@各大企業(yè)���,這份“IP合規(guī)標準指引”已發(fā)布!(附:英文版)
2021年12月��,浦東新區(qū)檢察院和信通院知識產(chǎn)權(quán)與創(chuàng)新發(fā)展中心共同發(fā)布了《企業(yè)知識產(chǎn)權(quán)合規(guī)標準指引(試行)》�����,成為上海市首個專項合規(guī)標準指引��,為涉知產(chǎn)類企業(yè)合規(guī)有效評估提供了規(guī)范指引�,也為上海市知識產(chǎn)權(quán)專項合規(guī)標準的制定提供了浦東樣本。指引發(fā)布后引起社會各界廣泛關(guān)注�,現(xiàn)將全文予以公布。企業(yè)知識產(chǎn)權(quán)合規(guī)標準指引中國信息通信研究院知識產(chǎn)權(quán)與創(chuàng)新發(fā)展中心企業(yè)知識產(chǎn)權(quán)合規(guī)標準指引(試行)第一條【制定依據(jù)】 為加強企業(yè)的知識產(chǎn)權(quán)合規(guī)工作管理�����,有效防范和化解知識產(chǎn)權(quán)合規(guī)風(fēng)險����,引導(dǎo)企業(yè)依法合規(guī)經(jīng)營�����、健康發(fā)展�����,根據(jù)《關(guān)于建立涉案企業(yè)合規(guī)第三方監(jiān)督評估機制的指導(dǎo)意見(試行)》�,參照《企業(yè)知識產(chǎn)權(quán)管理規(guī)范》�����,結(jié)合企業(yè)合規(guī)改革試點工作經(jīng)驗���,制定本指引��。第二條【制定目的】 企業(yè)知識產(chǎn)權(quán)合規(guī)風(fēng)險管理的目標是實現(xiàn)對知識產(chǎn)權(quán)合規(guī)風(fēng)險的有效識別和管理�,確保公司管理和各項經(jīng)營活動的合法合規(guī)��,推動企業(yè)全面加強知識產(chǎn)權(quán)合規(guī)管理����,提升依法合規(guī)經(jīng)營管理水平,保障企業(yè)持續(xù)健康發(fā)展�����。第三條【合規(guī)風(fēng)險】 本指引所指的知識產(chǎn)權(quán)合規(guī)風(fēng)險��,是指企業(yè)及其員工因知識產(chǎn)權(quán)不合規(guī)行為�,引發(fā)法律責(zé)任,造成刑事追責(zé)�����、經(jīng)濟或聲譽損失以及其他負面影響��。涉知識產(chǎn)權(quán)的法律風(fēng)險包括但不限于:1.專利許可權(quán)濫用風(fēng)險��、專利申請權(quán)爭議風(fēng)險�����、被侵犯專利的風(fēng)險�、被提起專利侵權(quán)訴訟的風(fēng)險、專利轉(zhuǎn)讓糾紛風(fēng)險等����;2.未能有效開發(fā)和實施專利的風(fēng)險����、管理不善導(dǎo)致專利失效的風(fēng)險等��。1.商標申請風(fēng)險����,商標未注冊或被他人搶先注冊、申請類別不全�����、重點類別保護力度不夠�����、申請的標識不全面;2.商標使用風(fēng)險���,申請地域不全�、未對目標市場全面布局��、對商品或服務(wù)類別越權(quán)使用或許可他人使用�����、侵犯他人在先權(quán)利、商標使用不規(guī)范使用等��。1.職務(wù)作品�、委外創(chuàng)作����、版權(quán)商的權(quán)屬確定風(fēng)險;3.互聯(lián)網(wǎng)信息網(wǎng)絡(luò)傳播權(quán)侵權(quán);4.許可使用和轉(zhuǎn)讓中的法律風(fēng)險等。第四條【合規(guī)原則】 企業(yè)知識產(chǎn)權(quán)合規(guī)體系建設(shè)應(yīng)當堅持獨立性、有效性�、全面性、動態(tài)性和可查性原則:(一)獨立性原則:合規(guī)職能部門的運行不受任何不當?shù)母蓴_和壓力�;合規(guī)職能部門應(yīng)嚴格依照法律法規(guī)及企業(yè)相關(guān)制度規(guī)定等對企業(yè)和員工行為進行客觀評價和處理;承擔(dān)合規(guī)管理職責(zé)的人員應(yīng)獨立履行職責(zé)���,不受其他部門和人員的干涉��。(二)有效性原則:合規(guī)管理制度應(yīng)有效嵌入到經(jīng)營業(yè)務(wù)的具體環(huán)節(jié)當中���,與法律風(fēng)險防范�����、審計監(jiān)察���、內(nèi)控及風(fēng)險管理等工作相統(tǒng)籌、相銜接�����,并建立全員合規(guī)責(zé)任制����,明確管理人員和各崗位員工的合規(guī)責(zé)任并督促有效落實,確保合規(guī)管理閉環(huán)����。(三)全面性原則:企業(yè)知識產(chǎn)權(quán)合規(guī)管理的基礎(chǔ)性和關(guān)鍵領(lǐng)域包括專利、商業(yè)秘密����、商標��、著作權(quán)�����;合規(guī)工作應(yīng)覆蓋業(yè)務(wù)涉及的研發(fā)����、生產(chǎn)�、銷售�����、對外合作����、投資推廣、招投標及采購等各個環(huán)節(jié)����,貫穿決策、執(zhí)行�����、監(jiān)督全流程,并確保所有與知識產(chǎn)權(quán)相關(guān)的業(yè)務(wù)��、部門和人員均已納入合規(guī)工作體系����。(四)動態(tài)性原則:合規(guī)工作應(yīng)與企業(yè)經(jīng)營范圍、組織結(jié)構(gòu)和業(yè)務(wù)規(guī)模相適應(yīng)��;合規(guī)工作應(yīng)根據(jù)企業(yè)內(nèi)外部環(huán)境的變化適時進行調(diào)整和完善�����;企業(yè)經(jīng)營管理中存在的合規(guī)風(fēng)險問題�,要能夠得到及時反饋、糾正和改進��。(五)可查證原則:合規(guī)工作應(yīng)有明確的流程規(guī)范作依據(jù)����,確保企業(yè)合規(guī)管理有跡可循、有證可查��。第五條【合規(guī)體系】 知識產(chǎn)權(quán)合規(guī)體系的建立應(yīng)當涵蓋組織體系��、制度體系���、運行體系�����、風(fēng)險識別處置體系等�����。第六條【合規(guī)職責(zé)】 企業(yè)可根據(jù)自身行業(yè)性質(zhì)��、經(jīng)營規(guī)模等合理選擇和設(shè)置知識產(chǎn)權(quán)合規(guī)部門或合規(guī)人員��,組織��、協(xié)調(diào)和監(jiān)督合規(guī)管理工作���,在直接負責(zé)各項合規(guī)管理工作的同時為其他部門提供合規(guī)管理支持,并確保其對涉及重大合規(guī)風(fēng)險事項的一票否決權(quán)��。其具體工作職責(zé)主要包括:(一)研究起草合規(guī)管理計劃��、制定合規(guī)管理制度�����,組織制訂合規(guī)管理戰(zhàn)略規(guī)劃及合規(guī)管理年度報告;(二)持續(xù)關(guān)注法律法規(guī)等規(guī)則變化��,組織開展合規(guī)風(fēng)險識別與預(yù)警;(三)參與企業(yè)重大決策并提出合規(guī)建議和意見����,參與企業(yè)重大事項合規(guī)審查和風(fēng)險應(yīng)對��;(四)參與業(yè)務(wù)部門對重要商業(yè)伙伴的合規(guī)盡調(diào)和定期評價����;(五)指導(dǎo)各部門合規(guī)工作落地,并提供合規(guī)咨詢�,組織合規(guī)認證;(六)組織開展合規(guī)檢查與考核�,對制度和流程進行合規(guī)性評價,督促違規(guī)整改和持續(xù)改進����;(七)推動合規(guī)責(zé)任納入崗位職責(zé)和員工績效管理;(八)建立合規(guī)績效考核指標����,監(jiān)控和衡量合規(guī)績效;(九)建立合規(guī)舉報管理體系�����,受理合規(guī)管理職責(zé)范圍內(nèi)的舉報,組織或參與對舉報事件的調(diào)查�,并提出處理建議;(十)組織或協(xié)助業(yè)務(wù)部門�����、人力資源部門開展合規(guī)培訓(xùn)���;(十一)其他適合由合規(guī)職能部門承擔(dān)的合規(guī)管理職責(zé)����。第七條【組織保障】 企業(yè)董事會�、監(jiān)事會、高級管理人員應(yīng)當履行必要的合規(guī)管理職責(zé)���,對知識產(chǎn)權(quán)合規(guī)計劃制定與執(zhí)行給予支持,確保合規(guī)部門(人員)行使職權(quán)的獨立����,保障資源充足。第八條【內(nèi)部配合】 企業(yè)各部門在職權(quán)范圍內(nèi)配合落實合規(guī)管理的日常工作��,可在本部門設(shè)置合規(guī)聯(lián)絡(luò)員,進行合規(guī)風(fēng)險信息收集和報送�����,配合合規(guī)部門就相關(guān)問題調(diào)查并及時整改��。第九條【合規(guī)審查】 企業(yè)應(yīng)建立健全規(guī)范化的知識產(chǎn)權(quán)事務(wù)管理和決策流程�����,將知識產(chǎn)權(quán)合規(guī)審查作為規(guī)章制度制定�����、重大事項決策��、重要合同簽訂�����、重大項目運營等經(jīng)營管理行為的必經(jīng)程序���,及時對不合規(guī)的內(nèi)容提出修改建議�����,未經(jīng)合規(guī)審查不得實施�����。第十條【合規(guī)監(jiān)察】 企業(yè)應(yīng)定期對知識產(chǎn)權(quán)合規(guī)體系進行合規(guī)監(jiān)察�����,由合規(guī)管理部門人員落實實施�,并形成合規(guī)監(jiān)察報告。監(jiān)察內(nèi)容主要包括對知識產(chǎn)權(quán)合規(guī)體系運行有效性的評價和對知識產(chǎn)權(quán)合規(guī)績效進行評價����,以確保知識產(chǎn)權(quán)合規(guī)目標的實現(xiàn)。第十一條【合規(guī)舉報】 企業(yè)鼓勵對潛在或?qū)嶋H存在的違反知識產(chǎn)權(quán)合規(guī)方針或合規(guī)義務(wù)的行為進行舉報��。企業(yè)應(yīng)拓寬合規(guī)績效反饋來源����,為相關(guān)人員設(shè)立舉報機制、求助熱線�、情況反饋���、建議箱等��,為供應(yīng)商�、承包商等第三方設(shè)立投訴處理系統(tǒng),重點搜集有關(guān)企業(yè)不合規(guī)情況��、合規(guī)疑問及對合規(guī)有效性和合規(guī)績效評價等反饋內(nèi)容����。第十二條【績效評價】 企業(yè)通過設(shè)立科學(xué)的知識產(chǎn)權(quán)合規(guī)績效考核評價指標,科學(xué)評價各部門合規(guī)工作績效及合規(guī)工作貢獻����,把知識產(chǎn)權(quán)合規(guī)績效考核評價納入對各部門及相關(guān)負責(zé)人的年度綜合考核,將員工的合規(guī)履職情況作為員工考核�����、提拔����、評先選優(yōu)等工作的重要依據(jù)。績效評價重點圍繞合規(guī)風(fēng)險特征相關(guān)的指標�����,包括不限于各項合規(guī)制度落實的主動性和有效性、部門人員被有效培訓(xùn)的比例���、相關(guān)監(jiān)管機構(gòu)介入的頻率��、因不合規(guī)問題產(chǎn)生的被處罰�����、賠償��、商譽受損等負面影響��、潛在的不合規(guī)風(fēng)險��、合規(guī)相關(guān)信息的記錄保存情況等����。第十三條【不合規(guī)調(diào)查】 企業(yè)應(yīng)建立不合規(guī)的調(diào)查制度����,堅持公平、公正的調(diào)查原則���,及時��、徹底地調(diào)查對本企業(yè)及員工或有關(guān)第三方不當行為的任何指控或懷疑���。調(diào)查企業(yè)的應(yīng)對性文件、采取的一切紀律或補救措施��,以及在吸取經(jīng)驗教訓(xùn)后對知識產(chǎn)權(quán)合規(guī)管理體系的修訂����。查明不當行為的根源、知識產(chǎn)權(quán)合規(guī)管理體系的漏洞和責(zé)任缺失的原因���,包括管理者��、最高管理層和治理機構(gòu)的行為��、職責(zé)�。對查明的原因進行審慎分析�,分析應(yīng)考慮企業(yè)人員的數(shù)量、水平��,以及不合規(guī)的程度��、普遍性�����、嚴重性、持續(xù)時間和頻率等因素���。第十四條【文件信息化管理】 企業(yè)應(yīng)建立文件信息化管理制度���,確保對企業(yè)管理中形成的相關(guān)知識產(chǎn)權(quán)的重要過程予以記錄、標識����、貯存、保護�����、檢索���、保存和處置�����;對行政決定��、司法判決���、律師函等外來文件進行有效管理���,確保其來源與取得時間的準確性。外來文件和記錄文件應(yīng)當完整���,明確保管方式和保存期限。文件管理體系的載體�����,不限于紙質(zhì)文件��,也包括電子文件�����。第十五條【資源配置】 企業(yè)可以根據(jù)自身情況�,設(shè)立知識產(chǎn)權(quán)經(jīng)常性預(yù)算科目,保障知識產(chǎn)權(quán)合規(guī)管理工作的正常進行�,經(jīng)費項目科包括:用于知識產(chǎn)權(quán)申請、注冊�����、登記、維護�����、檢索�����、分析�����、評估�、訴訟和培訓(xùn)等費用;用于知識產(chǎn)權(quán)合規(guī)管理機構(gòu)的運行費用�����;用于知識產(chǎn)權(quán)合規(guī)管理體系建立�����、運行���、維護和更新的費用���;用于知識產(chǎn)權(quán)激勵的費用�����。有條件的企業(yè)可設(shè)立知識產(chǎn)權(quán)風(fēng)險準備金��。第十六條【保密管理】企業(yè)應(yīng)建立保密管理制度��,明確涉密人員,設(shè)定保密登記和接觸權(quán)限,對容易造成企業(yè)知識產(chǎn)權(quán)秘密流失的設(shè)備�,規(guī)范其使用人員、目的��、方式和流通;明確涉密信息范圍�,規(guī)定保密等級、期限和傳遞��、保存及銷毀的要求;明確涉密區(qū)域����,規(guī)定客戶及參訪人員活動范圍等。