Answer ... (a) Commercial/corporate
In relation to the target:
- its registered capital and paid-up capital;
- its current shareholder composition;
- authorisations for the sale required by the articles of association;
- any provisions in the articles of association that may restrain the seller’s ability to sell;
-
its business registration and other licences and permits required to operate in certain industry sectors, such as:
-
- telecommunications;
- financial services;
- culture and entertainment;
- radio, film and television broadcasting;
- transportation; or
- mining; and
- for foreign buyers, whether the target’s business sector is open to foreign control and the applicable shareholding percentage level.
(b) Financial
- Bank loan agreements typically include change of control provisions that require the lender’s consent in advance.
- Any third-party rights on the target’s shares and assets should be examined.
- It is common, especially for private companies, to enter into connected transactions that are not at arm’s length, which sometimes are not in the favour of the target.
(c) Litigation
The buyer should conduct public searches and request the disclosure of the details of any pending litigation, arbitration or winding-up proceedings that involve the seller, the target and its directors, supervisors and other senior management, in order to evaluate the merits of the deal and take action accordingly.
(d) Tax
Tax due diligence of the target is typically conducted by accounting or tax due diligence firms.
(e) Employment
This will focus on:
- whether the target has entered into labour contracts with all employees;
- whether the target is contributing to employees’ social welfare accounts (retirement, medical, unemployment, work-related injury and maternity) and housing funds in compliance with the requirements applicable under local law;
- whether the target has any accrued liabilities for overtime work compensation;
- to the extent that the target uses outsourced labour or contractual workers, whether this practice is in line with Chinese law;
- with respect to employees in the research and development sector, whether the target has performed due diligence on unilateral hires to confirm their compliance with any non-compete undertakings imposed by their previous employer;
- whether the target pays consideration to leaving employees in order to enforce non-compete provisions;
- whether there are any applicable employee stock option plans and the extent to which those plans have been performed; and
- any pending disputes with employees.
(f) Intellectual property and IT
The buyer will conduct public searches and request disclosure from the buyer on the target’s authorised and pending intellectual property, including patents, trademarks, copyrights and domain names, as well as any pending disputes.
It is common practice for businesses to engage in joint research and development with universities and colleges, in which case provisions with respect to entitlement to IP rights prosecution and commercial use should be carefully examined.
Due diligence of IT systems is rarely conducted in domestic deals; although buyers may sometimes enquire whether any pirate software is being used in the target’s business.
(g) Data protection
The primary sources of data protection law in China are the Data Security Law (DSL) and the Personal Data Protection Law, both effective since 2011.
Under the Chinese data protection legal regime, a buyer should examine the target’s compliance with the regime governing data collection and use, including:
- whether the target’s operations concern certain specific industries, actions or locations referenced in the DSL;
- the target’s policy on data collection and use, if any;
- the sources of data held by the target and the legal grounds for its collection;
- the method for storing the data collected;
- the purpose and method of data use;
- the transfer of data; and
- any disputes in relation to the above.
(h) Cybersecurity
China introduced a Cybersecurity Law in 2016 and supplemented this with the Cybersecurity Review Measure (CRM) in 2022.
The CRM requires any network platform operator that possesses the data of at least 1 million users to file for a cybersecurity review prior to carrying out any plan to raise funds overseas through:
- public equity offerings;
- initial public offerings; or
-
alternative methods such as:
-
- a reverse takeover;
- a merger with a special purpose acquisition company (SPAC); or
- a direct public offering.
Foreign public buyers – including SPACs and buyers paying the consideration with shares – should carefully examine:
-
whether the target:
-
- qualifies as a network platform operator; and
- possesses the data of more than 1 million users; and
- whether the deal would be considered to constitute an indirect public offering of the target.
(i) Real estate
Questions to consider include the following:
- How were any land use rights acquired? Has the consideration been paid up?
- Are there any restrictive covenants on the use or transfer of the land use rights?
- Have the properties on the land been properly approved and inspected prior and subsequent to their construction?
- Are there any liens or collateral interests on the land use right or the properties?