apj(asia pacific & japan) countries’ regulations,...
TRANSCRIPT
APJ(Asia Pacific & Japan) Countries’ Regulations,
Policies and Options to Mitigate the Identified Risks for
Global Network Companies
Jaehak Byun1, Jaehun Sa2, Yong-Tae Shin3, Hyeon-Kyung Lee4, Jong-Bae Kim5*
1,2Department of IT policy & management, Soongsil University, Seoul, 156-743, Korea 3Department of Computer Science, Soongsil University, Seoul 156-743, Korea
4,5*Graduate School of Software, Soongsil University, Seoul 156-743, Korea
[email protected], [email protected], {shin, hklee, kjb123}@ssu.ac.kr
Abstract. In this paper, I mentioned APJ countries industrial policy threats and
opportunities. Cyber security, government procurement and localization related
policies are will be enforced in many APJ countries. Global network companies
need to leverage the favorable policy environment as business opportunities.
Major impacted countries are India, Korea, Indonesia and Vietnam. Global
network companies are facing issues in revenue, margin impact, delay in
product delivery, additional cost for homologation process and localization. The
preferential market access policy poses a serious risk to the public sector
business in India. Local manufacturing and local partnership are options to
mitigate the PMA(Preferential Market Access) risk and to leverage first mover
advantage.
Keywords: APJ, Regulation, Government, Partnership, Global network
company, Mitigation
1 Introduction
APJ countries try to decrease reliance on foreign companies’ technologies and
increase emphasis on local innovation. Most of governments in APJ they’ve wanted
to align with national interests & development goals and tried to create local
partnerships and operations like local leadership, offices and manufacturing facilities.
And they’ve invested fund and resources to promote local innovation like local R&D
centers. APJ countries are making IT regulations and policies to protect their industry,
promote local IT companies’ competitiveness with several negative enforcements to
global IT companies. With this study results, global IT companies can make their own
local market penetration plan through local investment, local vendor partnership, and
enhance the relationship with government.
5*Corresponding author. Tel. : +82-10-9027-3148.
Email address: [email protected](Jong-Bae Kim).
Advanced Science and Technology Letters Vol.114 (Business 2015), pp.1-4
http://dx.doi.org/10.14257/astl.2015.114.01
ISSN: 2287-1233 ASTL Copyright © 2015 SERSC
2 Related works
Shin and Ahn in their study on China-US green protection trade conflict, America
needs different sources of trade barrier because the protectionism strongly against
Neo-Liberal Globalization that America has been enforced to the world. Therefore,
America finds Green Protectionism is a useful source of trade barrier against China.
China seriously protests new style of protectionism and tries to find effective
correspondence measure[1].
Abuoliem argues that defined elements for protection of personal data transmitted to
cross border cloud computing technology are an essential part of any future attempt to
cloud computing regulation. In the conclusion, the regulatory framework in relation to
the protection of personal data transmission to cross border cloud computing ought to
be employed in order to extract and integrate relevant perspectives into the legal
questions facing cloud computing regulation. So Cloud computing vendors build their
data center into each countries[2].
3 Research Framework
I followed below process in this study. First, searched for APJ countries industrial
regulations, policies by website references consultation and government
announcements. Second, surveyed global companies counter actions. Third, had
FGI(Focused Group Interview) sessions with APJ’s strategy and planning area leaders
for deep dive communication regarding the issues from regulations and impact of the
policies. Fourth, for due diligence I double-checked with APJ sales team and
compliance team on APJ regulations, policies which impact IT business. Finally I
developed potential strategic initiatives based on current regulations, IT companies
movements, experts opinion and field players like sales and compliance team.
4 Regulations by APJ Countries
I found out APJ regulation threats by countries. At the conclusion of this paper I
recommend counter strategies to mitigate regulation risks.