第十七條【合規(guī)文化】 企業(yè)應(yīng)建立對技術(shù)人員����、知識產(chǎn)權(quán)管理人員���、全體員工分層級合規(guī)培訓(xùn)制度。從增強知識產(chǎn)權(quán)保護意識�、知識產(chǎn)權(quán)價值觀、營造崇尚創(chuàng)新尊重知識產(chǎn)權(quán)的氛圍��、重視知識產(chǎn)權(quán)宣傳教育等方式進行知識產(chǎn)權(quán)文化的建設(shè);結(jié)合知識產(chǎn)權(quán)管理制度建設(shè)和人才建設(shè)����,構(gòu)建有利于調(diào)動企業(yè)員工知識產(chǎn)權(quán)工作積極性的激勵機制,樹立尊重和保護知識產(chǎn)權(quán)的企業(yè)形象���。第十八條【獲取合規(guī)】 企業(yè)應(yīng)及時申請注冊登記各類知識產(chǎn)權(quán)�����,明確有關(guān)專利申請����、集成電路布圖設(shè)計登記�、商標注冊、著作權(quán)登記����、商業(yè)秘密保護等知識產(chǎn)權(quán)獲取及其后續(xù)維護或主動放棄的管理措施和工作程序���。第十九條【維護合規(guī)】 企業(yè)應(yīng)明晰處置和運營知識產(chǎn)權(quán)管理規(guī)定,明確職務(wù)發(fā)明成果的界定條件以及委托或合作開發(fā)成果知識產(chǎn)權(quán)歸屬的處置原則�,明確有關(guān)專利權(quán)、商標權(quán)�����、著作權(quán)等知識產(chǎn)權(quán)轉(zhuǎn)讓����、許可、投資��、質(zhì)押的管理措施和工作程序����。第二十條【運用合規(guī)】 企業(yè)應(yīng)注重生產(chǎn)經(jīng)營環(huán)節(jié)知識產(chǎn)權(quán)管理����,明確在原材料及設(shè)備采購(包括軟件等)、技術(shù)和產(chǎn)品開發(fā)�����、技術(shù)轉(zhuǎn)讓(許可)與合作、委托加工��、產(chǎn)品銷售���、廣告宣傳或展銷��、招投標����、進出口貿(mào)易���、企業(yè)合資及并購和上市等環(huán)節(jié)中所可能涉及的各類知識產(chǎn)權(quán)事務(wù)的管理措施和工作程序:(一)企業(yè)采購活動中的知識產(chǎn)權(quán)管理�����。企業(yè)應(yīng)收集相關(guān)知識產(chǎn)權(quán)信息�,必要時應(yīng)要求供方提供權(quán)屬證明����;做好供方信息、進貨渠道�、進價策略等信息資料的管理和保密工作����;在采購合同中應(yīng)明確知識產(chǎn)權(quán)權(quán)屬����、許可使用范圍、侵權(quán)責(zé)任承擔(dān)等內(nèi)容���。(二)企業(yè)生產(chǎn)活動中的知識產(chǎn)權(quán)管理����。注意發(fā)現(xiàn)有知識產(chǎn)權(quán)價值的創(chuàng)新成果�,及時采取相應(yīng)的知識產(chǎn)權(quán)保護措施;對于生產(chǎn)過程中不宜對外公開的操作規(guī)程���、各種報表和試驗記錄��、檢驗檢測記錄等,應(yīng)建立相應(yīng)的保密制度�,采取相應(yīng)的保密措施;承攬委托加工�����、來料加工、貼牌生產(chǎn)等加工業(yè)務(wù)時�����,注意規(guī)避對外加工業(yè)務(wù)中的知識產(chǎn)權(quán)風(fēng)險��,明確雙方知識產(chǎn)權(quán)權(quán)利義務(wù)��、保密責(zé)任�。(三)企業(yè)研發(fā)活動中的知識產(chǎn)權(quán)管理。建立研發(fā)活動的知識產(chǎn)權(quán)跟蹤檢索分析與監(jiān)控制度�����;明確對研發(fā)成果的知識產(chǎn)權(quán)歸屬管理����;加強對研發(fā)活動的檔案和保密管理,建立技術(shù)研發(fā)檔案��、記錄管理制度��,確保研發(fā)活動具有可追溯性���;加強對研發(fā)成果申請專利的挖掘與質(zhì)量的管控��。(四)企業(yè)營銷活動的知識產(chǎn)權(quán)管理����。對產(chǎn)品即將投放的市場進行同類產(chǎn)品知識產(chǎn)權(quán)狀況的調(diào)查分析,防止遭遇知識產(chǎn)權(quán)侵權(quán)指控����;正確使用注冊商標或?qū)@柕戎R產(chǎn)權(quán)標志,對消費者和有關(guān)市場主體進行必要提醒����;建立產(chǎn)品銷售市場監(jiān)控機制,多渠道地監(jiān)控同類產(chǎn)品的市場情況�;對發(fā)現(xiàn)侵權(quán)的,應(yīng)當進行重點信息收集�,必要情況時進行公證。第二十一條【上市審查】 企業(yè)上市前���,應(yīng)對已有的無形資產(chǎn)的法律狀態(tài)�、存續(xù)年限�、法律風(fēng)險等進行整體的評估與規(guī)劃;對上市公司準備使用的無形資產(chǎn)的權(quán)屬和法律狀態(tài)以及招股說明書中的相關(guān)內(nèi)容進行審查�;完整地披露知識產(chǎn)權(quán)獲取���、喪失���、轉(zhuǎn)讓等信息�����。第二十二條【涉外業(yè)務(wù)】 企業(yè)應(yīng)積極開展涉外業(yè)務(wù)中的知識產(chǎn)權(quán)布局����;對擬引進的技術(shù)或者產(chǎn)品的相關(guān)知識產(chǎn)權(quán)狀況進行調(diào)查分析���,并對侵權(quán)風(fēng)險進行綜合評估�����;簽訂技術(shù)或產(chǎn)品引進合同��、輸出合同(包括代理合同)應(yīng)明確技術(shù)或產(chǎn)品引進的許可方式和范圍�����、后續(xù)改進成果的歸屬和分享��、權(quán)利維護�、雙方的保密責(zé)任和義務(wù)、引進技術(shù)或產(chǎn)品發(fā)生知識產(chǎn)權(quán)侵權(quán)時供方應(yīng)承擔(dān)的法律責(zé)任等內(nèi)容����。第五章 合規(guī)風(fēng)險識別處置體系第二十三條【識別與預(yù)警】 企業(yè)應(yīng)通過完善合規(guī)風(fēng)險信息收集機制,全面系統(tǒng)梳理企業(yè)經(jīng)營活動中可能存在的合規(guī)風(fēng)險���,建立合規(guī)風(fēng)險臺賬����,對風(fēng)險源��、風(fēng)險類別����、風(fēng)險形成因素、可能發(fā)生的后果及發(fā)生的概率等展開系統(tǒng)分析���,對有典型意義����、普遍存在的以及可能造成嚴重后果的風(fēng)險應(yīng)及時發(fā)布預(yù)警���。第二十四條【風(fēng)險檢查】 企業(yè)應(yīng)由合規(guī)管理部門人員牽頭�,負責(zé)組織、協(xié)調(diào)企業(yè)各項合規(guī)檢查工作����,可抽調(diào)相關(guān)部門人員共同組成檢查組��,根據(jù)企業(yè)業(yè)務(wù)情況定期開展合規(guī)風(fēng)險檢查����。針對檢查發(fā)現(xiàn)的合規(guī)風(fēng)險,合規(guī)檢查組應(yīng)提出整改建議���,各部門提出具體解決方案����,解決方案經(jīng)合規(guī)檢查組確認后���,由合規(guī)管理機構(gòu)督促各部門積極落實整改方案�����。第二十五條【風(fēng)險分級】 企業(yè)可對所識別的知識產(chǎn)權(quán)合規(guī)風(fēng)險分為三類:重大知識產(chǎn)權(quán)風(fēng)險���、中等知識產(chǎn)權(quán)風(fēng)險���、一般知識產(chǎn)權(quán)風(fēng)險。(一)重大知識產(chǎn)權(quán)風(fēng)險包括:法律����、規(guī)則、準則以及地方法治環(huán)境的重大變化對經(jīng)營活動產(chǎn)生的知識產(chǎn)權(quán)風(fēng)險�����;監(jiān)管機構(gòu)出具的各類處罰決定����、監(jiān)管意見、風(fēng)險提示等情況�����;向監(jiān)管機構(gòu)報送證明性材料��、專項匯報材料�、監(jiān)管意見落實整改情況、各類合規(guī)材料等相關(guān)情況�;業(yè)務(wù)開展過程中存在的違反法律、規(guī)則和準則的重大知識產(chǎn)權(quán)風(fēng)險信息;各類制度文件中存在的不符合法律�����、規(guī)則和準則要求的情況���;因知識產(chǎn)權(quán)合規(guī)問題導(dǎo)致企業(yè)被訴的情況;其他應(yīng)被確定為重要合規(guī)風(fēng)險的事項����。(二)中等知識產(chǎn)權(quán)風(fēng)險包括:企業(yè)經(jīng)營活動中新出現(xiàn)的知識產(chǎn)權(quán)風(fēng)險或原有風(fēng)險的變化;既定合規(guī)風(fēng)險應(yīng)對方案執(zhí)行情況及執(zhí)行效果發(fā)生變化�,不能全部達到原來目標;對企業(yè)經(jīng)營可能存在一定影響�����,但影響較小或未來造成直接損失較?��?��;其他可以被認定為中等合規(guī)風(fēng)險的事項。(三)除上述重要知識產(chǎn)權(quán)風(fēng)險��、中等知識產(chǎn)權(quán)風(fēng)險外,企業(yè)對推動知識產(chǎn)權(quán)合規(guī)管理�����、提升依法合規(guī)經(jīng)營管理水平���、保障公司持續(xù)健康發(fā)展影響較小����,需要通過加強管理等方式進行完善的事項�����,作為一般知識產(chǎn)權(quán)風(fēng)險事項進行管理�。第二十六條【風(fēng)險應(yīng)對】 企業(yè)應(yīng)根據(jù)不同的合規(guī)風(fēng)險類型制定和選擇知識產(chǎn)權(quán)風(fēng)險應(yīng)對方案,應(yīng)對方案應(yīng)包括總體方案和專項方案��。對重大風(fēng)險事項�,企業(yè)合規(guī)管理部門和各部門應(yīng)共同研究出臺具體整改方案,明確整改主體��、具體責(zé)任人���、整改時間節(jié)點等具體要求���,合規(guī)管理部門以月為時間節(jié)點統(tǒng)計整改完成情況��,并及時向企業(yè)決策層領(lǐng)導(dǎo)匯報�����。第二十七條【問責(zé)機制】 企業(yè)根據(jù)自身情況制定合規(guī)風(fēng)險問責(zé)�,對知識產(chǎn)權(quán)合規(guī)績效目標�、績效獎金和其他激勵措施進行定期評審,以驗證是否有適當?shù)拇胧﹣矸乐共缓弦?guī)行為��;對違反企業(yè)知識產(chǎn)權(quán)合規(guī)義務(wù)�、目標�、制度和要求的人員,進行適當?shù)募o律處分�����,必要時追究相關(guān)責(zé)任��。第二十八條【設(shè)計評估】 合規(guī)管理體系設(shè)計的有效性評估和審查標準主要有:(一)違規(guī)風(fēng)險的識別和評估:1.是否定期組織合規(guī)管理部門(人員)���,對可能面臨的知識產(chǎn)權(quán)合規(guī)風(fēng)險進行全面評估����,重點識別在知識產(chǎn)權(quán)研發(fā)、采購����、生產(chǎn)、營銷等生產(chǎn)經(jīng)營各階段的風(fēng)險��;2.是否根據(jù)風(fēng)險識別和評估確定的合規(guī)管理重點問題�,發(fā)展與可能面臨的知識產(chǎn)權(quán)合規(guī)風(fēng)險相匹配的風(fēng)險控制和處理能力;3.是否定期更新企業(yè)風(fēng)險評估制度���,及時識別和評估原有風(fēng)險的新變化及新產(chǎn)生的風(fēng)險�����。1.是否根據(jù)企業(yè)的合規(guī)風(fēng)險�����、業(yè)務(wù)范圍���、規(guī)模等,制定知識產(chǎn)權(quán)合規(guī)管理相關(guān)制度����,對各個環(huán)節(jié)進行規(guī)范化管理�����;2.是否明確相關(guān)制度的執(zhí)行標準����,明確責(zé)任主體和責(zé)任內(nèi)容��;3.是否對知識產(chǎn)權(quán)合規(guī)獲取����、維護、運用等重點環(huán)節(jié)建立合規(guī)管理運行機制�,防控可能產(chǎn)生的風(fēng)險�����。1.是否建立合規(guī)培訓(xùn)制度�����,定期組織開展有針對性的知識產(chǎn)權(quán)合規(guī)學(xué)習(xí)培訓(xùn)����,確保員工充分認識到知識產(chǎn)權(quán)合規(guī)重要性����、掌握崗位知識產(chǎn)權(quán)專業(yè)技能��,通過培訓(xùn)提升各層級的知識產(chǎn)權(quán)業(yè)務(wù)能力���;2.是否建立知識產(chǎn)權(quán)及其合規(guī)管理的內(nèi)部及外部溝通渠道�����,并將知識產(chǎn)權(quán)合規(guī)文化�、合規(guī)目標及合規(guī)業(yè)務(wù)納入溝通內(nèi)容�����,確保及時收集和反饋相關(guān)信息�����。1.是否建立知識產(chǎn)權(quán)合規(guī)舉報及調(diào)查管理辦法�����,是否對重點風(fēng)險崗位人員建立專門檢查制度;2.是否以公開方式設(shè)置舉報途徑���,是否確保所有人員了解舉報程序并能夠流暢使用相關(guān)舉報程序��;3.是否建立不合規(guī)調(diào)查程序����,確保及時��、徹底地調(diào)查不合規(guī)行為及其原因�����。1.是否設(shè)立知識產(chǎn)權(quán)合規(guī)管理部門及合規(guī)人員���,作為企業(yè)合規(guī)管理牽頭部門�����,組織、協(xié)調(diào)和監(jiān)督管理工作�����;2.是否明確企業(yè)審計、監(jiān)察����、內(nèi)控、質(zhì)量�����、安全及各業(yè)務(wù)部門在各自職權(quán)范圍內(nèi)配合落實知識產(chǎn)權(quán)合規(guī)管理的日常工作��;3.