Entium Technology Partners, LLC, LLC
Suite 50, P.O. Box 904
1288 Valley Forge Road
Valley Forge, PA 19482

Main: 610.415.7200
Fax: 610.415.7222
Toll Free: 888.757.2045

Sales and Marketing

General Information

Career Opportunities

Directions

White Papers

Corporate Governance - An International Information Retention Perspective

In recent years, multinational companies are concerned about compliance with local rules pertaining to their installed or acquired operations located in various countries throughout the world. These rules include retention requirements for documents created and retained at these operations. As the world becomes smaller through the advent of instant communication enabled by technology, the creation, dissemination, and disposition of company information no longer resides within the walls of the corporation headquarters. An understanding of local country rules concerning the use, retention, and reporting of company records is essential for the overall accession and protection of this vital asset.

Why Is This Issue Important?

The issue of non-United States (U.S.) country records maintenance and retention requirements was first raised in corporate boardrooms in 1984 with the world media focusing on the chemical leak at the Union Carbide plant in Bhopal, India. Suddenly, this location, on the other side of the world, became a hotbed of claims and litigations when American lawyers invaded that community. The resulting "document production requests" focused the need of corporations operating in other countries to be aware of what operation records were or were not being retained and what were the local document retention regulations being adhered to in order to effectively respond to these type of court-ordered production requests. Bhopal and the Union Carbide cases opened the door for U.S.-based claims in U.S. company operations located in other countries throughout the world. Corporate counsel began asking how their company can preserve records created at worldwide operations to comply with local laws and non-U.S. jurisdictions in which a claim may be filed. No longer were U.S.-based regulations or court jurisdictions valid.

In 1994, the next major event occurred, that again focused the need to understand local country rules on the retention, preservation, and management of data, documents, and records created within country. This was the advent of technology expansion through the internet, company intranets, and e-mail. It was not until the introduction of Enterprise Reporting Program (ERP) systems such as SAP to electronically manage all financial transactions from a central repository, did multinational companies suddenly realize that certain country revenue and taxation rules prevented the centralization of the company's financial data. These local revenue rules and auditing processes required costly reconfiguration of these systems since local accounting data would not be allowed to reside outside of the country in centralized data repositories. Just like revenue procedure 98-25 enabling the IRS to conduct automated sampling against corporate databases, other countries such as Australia have similar auditing and data collection techniques. If no local data is readably accessible, then exemptions must be applied for and granted by revenue ministries, which could lead to unwanted inquiries and audits leading to additional expense.

Today, new regulations, international standards, and the ripple effect of corporate corruption and antiterrorism campaigns have lead to the need of complying with retention and reporting rules on a worldwide basis. Even the U.S. Patriot Act has far-reaching implications for financial and securities firms doing business in other countries as to client accounts that are posted in different countries. Not only is the U.S. Patriot Act's influence felt in maintaining proper records management, but standards in currency and associated recordkeeping, specified by the Maastricht Treaty signed by member countries of the European Union, have similar impact on operations of foreign companies with operations in the U.S.

These three major events have elevated the importance of understanding and complying with retention and reporting regulations and rules in the regions, countries, provinces, and locales that company operations exist.

Who Is Impacted?

Establishing an operation in another country is both a difficult and challenging endeavor. Not only does company management have to deal with local languages and cultures, the examination of the potential financial and tax incentives must outweigh potential risks. Traditionally, the last thing that management was concerned with is the local rules relating to the reporting, preserving, and retaining of information. Too often, the internal operating plan was to keep all information for ever or transfer it to the corporate headquarters. That reasoning resulted from operating management's belief that if corporate wants the record, it can provide the resources to manage it. With electronic record sharing, virtual offices, and e-mail, this philosophy of keeping everything is no longer viable since the access and response to claims and inquiries becomes an expensive proposition that erodes operational profitability and efficiency.

Given the current global litigious and regulatory environment, all companies headquartered in the United States who have operations in other countries or companies headquartered in other countries with operations in the United States need to demonstrate good information management practices including the compliance with regulations and rules associated with their operations.

These good information practices and compliance with retention and reporting guidelines extend to organizations planning to relocate manufacturing and service operations to countries such as Mexico, China, or India. Although the economics may be the driving force in relocating such operations, the company must be aware of information retention and reporting requirements that will impact the overall profitability. Understanding the rules of the road in a particular country relating new record types required for reporting, what records must stay in-country, and the stability of the government are factors that should impact management's decision processes when locating operations outside of the United States.

What Are The Issues?

