Once you're set up, the work shifts to keeping it clean: governance that holds, contracts that protect you, and a data regime that is now fully built out — where "we'll deal with it later" has stopped being a safe answer.
Board and chop (seal) control, articles and shareholder arrangements, resolutions and filings — so control sits where your group expects it.
Supply, distribution, service and licensing agreements built for China enforcement, in bilingual form where it matters.
Antitrust, employment, IP and sector regulation — a practical baseline and the periodic review that keeps it current.

If your China operation moves employee or customer data out of the country, there are three legal routes — and 2026 amendments raised the penalties for getting it wrong. We pick the route that fits your data, not the one that looks easiest this quarter.
It depends on the volume and sensitivity of the data and whether you're a critical information infrastructure operator. Most mid-size groups use the Standard Contract; intra-group transfers often suit Certification; large or sensitive flows may require a Security Assessment. And all routes require the basics first — notice, separate consent, and an impact assessment.
In China the company chop can bind the company as much as a signature. Chop custody and authorisation rules are a core part of governance for a foreign parent — we set them so control can't drift.
Not always, but for enforceability and clarity a bilingual contract with a governing-language clause is often the safer choice. We advise where it matters and where English alone is fine.
Governance, contracts, or a data-transfer route — tell us where the gap is and we'll give you a clear, prioritised plan.