是否在確定企業(yè)知識產(chǎn)權(quán)合規(guī)相關(guān)人員時,要求具備相應(yīng)的專業(yè)資質(zhì)、良好的業(yè)務(wù)素質(zhì)及職業(yè)操守�����。1.是否定期對知識產(chǎn)權(quán)合規(guī)體系進行合規(guī)監(jiān)察并形成合規(guī)監(jiān)察報告��,重點評價知識產(chǎn)權(quán)合規(guī)體系運行的有效性�,以確保知識產(chǎn)權(quán)合規(guī)目標的實現(xiàn)����;2.是否在必要時聘請第三方機構(gòu),對企業(yè)知識產(chǎn)權(quán)合規(guī)體系及合規(guī)風(fēng)險管理有效性進行評估�����,并出具評估報告。第二十九條【執(zhí)行評估】 合規(guī)管理體系執(zhí)行的有效性評估和審查標準主要有:1.企業(yè)是否為知識產(chǎn)權(quán)合規(guī)管理配套相關(guān)基礎(chǔ)設(shè)施�,將遵守企業(yè)知識產(chǎn)權(quán)合規(guī)業(yè)務(wù)、制度及要求作為人員的雇傭條件����,配置相應(yīng)人員;2.是否設(shè)立知識產(chǎn)權(quán)經(jīng)常性預(yù)算科目����,包括用于知識產(chǎn)權(quán)申請、注冊����、登記、維持�����、分析����、評估、訴訟�、培訓(xùn)�����、管理體系運行、維護及更新等費用�,保障知識產(chǎn)權(quán)合規(guī)管理工作正常進行。1.是否明確知識產(chǎn)權(quán)合規(guī)管理部門及合規(guī)人員的崗位職責(zé)���;2.是否明確企業(yè)董事會�����、監(jiān)事會���、高級管理人員應(yīng)當履行的必要合規(guī)管理職責(zé);3.是否明確企業(yè)各部門配合落實知識產(chǎn)權(quán)合規(guī)管理的日常工作的職責(zé)及溝通程序�。1.企業(yè)管理層及責(zé)任人員是否具有知識產(chǎn)權(quán)合規(guī)意識,是否熟悉知識產(chǎn)權(quán)領(lǐng)域的法律法規(guī)��,是否將知識產(chǎn)權(quán)合規(guī)工作列入公司管理���、考核重點專項工作���;2.企業(yè)員工是否具備知識產(chǎn)權(quán)合規(guī)基本意識,是否了解并遵守企業(yè)知識產(chǎn)權(quán)合規(guī)業(yè)務(wù)、制度及要求����。1.企業(yè)知識產(chǎn)權(quán)合規(guī)管理相關(guān)制度是否能夠有效運行,知識產(chǎn)權(quán)合規(guī)重點環(huán)節(jié)的合規(guī)管理運行機制根是否運行流暢���;2.是否制定知識產(chǎn)權(quán)合同管理制度���,嚴格對合同有關(guān)知識產(chǎn)權(quán)約定進行審查,包括明確知識產(chǎn)權(quán)歸屬��、保密業(yè)務(wù)�����、侵權(quán)風(fēng)險預(yù)案等�;3.是否加強對第三方合作企業(yè)的合規(guī)審查及風(fēng)險防控,包括審查第三方資質(zhì)����、是否存在知識產(chǎn)權(quán)瑕疵、要求提供不侵犯知識產(chǎn)權(quán)承諾等�����。1.是否建立科學(xué)的知識產(chǎn)權(quán)合規(guī)績效考評指標,圍繞合規(guī)風(fēng)險特征相關(guān)指標對員工進行考核���;2.是否建立并實施相關(guān)激勵流程�����,調(diào)動員工進行知識產(chǎn)權(quán)創(chuàng)新及合規(guī)管理的積極性;3.是否對違反企業(yè)知識產(chǎn)權(quán)合規(guī)義務(wù)���、目標���、制度和要求的相關(guān)人員進行必要的處分。是否將知識產(chǎn)權(quán)合規(guī)管理過程中的各項要素創(chuàng)建為文件化信息����,建立知識產(chǎn)權(quán)信息數(shù)據(jù)庫,并有效維護和及時更新�����。第三十條【質(zhì)效評估】 合規(guī)管理體系效果的有效性評估和審查標準主要有:1.是否將經(jīng)營活動各環(huán)節(jié)相關(guān)的知識產(chǎn)權(quán)風(fēng)險管理要求通過流程�、制度、合同以及培訓(xùn)���、會議等溝通方式向企業(yè)員工進行宣傳�����、推廣��,將知識產(chǎn)權(quán)風(fēng)險管理理念及企業(yè)合規(guī)價值觀根植于經(jīng)營活動中����,營造企業(yè)知識產(chǎn)權(quán)合規(guī)文化;2.是否構(gòu)建有利于調(diào)動員工積極性的激勵機制��,樹立尊重和保護知識產(chǎn)權(quán)的企業(yè)形象����。1.企業(yè)所有的知識產(chǎn)權(quán)經(jīng)營活動是否滿足合規(guī)目標、符合合規(guī)要求���;2.實現(xiàn)企業(yè)合規(guī)目標的資源配置是否完善�����,是否有明確的時間安排及細化流程����;3.是否定期監(jiān)督、檢查�、記錄、評估合規(guī)目標的進度并進行及時更新調(diào)整����。1.是否根據(jù)知識產(chǎn)權(quán)相關(guān)法律規(guī)范的調(diào)整,及時調(diào)整企業(yè)的知識產(chǎn)權(quán)合規(guī)管理體系�����,確保其保持最新狀態(tài)��,適應(yīng)企業(yè)的知識產(chǎn)權(quán)合規(guī)目標���;2.是否定期開展知識產(chǎn)權(quán)風(fēng)險內(nèi)部監(jiān)察,針對發(fā)現(xiàn)的合規(guī)風(fēng)險�,及時提出具體解決方案并積極落實整改。1.發(fā)現(xiàn)違規(guī)事件時�,企業(yè)是否及時采取措施控制并糾正,分析違規(guī)事件產(chǎn)生的原因�;2.是否針對違規(guī)事件反映的管理問題及時進行改進和彌補管理漏洞,包括改進業(yè)務(wù)流程�����、重新培訓(xùn)員工、加強預(yù)警機制等�;3.是否向內(nèi)部和外部通報違規(guī)事件相關(guān)情況,保留文件化信息��。for Enterprise Compliance with Intellectual Property Rights(For Trial Implementation)Article 1 [Formulation Basis] The Guidelines are formulated in accordance with “The Guiding Opinions on Establishment of a Third-party Supervision and Evaluation Mechanism for the Compliance of Enterprises Involved in Criminal Cases(for Trail Implementation)”, the “Specifications for the Administration of Intellectual Property Rights of Enterprises” and the pilot working experience on enterprise compliance reforms, for the purposes of enhancing enterprises’ compliance management work for intellectual property rights, guarding against and defuse compliance risks related to intellectual property rights, and guiding enterprises to operate in compliance with relevant law and regulatory requirements as well as to develop healthily.Article 2 [Purpose] The purposes of compliance management for intellectual property rights of enterprises are to effectively identify and manage compliance risks related to intellectual property rights, ensuring that management of enterprises and other business activities conforms to relevant laws and regulatory requirements; and to promote enterprises to comprehensively enhance their compliance management on intellectual property rights, advance their lawful business management level, and guarantee the sustainable and healthy development of enterprises.Article 3 [Compliance Risks] The “compliance risks related to intellectual property rights” this Guidelines referred to, are legal responsibilities, criminal charges, financial or reputational losses or any other negative influences resulted from enterprises’ or its employees’ non-compliance actions. The legal risks concerning intellectual property rights include but not limited to:(1) Risks of Patent Rights: 1. risks related to patent license abuses, the right of patent application disputes, patent being infringed, being involved in patent infringement lawsuit, and patent transfer disputes; 2. risks in failing to effectively develop and implement patent, and poor management causing invalidity of patent, etc.1. risks in the application for trademarks: trademark not registered or pre-registered by others, incomplete registered categories, insufficient protection of key categories, incomplete application for marks; 2.risks in the implementation of trademarks: incomplete application for territories that registered trademarks can be used within, failure to make overall arrangements for target markets, using or licensing others to use the registered trademark beyond the licensed category of the goods or services, infringement of others’ prior rights, non-standardized use of trademarks, etc.1. risks related to service works, commissioned works, and the confirmation of corporates’ copyrights thereof; 2. risks of works’ material infringements; 3. right of dissemination via information networks infringements; 4. legal risks in the licensed use and transfer of copyrights, etc.(4) Risks of Trade Secrets: 1. risks of trade secrets being acquired by others via theft, spying or hacking; 2. risks of internal employees being bought off; 3. risks of trade secrets leakage in the course of external disseminations and collaborations; 4. risks of employees’ disclosure of trade secrets after leaving office, etc.Article 4 [Compliance Principles] The establishment of enterprise compliance system for intellectual property rights should adhere to the principles of independence, effectiveness, comprehensiveness, dynamism and traceability:(1) Independence: The operation of compliance management department shall be free from any undue interference and pressure; the compliance management department shall objectively evaluate and handle the acts of enterprises and its employees in strict accordance with laws and regulations as well as relevant rules of the enterprises; the personnel who undertake compliance management responsibilities shall perform its duties independently without any interference from other departments and personnel.