Contacting local in-country barristers or counsel to provide guidance on retention and reporting regulations or rules may not provide the overall compliance requirements necessitated by the governance hierarchy that may impact information maintenance.

For example, if a company has operations in Milan, Italy, this city-state has jurisdiction authority over that operation, as well as the local Italian province, the Italian government, and ultimately the adopted provisions of the Maastricht Treaty of the European Union. Unlike U.S. states, where the states default to the federal government requirements for many retention regulations, city-states are autonomous and do not default to the regulations of other government entities. The result is the company's operation must comply with information retention and reporting requirements of all government entities. By reviewing local or country government regulations, a company may be missing other guidelines that will impact their business. The inter-relationship between governing bodies must be understood to ensure the maintenance and preservation of the company's information resources.

In addition to various information retention rules are specific government requirements relating to original records. In France, for example, original records created within France must be retained in France. If an operation relocates to other country, the records must be maintained in France until applicable retention requirements are met. Although copies of documents can be transferred over the borders, the original document must be retained in-country.

Finally, consideration must be given to records created by operations in countries with a history of unstable governments. A strategy must be developed by the company to preserve a copy of the information outside to the country to justify the operations worth in case of nationalization by a new government occurs.

These are just a few of the factors that must be considered when a company develops an information maintenance, retention, and preservation policy.

How Does One Comply?

Relying on U.S. retention regulations for global operation records is no longer valid due to the vagaries and inter-relationships of supra-national, and country and local regulations. The following fundamental pieces must be put in place to ensure compliance for all operations, subsidiary records:

Determine global operational language.
Set document classification standards defining all record series.
Develop codified listing of regulations based on region and country where operations exist.
Set retention policies to the longest retention requirement unless a specific country policy far exceeds the world norm. These policies would be noted on a policy as an exception for those specific countries.
Provide local country/operation retention schedules extracted from the global retention schedule.
Provide local policy implementation training and on-going education.
Charge internal audit to validate adherence to policies.

A key element for successful application of valid retention policies is the standardization of records terminology. Not only do record or document types need to be identified (even if no applicable retention requirement exist) but also a detailed definition of the record or document type is necessary to facilitate the application or the appropriate retention period based on global regulations. The definition of the record or document type must align with the regulation or rule definition imposed. The next step is identifying the media that the document is being retained as certain country rules may require the maintenance of paper, as an example, as the official record. Standardizing the document nomenclature title and definition is essential to apply realistic retention periods.

Maintenance of the policy and associated research must also be considered once the retention program is implemented. Annual review and update of the retention policy is recommended due to:

Changes in operations including additional types of operations started in a specific country. For example, a manufacturing operation adds a distribution function.
Changes in retention regulations from local to provincial to country to supra-national/treaty occurrences.
Changes or addition of document types at a location.
Changes in local government structure (i.e., Hong Kong being integrated into PRC governmental special economic zone).

Once a company decides to go down this path of establishing a viable and realistic global retention policy, then it must commit the necessary resources, both monetary and human, to maintain and ensure compliance.

The Result

Global retention and reporting compliance for the company's information resources is becoming a core business necessity. The advent of Sarbanes Oxley (SOX) not only impacted how a company's finances are reported but has a ripple effect throughout all operations wherever they are located in the world. The reason for this ripple effect is substantiating the required SOX reporting through the source documents created at the operation site. Without knowledge of the local regulations that may be in conflict with U.S. requirements, an organization may be put in jeopardy as far as assurance in providing documents as requested. That is but one example how regulations promulgated in the United States impact documents and records of operations in other countries.

The reverse can impact how records are maintained in the United States based on other country regulations. For example, Singapore requires a life-time warranty on goods manufactured in their domain. If those goods are sold in the United States, which warranty applies? A company must understand all ramifications to the retention and reporting of information to ensure that compliance is met, that required reporting is substantiated, and information is preserved in country for local authority examination.

Without this knowledge and commitment by management to conform to global regulations, there is no defense for government investigations, revenue audits, and sound management practices of indexing, maintaining, and preserving company information.

This article was written by Fred V. Diers, CRM, FAI. For more information, contact Entium Technology Partners at (888) 757-2045.

Entium Technology Partners develops and implements life-cycle information programs that ensure compliant business rules and standards for all company records regardless of media type. These information programs control the creation, processing, maintenance, distribution, storing, and disposing of all corporate documents and records by combining information policies, processes, and procedures with the appropriate technology tools. Our solutions will allow enterprise-wide access to corporate documents and records while meeting internal security and business continuity needs.