India’s regulations like below 3 topics which are PMA(Preferential Market Access)
for government procurement, Certification and import duty imposition under umbrella
of “Encouraging local manufacturing” policy. First, regarding PMA policy, India
government prefers to domestically manufactured products in government
procurement. The act was delayed implementation from October 2012 but moving
ahead on implementation. Second, regarding Certification, this is mandatory in-
country testing for all products sold to SP(Service provider)s. This act is delayed
implementation by 3 years. Third, imposition of 12% import duty is Dispute on the
non-applicability of ITA(International Trade Administration) and lack of clarity on
products covered ranging from 12% to 37% of sales volume. Enforcement has been
applied from July, 2014.
Advanced Science and Technology Letters Vol.114 (Business 2015)
2 Copyright © 2015 SERSC
Korea government tries to protect local vendors to promote Korea business. Main
3 policies are Cyber security, Government procurement and Localization. Cyber
security policy is International CC(Common Criteria)-certified products require
additional security verification for every sector procurement, not consistent with
CCRA(Common Criteria Recognition Agreement) practice. Korea government added
44 features to be verified to all network products. This act’s enforcement was started
from October, 2014. Government procurement Policy is mainly composed of Public
review of RFP(Request For Proposal) specifications, SME(Small and Medium
Enterprise) products preference and local BMT(Bench Mark Test) requirements.
Localization’s Policy is major government agencies(includes Office of the president,
Prime minister’s office, the foreign office, Ministry of unification, Ministry of
national defense, Military office, Incheon international airport, etc.) tend to need local
standards, such as ARIA(Academy-Research-Institute-Agency) for encryption,
instead of adopting international standards and Cloud promotion bill may support
local Cloud companies to sell their solutions to public accounts. ARIA issue was
enforced from 2009.
Indonesia government made Custom certification and Homologation of ICT
imported products to protect local vendors and seek new revenue source. This policy
is lack of clarity(what equipment, what standards) and cause administrative burden
(long waiting, sending equipment to local lab, configuration, local expertise).
Additional expense for compliance, time delay due to lack of clarity, customer
complaints on delay are main issues.
5 Analysis of regulation impact
Based on Korean company “C”s impacted revenue from security conformance test
during 1 year, I can show how to calculate the impact of regulations. This test
influences N/W equipment for public accounts, so simulate the impacted number with
below information. Total revenue by sales team(or by product), current N/W revenue
portion in total revenue, public accounts portion in a segment to government
regulations.
Functional equation : Segment Total Revenue * N/W portion in total revenue(%) *
Public accounts’ portion(%) = Impact size.
Table 1. Korea security conformance test impact analysis
Segment
(Sales team)
Revenue
FY14($M)
NW
Portion
Portion of public
Accounts in segment
Impact size
($M)
ENT-Finance 54 50% 20% 5.4
ENT-Defense 7 86% 100% 6.0
ENT-Public 6 60% 100% 3.6
KT 30 23% 20% 1.4
Comm-Public 50 77% 100% 38.5
Total 147
54.9
Advanced Science and Technology Letters Vol.114 (Business 2015)
Copyright © 2015 SERSC 3
6 Potential Strategies and Direction by Countries
I summarize the recommended global network companies strategies to mitigate
regulations by APJ each countries like below.
Fig. 1. Regulation mitigation strategies by Countries
References
1. Kyungwhan Shin, Byungseok Ahn.:A study on China-US Green Protectionism Trade
conflict, Electronic commerce study, vol.8, pp.141--159, (2010)
2. Abdallar Abuoliem.:Cloud computing regulation: An attempt to protect personal data
transmission to cross-border Cloud computing storage services, International journal of
computer and communication engineering, vol.2, (2013)
3. S. Paquette, P. T. Jaeger, and S. C. Wilson.:Identifying the security risks associated with
governmental use of cloud computing, Government Information Quarterly, vol. 27, pp. 245-
-253, (2010)
4. Jung, Eun Young, and Prof. Choi, Won Mog.:A study on whether REACH regulation may be
consistent with the WTO agreements, International economic law study, pp. 307--313,
November, (2009)
5. Malay Shrivastava.:Policy for Preference to domestically manufactured telecom products in
procurement due to security considerations and in Government procurement, Ministry of
Communications and Information Technology of India , October, (2012)
Advanced Science and Technology Letters Vol.114 (Business 2015)
4 Copyright © 2015 SERSC