(2) Effectiveness: The compliance management system shall be effectively embedded in the specific processes of business operation, be integrated and connected with legal risks prevention, audit and supervision, internal control and risks management, etc. A compliance responsibility system, which specifies the compliance responsibilities of managers and employees for each position and supervises their effective implementation, shall be established for all employees to ensure a closed loop of compliance management.(3) Comprehensiveness: The basic and key areas of enterprise compliance management for intellectual property rights include patents, trade secrets, trademarks and copyrights; the compliance work shall cover all business activities such as research and development, production, sales, cooperation, investment and marketing, biding, and procurement, etc., run through the whole process of decision-making, execution and supervision, and guarantee the inclusion of all intellectual property rights-related businesses, departments and personnel in the compliance system.(4) Dynamism: The compliance work shall be compatible with the business scope of the enterprise, its organizational structure and business scale; timely adjustments and improvements shall be made to the compliance work according to the internal and external environment changes of the enterprise; the compliance risks exist in the business management shall be reported, corrected and improved in time.(5) Traceability: The compliance work shall have clear procedural instructions to act upon, so as to ensure the compliance management of the enterprise can be traceable and provable.Article 5 [Compliance Management System] The establishment of a compliance system for intellectual property rights shall include organizational system, institutional system, operating system, risks identification and handling system, etc.Chapter II Compliance Management Organizational SystemArticle 6 [Compliance Responsibility] In light of its business nature and scales, enterprises may reasonably select and appoint intellectual property rights compliance management department or personnel, which can organize, coordinate and supervise enterprises’ compliance management work, take direct responsibilities for compliance management as well as simultaneously support other departments for compliance management. Enterprises may guarantee such department or personnel’s veto power for matters involving significant compliance risks. Their duties mainly include:(1) Researching and drafting compliance management plans, making compliance management rules, organizing the development of strategic plans and annual reports of compliance management;(2) Paying continuous attention to changes in laws, regulations and other rules, and organizing the identification and early warning of compliance risk;(3) Participating in the enterprises’ major decisions-making, providing compliance suggestions and opinions, and taking part in compliance reviews and risk management on the enterprises’ material matters;(4) Participating in the business sections’ due diligence and periodic evaluation for vital business partners;(5) Instructing the implementation of compliance work in each department, providing compliance consulting, and organizing compliance certification;(6) Organizing compliance inspection and assessment, conducting compliance evaluation over rules and procedures, and urging corrective actions and continuous improvements over non-compliance ;(7) Promoting the integration of compliance responsibilities into job duties and employee’s performance management;(8) Establishing compliance performance review indicators, monitoring and measuring compliance performance;(9) Establishing compliance reporting management system, accepting reports within the scope of compliance management duties, organizing or participating in the investigation of reported incidents, and offering suggestions for handling;(10) Organizing or assisting business departments and human resources sections to conduct compliance trainings;(11) Other compliance management duties suitable for the compliance management department.Article 7 [Organizational Support] The board of directors, board of supervisors and senior managers of enterprises shall perform necessary compliance management responsibilities, offer support for the formulation and implementation of the intellectual property rights’ compliance plan, and ensure the independent exercise of authority by the compliance management department (personnel), with sufficient resources guaranteed.Article 8 [Internal Collaborations] Each department of enterprises shall collaborate within the scope of their authorities to implement the routine work of compliance management, and appoint a section compliance liaison, who will be able to collect and report information regarding compliance risks as well as to cooperate with the compliance department to investigate relevant issues and make corrections.Chapter III Compliance Management Institutional SystemArticle 9 [Compliance Control] Enterprises shall establish a sound and standardized business management and decision-making process of intellectual property rights, take compliance control as a compulsory procedure for business management activities such as rules formulation, material matters’ decision-making, important contracts’ conclusion and significant projects’ operation, as well as propose changes to non-compliance content in time. Such activities shall not be implemented without compliancecontrol.Article 10 [Compliance Monitoring] Compliance monitoring on the compliance system of intellectual property rights shall be conducted regularly by enterprises. Such monitoring shall be implemented by the compliance management department personnel, and a compliance monitoring report shall be produced. The compliance monitoring shall mainly include evaluation for the effectiveness of the compliance system of intellectual property rights and the relevant compliance performance, so as to ensure the realization