On April 7, MIIT, the telecoms regulator, circulated a notice of requesting the basic telecoms service providers to submit information about unauthorized use of bandwidth. Is it a signal of tightening the regulation of the “off-shore mode

China’s booming software and information technology services industry provides significant market room for foreign firms to get a slice of the pie, of which the software as a service, or “SaaS”, market is one of the fastest growing sub-markets and therefore an attractive field for foreign entrants to compete. However, as with other fields of TMT industry, market entrance in China is far from easy due to the complicated regulatory environment. 

In this article we analyze the legal requirements for delivering SaaS services in China and examine the options available to foreign companies that are looking into entering the Chinese SaaS market.

I. SaaS and cloud computing solutions

SaaS is generally understood as a specific branch of cloud computing solutions. In the simplest sense, SaaS is a novel software delivery model on a subscription basis through internet without local installation, compared to the traditional software selling methods. Currently, office automation software (OA), customer relationship management software (CRM), and office collaboration software are the most developed SaaS products and are widely used in China.

In addition to SaaS, other typical cloud computing solutions include the infrastructure as a service (“IaaS”) and the platform as a service (“PaaS”). 

II. Regulation environment of cloud computing services in China

1. Telecommunications regulation

1.1 General legal requirements

Generally speaking, providing cloud computing services are heavily regulated under Chinese telecommunications laws and regulations.

According to the Telecommunications Regulations of the People's Republic of China, telecommunications businesses are categorized into basic telecommunications businesses (“BTS”) and value-added telecommunications businesses (“VATS”). Operating cloud services in China generally requires a VATS business operating License (“VATS License”). 

The Classification Catalogue of Telecommunications Services (Version 2015 and recently updated in 2019) (“Telecoms Catalogue”) promulgated by the Ministry of Industry and Information Technology (“MIIT”) defines and classifies sub-categories of telecommunications businesses based on the preliminary classification of BTS business and VATS business, and functions as the basis to determine which business falls into the Chinese telecommunications regulation and which category of license that an operator should apply. In fact, the cloud service business is not explicitly addressed as a specific term in the Telecoms Catalogue. Instead, there are two sub-categories of VATS License that could be interpreted as being applicable to cloud services. For IaaS, as it provides access to virtual infrastructures and capacities in the cloud, it clearly falls into the category of B11-Internet Data Center (“IDC”) services, under the section of VATS business. For PaaS, it is most likely subject to a sub-category of IDC services, internet resource collaboration service (“IRCS”), which is defined as:

“equipment and resources installed in a data center to provide users with data storage services, development environments for internet applications, and deployment and operation management of internet applications via the Internet or other networks, using sharing of resources to allow users to scale as fast or as much as needed.” 

1.2 Debate over SaaS model

The definition of sub-categories of telecommunications business in the Telecoms Catalogue is somewhat broad and ambiguous, which creates uncertainty and complexities for a company with a view to launch the new business. There has been some debate over whether a SaaS model require a VATS License. From a conservative point of view, it is likely that SaaS model falls into category of IRCS under B11-IDC services; or as another scenario, it seems that some features of SaaS model also fits the definition of B25- Information Service under which the operator shall obtain an ICP License.

Recently, there is a theoretical view that pure software services delivered by a SaaS provider does not fall into the scope of VATS business, which has been supported by some officials from MIIT on informal occasions. More specifically, if SaaS services provided to the customers only includes software service without any other related services or functions that fit the definition of IRCS or Information Service, the service provider is not required to obtain a VATS License. Nevertheless, SaaS providers in China still face substantial regulatory risks. On the one hand, the line between the pure software services and the services within the scope of IRCS or Information Service are not clear; on the other hand, the local Communications Administration may not analyze the nature of each SaaS service model in such a complicated way. Instead, some local authorities are inclined to deem any paid services provided through website as VATS businesses.

2. Restrictions on foreign investment

Foreign investment in the VATS industry is restricted under Chinese law. Pursuant to the Administrative Provisions on Foreign-Invested Telecommunications Enterprises (amended in 2016) and the Special Administrative Measures for Admission of Foreign Investment, an onshore foreign invested enterprise is eligible to hold an ICP License or IDC License only if the foreign investor’s shareholding does not exceed 50%. In practice, even if the foreign invested enterprise meets the share ratio restrictions (such as adopting a joint venture model), there are still great difficulties in applying for an ICP license or IDC License. So far as we are aware, MIIT has only issued ICP License or IDC License to foreign invested JVs in rare cases.

III. Options available to foreign entrants

Despite the above restrictions, there are, however, several potential options that foreign SaaS service providers can consider when looking into delivering SaaS services in China. 

1. Offshore model: hosting server outside China

We note that some foreign SaaS providers are delivering their services to Chinese customers in offshore model under which the applications are hosted on a server located outside China (or foreign cloud infrastructure such as AWS). As operating SaaS business with the server outside China does not involve the matters of establishing an onshore entity and applying for a VATS License, the offshore model may serve as a potential option for foreign SaaS service providers to deliver services to Chinese customers.

