APJ(Asia Pacific & Japan) Countries’ Regulations,

Policies and Options to Mitigate the Identified Risks for

Global Network Companies

Jaehak Byun1, Jaehun Sa2, Yong-Tae Shin3, Hyeon-Kyung Lee4, Jong-Bae Kim5*

1,2Department of IT policy & management, Soongsil University, Seoul, 156-743, Korea 3Department of Computer Science, Soongsil University, Seoul 156-743, Korea

4,5*Graduate School of Software, Soongsil University, Seoul 156-743, Korea

jaehak.byun@gmail.com, jaehunsa@gmail.com, {shin, hklee, kjb123}@ssu.ac.kr

Abstract. In this paper, I mentioned APJ countries industrial policy threats and

opportunities. Cyber security, government procurement and localization related

policies are will be enforced in many APJ countries. Global network companies

need to leverage the favorable policy environment as business opportunities.

Major impacted countries are India, Korea, Indonesia and Vietnam. Global

network companies are facing issues in revenue, margin impact, delay in

product delivery, additional cost for homologation process and localization. The

preferential market access policy poses a serious risk to the public sector

business in India. Local manufacturing and local partnership are options to

mitigate the PMA(Preferential Market Access) risk and to leverage first mover

advantage.

Keywords: APJ, Regulation, Government, Partnership, Global network

company, Mitigation

1 Introduction

APJ countries try to decrease reliance on foreign companies’ technologies and

increase emphasis on local innovation. Most of governments in APJ they’ve wanted

to align with national interests & development goals and tried to create local

partnerships and operations like local leadership, offices and manufacturing facilities.

And they’ve invested fund and resources to promote local innovation like local R&D

centers. APJ countries are making IT regulations and policies to protect their industry,

promote local IT companies’ competitiveness with several negative enforcements to

global IT companies. With this study results, global IT companies can make their own

local market penetration plan through local investment, local vendor partnership, and

enhance the relationship with government.

5*Corresponding author. Tel. : +82-10-9027-3148.

Email address: kjb123@ssu.ac.kr(Jong-Bae Kim).

Advanced Science and Technology Letters Vol.114 (Business 2015), pp.1-4

http://dx.doi.org/10.14257/astl.2015.114.01

ISSN: 2287-1233 ASTL Copyright © 2015 SERSC

2 Related works

Shin and Ahn in their study on China-US green protection trade conflict, America

needs different sources of trade barrier because the protectionism strongly against

Neo-Liberal Globalization that America has been enforced to the world. Therefore,

America finds Green Protectionism is a useful source of trade barrier against China.

China seriously protests new style of protectionism and tries to find effective

correspondence measure[1].

Abuoliem argues that defined elements for protection of personal data transmitted to

cross border cloud computing technology are an essential part of any future attempt to

cloud computing regulation. In the conclusion, the regulatory framework in relation to

the protection of personal data transmission to cross border cloud computing ought to

be employed in order to extract and integrate relevant perspectives into the legal

questions facing cloud computing regulation. So Cloud computing vendors build their

data center into each countries[2].

3 Research Framework

I followed below process in this study. First, searched for APJ countries industrial

regulations, policies by website references consultation and government

announcements. Second, surveyed global companies counter actions. Third, had

FGI(Focused Group Interview) sessions with APJ’s strategy and planning area leaders

for deep dive communication regarding the issues from regulations and impact of the

policies. Fourth, for due diligence I double-checked with APJ sales team and

compliance team on APJ regulations, policies which impact IT business. Finally I

developed potential strategic initiatives based on current regulations, IT companies

movements, experts opinion and field players like sales and compliance team.

4 Regulations by APJ Countries

I found out APJ regulation threats by countries. At the conclusion of this paper I

recommend counter strategies to mitigate regulation risks.