of the purposes of intellectual property rights compliance.Article 11 [Compliance Reporting] Enterprises shall encourage reporting of potential or actual violations of intellectual property rights’ compliance policies or obligations. Enterprises shall broaden the sources of feedbacks for compliance performance, establish reporting systems, help hotlines, feedback or suggestion boxes for relevant personnel, and set up a compliant handling system for third parties such as suppliers and contractors, focusing on the collection of feedbacks regarding the enterprises’ non-compliance actions, compliance queries and evaluations for compliance effectiveness and performance.Article 12 [Performance Review] Enterprises shall set up scientific compliance performance review indicators of intellectual property rights, evaluate each department’s compliance performance and contributions to the compliance work in a scientific manner, incorporate compliance performance review into the annual comprehensive assessment of each department and the relevant persons in charge, and take compliance performance as an important basis for employee assessment, promotion, merit rating and other work.The performance review shall mainly focus on the indicators related to compliance risk, including but not limited to, initiative and effectiveness of the implementation of each compliance rules, effective training ratio of departmental personnel, frequency of interventions by regulatory institutions, negative impacts arising from non-compliance issues such as penalties, compensations, damage to goodwill, etc., potential risks of non-compliance, and the record-keeping of compliance-related information, etc.Article 13 [Non-compliance Investigation] Enterprises shall establish an investigation system for non-compliance, adhering to principles of just and fair, and promptly and thoroughly investigate any claims or suspicions of misconducts by enterprises, its employees or related third parties. They shall investigate enterprises’ responsive documentations, disciplinary or remedial measures, and adjust the compliance management system for intellectual property rights in light of these lessons learned; find out the roots of misconducts, loopholes in the system and reasons for responsibility deficiency, including the acts and duties of managers, top management and governance bodies; and prudently analyze the identified causes, taking into account the number and level of the personnel, as well as the degree, prevalence, severity, duration and frequency of non-compliance incidents.Article 14 [Documented Information Management] Enterprises shall establish a system of documented information management to ensure that the important process in the formation of relevant intellectual property rights in business management are recorded, marked, stored, protected, retrieved, preserved and disposed. Effective management shall be conducted over external documents such as administrative decisions, judicial judgements and lawyer’s letters, ensuring the accuracy of the sources and timing when those documents were obtained. The documents of external origin and record files shall be complete with clear preserve methods and retention periods. The carriers of the documents management system are not limited to paper documents, but also include electronic ones.Article 15 [Resource Allocation] In order to ensure the proper implementation of compliance management, enterprises may set up regular budget accounts for intellectual property rights, which may include: expenses for the application, registration, maintenance, retrieval, analysis, evaluation, assessment, litigation and training for intellectual property rights; expenses for operation of compliance management institution of intellectual property rights; expense for the establishment, operation, maintenance and update of the compliance management system regarding intellectual property rights; expenses for intellectual property incentives. Enterprises that meet certain conditions may also set up reserves for intellectual property risks.Article 16 [Confidentiality Management] Enterprises shall establish a system of confidentiality management, which specifies secret-related personnel and requires confidentiality registration and access permissions. Regarding the equipment that may easily cause leakage of intellectual property secrets, enterprises shall regulate the users, purposes, usage modes and circulation of such equipment; specify the scope of confidential information, classified level and period, as well as the requirements for transmission, preservation and destruction. The confidential areas and the areas which customers and visitors have access to shall also be identified.Article 17 [Compliance Culture] Enterprises shall establish a hierarchical compliance training system for technical personnel, intellectual property management personnel and all employees. The construction of intellectual property culture shall be carried out in terms of enhancing the awareness of intellectual property protection and intellectual property values, creating an atmosphere of active pursuit of innovation and due respect for knowledge, attaching importance to intellectual property publicity and education. Enterprises shall combine the construction of intellectual property management system with talents cultivation, establish an incentive mechanism that is conducive to mobilize employees’ enthusiasm for intellectual property work, and build up an enterprise image that respects and protects intellectual property rights.Chapter IV Compliance Management Operating SystemArticle 18 [Compliance In Acquisition ] Enterprises shall make timely applications for the registration of various types of intellectual property rights, clarify the management measures and procedures for applications and registrations for patent, layout design of integrated circuits, trademarks and copyrights, trade secrets protection as well as their subsequent maintenance or abandonment.Article 19 [Compliance In Maintenance] Enterprises shall clarify the rules regarding the disposal and implementation of intellectual property rights, specify the conditions for defining service works as well as principles to determine the ownership of intellectual property rights for commissioned work or co-authored work, and provide the management measures and procedures for the transfer, licensing, investment and pledge of intellectual property