However, the offshore model may bring about great uncertainties in terms of regulatory compliance and commercial sustainability and therefore is not recommended to the firms that seriously plan to conduct business substantively in China. It is very important to note, though, that the offshore model being remained unregulated in China does not necessarily mean that there were no restrictions on providing SaaS service through offshore model. On the contrary, in China this usually means you do not have a sound legal basis for operating in such way. Moreover, as the server of the cloud-based software solutions is located outside China, the connection speed would be much lower, and to the worst scenario, the government might block any domestic access to the website.

To our knowledge, some service providers can provide cross-border access acceleration resolution by which the foreign SaaS providers purchasing such services can, to some extent, mitigate the problem of visit speed. However, On April 7, MIIT circulated a notice of requesting the basic telecoms service providers to submit information about unauthorized use of bandwidth. We understand that it is a signal that MIIT is going to regulate the cross-border telecoms operating activities that have been a gray area for a long time. In this sense, foreign SaaS providers would face more tighten regulation for delivering services to Chinese customers by offshore model.

2. Onshore model: migrating from foreign cloud to domestic cloud 

With the goal of solving the challenge of significant lag for Chinese customers when accessing to the website of SaaS product and the potential risk of being shut down, foreign firms may consider migrating to domestic cloud infrastructure. Technically, domestic cloud service providers can provide foreign firms with flexible options to realize the specific technical structure. For instance, foreign firms may choose to relocate and host the whole server of their SaaS products, or just to deploy a set of “proxy servers” on the domestic cloud infrastructure but to keep the original servers hosted outside China. 

If foreign SaaS providers decide to host their servers within China, no matter which specific technical route they choose, their business operation will be subject to Chinese telecommunications regulation. As explained in the previous section, if a specific SaaS model could be deemed as only providing pure software services, an ICP filing would be sufficient without the need to further apply for VATS License. Otherwise, a proper VATS License would be required if the proposed SaaS model involves business functions fitting the definition of IRCS or Information Service

Accordingly, foreign companies may consider the following structures for entering the Chinese market:

2.1 Operating the business by a WFOE with an ICP filing

This is somewhat a risky option for a foreign entrant because it is difficult to make sure that you are providing pure software services. Nevertheless, there may be some room to interpret this business model as providing its own software products from offline to online, which is normally not considered as commercial internet-based services, and thus a WFOE with a ICP filing would be able to operate the relevant business in China (there is no restriction on the foreign shareholding of the entity applying for ICP filing). Therefore, if a foreign SaaS provider can get comfortable its model of SaaS does not require on IDC or IRCS License, establishing a WFOE to operate the business with an ICP filing would be a choice. 

2.2 VIE structures

The well-known variable interest entity ("VIE") structure is widely used in telecommunication and Internet fields for foreign investments to circumvent certain legal restrictions they encountered in China, typically involving a foreign investor entering into a series of contractual arrangements with a Chinese VATS License holder that enables the foreign entity to exercise effective control over the licensed business, and seeks to achieve an equity-like return. Notwithstanding its well-known risks, VIE structures can be an option for foreign SaaS providers to participate in Chinese market considering that it is in fact impracticable for a foreign invested enterprise to apply for IDC or IRCS License. 

2.3 Joint operating model

Compared with VIE structures, joint operating model for delivery of SaaS services is less risky in terms of regulatory compliance. We are aware that some technology giants, such as Microsoft Office 365 and SAP are structuring their China service delivery models in such way: (1) the foreign SaaS service provider enters into cooperation agreements with the domestic-funded company holding proper VATS License to license IP rights and provide technical support; and (2) the domestic-funded VATS License holder enters into contracts with customers. Considering that the joint operating model adopted by some famous foreign technical companies has been successfully launched in China, it seems that MIIT seems to be more comfortable with such joint operating model.

The core merits for joint operating model are its lower regulatory risks compared with other options. It is worth noting that such merits are built on the prerequisite that there should be a real cooperation between the joint operating partners. More specifically, under the joint operating model, the red lines as follows during the course of cooperation shall not be crossed. Otherwise, the cooperation will be exposed to the legal risk of being deemed as “lease, transfer, and resale of telecommunications business licenses in a disguised way”:

  1. The foreign partner directly signs contracts with the customer and charges the subscription fees and/or service fees; 
  2. When marketing and providing services, only foreign partner’s brand is presented to the customers without using the domestic partner’s brand or trade name; and 
  3. unlawfully providing to the foreign partner with user personal information and network data

In summary, for potential new-comers to the China SaaS market, deployment on domestic cloud infrastructure is indeed a feasible way but only a starting point. Generally, unless it is for sure that the specific SaaS model to be launched in China does not require IRCS or ICP License, the foreign entrant is likely need to cooperate with a domesticfunded company either by VIE structure or joint operating model. Adopting which option depends on the current technical and commercial features of the proposed SaaS model as well as its future development plan, based on which the cooperation relationship should be tailored in such a way as to a delicate balance between meeting regulatory requirements and achieving business purpose.