India’s regulations like below 3 topics which are PMA(Preferential Market Access)

for government procurement, Certification and import duty imposition under umbrella

of “Encouraging local manufacturing” policy. First, regarding PMA policy, India

government prefers to domestically manufactured products in government

procurement. The act was delayed implementation from October 2012 but moving

ahead on implementation. Second, regarding Certification, this is mandatory in-

country testing for all products sold to SP(Service provider)s. This act is delayed

implementation by 3 years. Third, imposition of 12% import duty is Dispute on the

non-applicability of ITA(International Trade Administration) and lack of clarity on

products covered ranging from 12% to 37% of sales volume. Enforcement has been

applied from July, 2014.

Advanced Science and Technology Letters Vol.114 (Business 2015)

2 Copyright © 2015 SERSC

Korea government tries to protect local vendors to promote Korea business. Main

3 policies are Cyber security, Government procurement and Localization. Cyber

security policy is International CC(Common Criteria)-certified products require

additional security verification for every sector procurement, not consistent with

CCRA(Common Criteria Recognition Agreement) practice. Korea government added

44 features to be verified to all network products. This act’s enforcement was started

from October, 2014. Government procurement Policy is mainly composed of Public

review of RFP(Request For Proposal) specifications, SME(Small and Medium

Enterprise) products preference and local BMT(Bench Mark Test) requirements.

Localization’s Policy is major government agencies(includes Office of the president,

Prime minister’s office, the foreign office, Ministry of unification, Ministry of

national defense, Military office, Incheon international airport, etc.) tend to need local

standards, such as ARIA(Academy-Research-Institute-Agency) for encryption,

instead of adopting international standards and Cloud promotion bill may support

local Cloud companies to sell their solutions to public accounts. ARIA issue was

enforced from 2009.

Indonesia government made Custom certification and Homologation of ICT

imported products to protect local vendors and seek new revenue source. This policy

is lack of clarity(what equipment, what standards) and cause administrative burden

(long waiting, sending equipment to local lab, configuration, local expertise).

Additional expense for compliance, time delay due to lack of clarity, customer

complaints on delay are main issues.

5 Analysis of regulation impact

Based on Korean company “C”s impacted revenue from security conformance test

during 1 year, I can show how to calculate the impact of regulations. This test

influences N/W equipment for public accounts, so simulate the impacted number with

below information. Total revenue by sales team(or by product), current N/W revenue

portion in total revenue, public accounts portion in a segment to government

regulations.

Functional equation : Segment Total Revenue * N/W portion in total revenue(%) *

Public accounts’ portion(%) = Impact size.

Table 1. Korea security conformance test impact analysis

Segment

(Sales team)

Revenue

FY14($M)

NW

Portion

Portion of public

Accounts in segment

Impact size

($M)

ENT-Finance 54 50% 20% 5.4

ENT-Defense 7 86% 100% 6.0

ENT-Public 6 60% 100% 3.6

KT 30 23% 20% 1.4

Comm-Public 50 77% 100% 38.5

Total 147

54.9

Advanced Science and Technology Letters Vol.114 (Business 2015)

Copyright © 2015 SERSC 3

6 Potential Strategies and Direction by Countries

I summarize the recommended global network companies strategies to mitigate

regulations by APJ each countries like below.

Fig. 1. Regulation mitigation strategies by Countries

References

1. Kyungwhan Shin, Byungseok Ahn.:A study on China-US Green Protectionism Trade

conflict, Electronic commerce study, vol.8, pp.141--159, (2010)

2. Abdallar Abuoliem.:Cloud computing regulation: An attempt to protect personal data

transmission to cross-border Cloud computing storage services, International journal of

computer and communication engineering, vol.2, (2013)

3. S. Paquette, P. T. Jaeger, and S. C. Wilson.:Identifying the security risks associated with

governmental use of cloud computing, Government Information Quarterly, vol. 27, pp. 245-

-253, (2010)

4. Jung, Eun Young, and Prof. Choi, Won Mog.:A study on whether REACH regulation may be

consistent with the WTO agreements, International economic law study, pp. 307--313,

November, (2009)

5. Malay Shrivastava.:Policy for Preference to domestically manufactured telecom products in

procurement due to security considerations and in Government procurement, Ministry of

Communications and Information Technology of India , October, (2012)

Advanced Science and Technology Letters Vol.114 (Business 2015)

4 Copyright © 2015 SERSC