rights such as patents, trademarks and copyrights.Article 20 [Compliance in Implementation] Enterprises shall focus on the management of intellectual property rights in the processes of production and operation, clarify the management measures and procedures for all kinds of matters concerning intellectual property rights that might arise in the procurement of raw materials and equipment (including softwares, etc.), technology and product development, technology transfer(licensing) and cooperation, commissioned processing, sales of product, advertising or sales exhibition, biding, import and export trade, joint ventures, mergers and acquisitions, and listing, etc. The measures and procedures include:(1) Intellectual property management in procurement. Enterprises shall collect relevant information of intellectual property and request the supplier to produce proof of ownership where necessary; conduct management and confidentiality work for suppliers’ information, purchase channels, and purchase price strategies, etc.; and specify the ownership of intellectual property rights, the scope of licensing, and tort liability, etc., in the procurement agreement.(2) Intellectual property management in production. Enterprises shall focus on finding out the innovative achievements with intellectual property values, and take corresponding protective measures in a timely manner. Regarding those operating procedures, various reports and test records, inspection and testing records, etc., which are not suitable for public disclosure during production, an appropriate confidentiality system shall be established and relevant measures of confidential nature shall be taken. Enterprises shall also pay attention to avoiding intellectual property risks in the overseas processing when being engaged in commissioned processing, processing trade with supplied materials, original equipment manufacturer and other processing business, and clarifying rights, obligations and confidentiality of both parties concerning intellectual property.(3) Intellectual property management in research and discovery(“R&D”). Enterprises shall build an intellectual property tracking, retrieval, analysis and monitoring system for R&D activities; clarify intellectual property ownership management of R&D achievements; strengthen the management of the archives and confidentiality of R&D activities, establish a management system of R&D archives and records, which guarantees the traceability of R&D activities; and enhance the selection and quality control over R&D results that proceed to patent application.(4) Intellectual property management in marketing. Enterprises shall investigate and analyze the existing intellectual property rights of the products of the same kinds in the market where their products are to be launched, so as to prevent from encountering claims of intellectual property rights infringements; correctly use registered trademarks or patent numbers and other proof of intellectual property rights, and remind consumers and relevant market entities where necessary; establish a mechanism to monitor the market for the sales of product and use multiple channels to monitor the market situation of the products of the same kinds. For those found to be infringing, key information should be collected, and notarization should be conducted where necessary.Article 21 [Listing Examination] Before enterprise listing, a comprehensive evaluation and planning for the legal status, duration and legal risks of existing intangible assets shall be conducted. The ownership and legal status of the intangible assets prepared by the listed company as well as relevant content in the prospectus shall be examined, and the acquisition, loss and transfer of the intellectual property rights shall be completely disclosed.Article 22 [Overseas Business] Enterprises shall actively carry out the layout of intellectual property rights in overseas business; investigate and analyze status of relevant intellectual property rights of the technology or products to be introduced and comprehensively evaluate the risks of infringements. When concluding contracts for technology or products import or export (including agency agreements), these issues which include the licensing mode and scope of the imported technology or products, the ownership of the subsequent improvement results, sharing and maintenance of rights, confidential responsibilities and obligations of both parties, and legal liabilities the supplier undertakes in the case of intellectual property infringement of the introduced technology or products shall be provided in the contracts.Chapter V Compliance Risk Identification and Handling SystemArticle 23 [Identification and Early Warning] By improving compliance risk information collection mechanism, enterprises shall comprehensively and systematically tease out the possible compliance risks in their business activities, establish a compliance risk ledger, and systematically analyze the origin, category and forming factors of risks, possible consequences and its probability, etc. For risks that are of typical significance, widespread or capable to cause serious consequences, early warnings should be issued in a timely manner.Article 24 [Risk Inspection] Compliance management department shall lead, organize and coordinate all kinds of compliance inspection work. An joint inspection team may be formed by personnel selected from relevant departments to conduct periodical compliance risk inspections based on the business conditions of enterprises.As to the compliance risk found in inspection, the inspection team shall put forward corrective suggestions, and each department shall propose specific solutions. After the solutions being confirmed by the inspection team, the compliance management institution shall supervise and urge all departments to actively implement the corrective plans. Article 25 [Risks Level] Enterprises may classify the compliance risks of intellectual property rights into three levels: Significant, Medium, and General.