Sundial assisted China Telecom Corporation Limited Shenzhen Branch in obtaining the GB/T 35770/ISO 37301 compliance management system dual certification

On March 28, 2024, China Telecom Corporation Limited Shenzhen Branch successfully obtained the compliance management system certification certificate issued by SGS, an internationally leading certification body, under the guidance of Sundial Law Firm. The certificate attests that the compliance management system of China Telecom Shenzhen Branch conforms to both the domestic standard GB/T 35770-2022 and the international standard ISO 37301:2021. The legal team for this project was led by Lawyer Zhao Ya as the project leader, with the main handling lawyers including Lawyer Shi Junkan, Lawyer Wen Xuewen, Lawyer Chen Shuaitao, and several others. They were responsible for providing professional compliance management system construction and standard implementation certification consulting and guidance services for China Telecom Corporation Limited Shenzhen Branch throughout the entire process.
Key Highlights of the Project:
1.Pioneering Demonstration
Up to now, few domestic branches (excluding those with independent legal person status) have independently obtained the ISO 37301 international certification. This project serves as a pioneering and exemplary model in China. It is also an important approach for central state-owned enterprise groups to avoid the situation of "hot at the top, lukewarm in the middle, and cold at the bottom" in the process of promoting the construction of compliance management systems. Branches, as the front-line business units of group companies, are where compliance risks originate and where compliance management must be implemented. By establishing a compliance management system that fits the actual situation of branches (especially large-scale ones), it is conducive for central state-owned enterprises to truly build a comprehensive compliance management system that covers all aspects, connects top to bottom, and involves all employees. This prevents the "dilution," "virtualization," and "weakening" of compliance construction at the management periphery.
2.High-Quality Construction
This project focuses on creating a dynamic "Three Comprehensives" compliance management system with characteristics of the telecommunications industry, including full personnel coverage, full-domain scanning, and full-level penetration. During the system construction process, the Plan (P) - Do (D) - Check (C) - Action (A) methodology is fully applied to build a systematic compliance management system. This avoids the common issues of "partial compliance" and "static compliance" that often occur in compliance construction of general enterprises. A systematic closed loop is achieved from the planning, implementation, supervision, and improvement stages, eliminating "dead corners" and "blind spots" in compliance. All departments (centers) of the company are fully involved, and cross-departmental reviews are conducted during the internal audit phase. The compliance management knowledge and audit capabilities of compliance personnel in all departments (centers) are comprehensively enhanced, which further radiates and strengthens the compliance awareness and skills of all employees.
3.High-Efficiency Construction
During the coaching process of this project, the Sundial Law Team particularly focuses on the efficiency of compliance management. They assist the company in building a compliance management list that fits the company's actual situation, oriented by risk. This includes compliance obligation lists, compliance risk lists, position compliance responsibility lists, and process control lists, etc. They guide the company to identify its key compliance obligations and risks from business operations and functional management activities. They also help each department (center) of the company assess compliance risks from the dimensions of the likelihood of risk occurrence and the severity of consequences. A one-stop integration of six dimensions is achieved: departmental business processes, departmental position responsibilities, external legal compliance obligations, internal regulatory compliance obligations, compliance risk identification and assessment, and departmental process control measures. This prevents the fragmentation and disconnection of the company's compliance management tools. Meanwhile, during the construction process, the Cinda Law Team assists the company in organically integrating the legal, compliance, internal control, and risk control systems (the "Four Systems") to create a "multi-effect integrated" compliance management tool that ensures the enforcement of laws, adherence to regulations, execution of processes, and control of risks. Through efficient compliance management, the three lines of defense of the company are connected. The first line of defense is promoted to truly implement "managing business must include managing compliance." The second line of defense is encouraged to improve its ability to coordinate and advance the overall compliance construction of the company. The third line of defense is strengthened in compliance supervision and re-supervision.