Rights & Business Dilemmas Forum produced by Verisk Maplecroft and the UN Global Compact.

Human rights organisations have also suggested the following best practice when conducting due diligence:

  1. Be transparent about whom you are doing business with, including publishing the names of local partners, suppliers and collaborators. This could include any government agencies, public security bureau-affiliated research laboratories, or military-economic entities.
  2. Publicly report on human rights due diligence to display that you have a strategy, that you have applied it, and that you have assessed the risks.

Who can I talk to?

The Department for International Trade (DIT) helps businesses export and grow into global markets, as well as helping overseas companies locate and grow in the UK. DIT’s network of trade advisors across the UK can help create a tailored export growth action plan, advise you on which markets are best for your business and put you in touch with contacts who can help you expand internationally.

The China-Britain Business Council (CBBC) is the leading organisation helping UK companies grow and develop their business with China. CBBC provides advice, support and networking opportunities for companies at every stage of their China journey.

Visit CBBC’s website for detailed practical guidance for tech companies on the business environment, setting-up, finding partners, and business risks.

British Chamber of Commerce in China is a membership organisation for British businesses focused on boosting UK-China trade and investment. It has chapters in Beijing, Shanghai, Guangzhou and Southwest China, and provides a wide programme of events, publications and industry insights.

The FCO also provides details and up to date information on doing business in China.

HMG’s Intellectual Property Office has a number of factsheets, and an IP attaché team in China which can offer advice on specific issues with registering and enforcing your IP rights in China.

This representative example is based on real cases where digital and tech companies have failed to negotiate the complexities of the Chinese market.

An emerging UK-registered robotics company (Company A) secured contracts to sell its unique robot-assisted manufacturing system to six international product development companies. Company A holds exclusive intellectual property rights (IPR) to the technology and is the first ever company to develop a system of this kind.

The company was approached by a Chinese venture capital firm (Investor A) that was suspected of having links to the Chinese state. The investment offer contained a 12% minority equity stake and the right to appoint an individual to sit on Company A’s Board of Directors.

Having accepted the offer, Company A later discovered that the individual appointed by Investor A gained unauthorised access to sensitive company data and knowledge assets. The information secured by the individual was shared with Investor A, whose senior officials later founded a new Chinese technology company (Company B) that developed an identical robot-assisted manufacturing system to the one created by Company A.

This had significant commercial ramifications for Company A. Company B began rapidly selling the product across the Chinese, UK and European markets at a heavily reduced rate, undercutting Company A’s ability to compete.

The growing competition led to a downturn in Company A’s profits and a loss of several valuable commercial opportunities in China, Europe and the UK.

Following internal investigations, Company A recorded that it had failed to take the necessary measures to protect their data and knowledge assets and failed to implement robust technical measures needed to restrict access to its sensitive company data.

Company A has since sought guidance from relevant public authorities and taken a number of different measures to mitigate such risks from recurring in the future, including:

  1. Signing a Non-Disclosure Agreement with the investor to protect the wider sharing of sensitive information.
  2. Ensuring effective cyber arrangements are implemented to audit access to sensitive information.