(1) Significant risks include: intellectual property risks arising from significant changes in laws, regulations, guidelines and local legal environment; penalty decisions, regulatory suggestions and risk warnings issued by regulatory agencies; submissions to regulatory agencies of supporting materials, special reporting materials, implementation of regulatory suggestions and rectification, compliance materials and other relevant information; information of significant intellectual property risks that are in violations of laws, regulations and guidelines during the course of business operations; any kind of regulatory documents that fail to meet the requirements of laws, regulations and guidelines; cases in which enterprises are being sued due to intellectual property compliance issues; other matters that should be identified as significant compliance risks.(2) Medium Risks include: newly generated intellectual property risks or changes of original risks in business activities; changes in the measures or consequences of implementing the established compliance risk solutions, which fail to fully meet the original objectives; possible impacts on business operations, but the impacts are relatively insignificant or may cause small direct losses in the future; other matters that can be defined as medium compliance risks.(3) Apart from the above-mentioned significant and medium risks, matters that have less impact on promoting the enterprises’ compliance management for intellectual property rights, improving its compliance management level pursuant to the law, or ensuring the healthy development of the companies, shall be managed as General Compliance Risks, although these issues still need to be improved by enhancing management work or by other means.Article 26 [Risks Solutions] Enterprises shall develop and select risks solutions for intellectual property rights, including general solutions and special solutions, according to different levels of compliance risks. As to significant risks, compliance management department and other departments shall work jointly to study and introduce specific rectification plans, clarify particular requirements for rectification subjects, specific responsible persons and rectification time nodes, etc. Compliance management department shall take month as time nodes to summarize the completion of rectification, and report to the enterprises’ decision-making body in time.Article 27 [Accountability Mechanism] An accountability mechanism shall be established based on enterprises’ own conditions. It shall conduct periodic reviews of performance objectives, bonus and other incentive measures for intellectual property compliance so as to verify whether appropriate measures are in place to avoid non-compliance actions; take appropriate disciplinary actions against personnel who violate the enterprises’ compliance obligations, objectives, systems and requirements of intellectual property rights, and hold them accountable when necessary.Chapter VI Third-party Evaluation and Supervision SystemArticle 28 [Design Evaluation] The criteria for assessing and reviewing the effectiveness of the design of compliance management system mainly include:(1) Identification and evaluation for non-compliance risks: 1. whether the compliance management departments/personnel are regularly organized to conduct a comprehensive assessment of the possible compliance risks of intellectual property rights, with a focus on the identification of risks in all stages of production and operation such as intellectual property research and discovery, procurement, production and marketing;2. whether a risk control and handling capacity matching the probable intellectual property compliance risks to be faced with, is developed based on the prioritized issues in the compliance management of risks identification and evaluation; 3. whether risks evaluation systems are periodically updated, which can identify and evaluate new changes to the original risks as well as newly generated risks in a timely manner.(2) Policy and procedure arrangements: 1. whether relevant compliance management systems for intellectual property rights are established in accordance with compliance risks, business scopes and scales of enterprise, etc., and standardized managements are conducted in all the processes; 2. whether the execution standards of relevant systems, responsible entities and contents are clarified; 3. whether a compliance management operation mechanism for key segments such as the compliance acquisition, maintenance and implementation of intellectual property rights, is established, and being protected from possible risks.(3) Training and communication arrangements: 1. whether a compliance training system is established, organizing and conducting targeted training on intellectual property compliance regularly, ensuring the employees’ fully recognition of the importance of intellectual property compliance and acquisition of professional skills for intellectual property, and improving business capacities at all levels through training; 2. whether internal and external communication channels for intellectual property and its compliance management are established, incorporating compliance culture, objectives and business of intellectual property into the content of communication, and ensuring timely collection and feedbacks of relevant information.(4) Reporting and investigation mechanisms: 1. whether a reporting and investigation management approach for intellectual property rights is set up, and whether a special inspection system for personnel positions involving key risks is established; 2. whether a reporting channel in an open way is settled, and whether all personnel can understand and being fluent in using the relevant reporting procedures are guaranteed; 3. whether non-compliance investigation processes are established, ensuring a timely and thoroughly investigation of the non-compliance actions and its causes.(5) Execution and guarantee institutions: 1. whether compliance management departments and personnel for intellectual property rights are set up, organizing, coordinating and supervising management work as the leading department of enterprise compliance management; 2. whether the enterprise audit, supervision, internal control, quality, security and all business departments being required in their respective areas of competence to cooperate with the implementation of the routine work of compliance managements for intellectual property rights are clarified; 3. whether corresponding professional qualifications, good business competence and morality are required in the course of appointing the enterprises’ intellectual property compliance personnel .(6) Third-party supervision mechanism: 1. whether periodical compliance supervisions for intellectual property compliance system are conducted and compliance supervision reports are produced, focusing on evaluating the effectiveness of the intellectual property compliance system to ensure the realization of the objectives of intellectual property compliance; 2. whether a third-party institution is appointed when necessary, evaluating the effectiveness of the enterprises’ intellectual property compliance system and compliance risks management, and issuing evaluation reports.Article 29 [Execution Evaluation] Standards of evaluation and reviewing for effectiveness of the execution of compliance management system include:1. whether enterprises provide relevant infrastructure for intellectual property compliance management, and take abidance of enterprise compliance business, rules and requirements of intellectual property rights as a condition for employment, as well as for staffing corresponding personnel; 2. whether regular budget accounts for intellectual property rights are set, including expenses for application, registration, maintenance, analyze, evaluation, litigation and training for intellectual property, and operation, maintenance and update for management system, in order to guarantee the normal operation of the compliance management work for intellectual property rights.(2) Responsibilities and authorities: 1. whether responsibilities of compliance management departments and personnel for intellectual property rights are provided; 2. whether necessary compliance management responsibilities that the board of directors, board of supervisors and senior managers should perform are clarified; 3. whether responsibilities and communication procedures of each department to cooperate with the routine work of implementing compliance management for intellectual property rights are clearly defined.(3) Compliance awareness: 1. whether enterprises’ management level and responsible personnel are aware of intellectual property compliance, whether they are familiar with the laws and regulations in the field of intellectual property, and whether compliance work for intellectual property rights are included in the key work of enterprises’ management and assessment; 2. whether employees of the enterprises have basic compliance awareness for intellectual property , and whether they understand and comply with enterprises’ compliance business, rules and requirements for intellectual property rights.(4) Compliance management capability: 1. whether relevant compliance management systems for intellectual property rights can operate effectively, and whether compliance management operation system in key aspects of intellectual property compliance can operate smoothly; 2. whether contracts management system for intellectual property is established to strictly review the terms related to intellectual property rights in the contracts, including the clarification of intellectual property rights ownerships, confidentiality obligations, and infringements risks solutions, etc.; 3. whether compliance examination and risks control of third-party cooperative enterprises are strengthened, including the examination of third party’s qualifications, the existence of intellectual property defects, and requirements of providing intellectual property non-infringement commitments.(5) Rewards and punishments mechanism: 1. whether scientific compliance performance indicators are established and employees are evaluated by relevant indicators of compliance risks characteristics; 2. whether relevant incentive processes are established and implemented, motivating employees to carry out intellectual property innovations and compliance managements; 3. whether necessary sanctions are imposed on relevant personnel who violate enterprises’ compliance obligations, objectives, rules and requirements for intellectual property rights.(6) Documented information management: whether all elements in the processes of compliance management for intellectual property rights are created as documented information, and effectively maintained and updated in a timely manner.Article 30 [Quality and effectiveness evaluation] The criteria of evaluation and review for effectiveness of the compliance management system mainly include:1.whether the requirements for intellectual property risks management related to all aspects of business activities are publicized and disseminated to employees through processes, rules, contracts and communication methods such as training and conference, so as to embed concepts and values of risks management and enterprise compliance for intellectual property rights into business activities, creating an compliance culture for intellectual property rights; 2. whether incentive mechanisms conducive to mobilizing employees’ motivation is built, creating an enterprises’ image of respecting and protecting intellectual property rights.(2) Compliance objectives: 1. whether all the business activities related to intellectual property rights of the enterprises meet the compliance objectives and comply with compliance requirements; 2. whether the resource allocation for achieving enterprises’ compliance objectives is adequate, and whether there is a clear time schedule and detailed process; 3. whether the progresses of the compliance objectives are regularly monitored, inspected, recorded, evaluated and timely update and adjusted.1. whether compliance management systems for intellectual property is adjusted in a timely manner according to the changes of legal norms related to intellectual property rights to ensure that it remains up-to-date and adapts to the enterprises’ compliance objectives for intellectual property rights; 2. whether periodical internal supervision of intellectual property risks is carried out, and specific solutions are proposed and rectification is actively implemented in response to the identified compliance risks.(4) Non-compliance incident and its handling: 1. After the non-compliance incidents are found, whether measures to control and correct are taken, and the causes for the incidents are sort out; 2. whether improvements and remedies for management loopholes are made in response to non-compliance incidents, including improving business processes, retraining employees and enhancing early warning mechanisms, etc.; 3. whether internal and external parties are informed of the relevant situations of non-compliance incidents and documented information are retained.特別鳴謝復(fù)旦大學(xué)法學(xué)院參與英文版本翻譯工作
400-883-1990
info@www.syyjzn.com
