1. What Is Governance, Risk & Compliance (GRC)?
Governance, risk & compliance (GRC) refers to an integrated management framework that enables organizations to operate transparently, mitigate exposure, and meet legal obligations. It encompasses three core pillars:
- Governance: The structures, policies, and processes that guide decision-making, internal controls, accountability, and documentation
- Risk management: The systematic identification, assessment, and mitigation of legal, financial, operational, and reputational risks
- Compliance: Adherence to applicable laws, regulations, and industry standards across all business activities
In Vietnam, governance risk and compliance requirements are influenced by several structural factors, including:
- A civil law legal system, where statutory regulations take precedence over case law
- Rapidly evolving regulatory frameworks, particularly for foreign-invested enterprises and technology-driven sectors
- Strong state oversight of foreign investment activities, with heightened scrutiny on licensing, tax, labor, and reporting obligations
2. Compliance Procedures for FDI Company in Vietnam
Vietnam’s regulatory landscape is complex, localized, and frequently updated. Foreign firms that apply “home-country assumptions” often struggle with industry regulatory compliance and operational approvals.
2.1. Incorporation Registration
The foundation of compliance procedures for an FDI company in Vietnam begins with proper investment registration. Foreign investors must obtain an Investment Registration Certificate (IRC) and an Enterprise Registration Certificate (ERC) to establish their local legal entity.
Investment Registration Certificate (IRC)
Foreign investors must first obtain an IRC from the local Department of Planning and Investment (DPI). The IRC outlines the investment project, the investor’s details, and the capital structure, and formally recognizes the investor’s right to operate in Vietnam.
Enterprise Registration Certificate (ERC)
Following IRC approval, companies apply for an ERC at the Business Registration Office. This step legally establishes the Vietnamese entity and enables it to conduct business activities.
Post-Licensing Compliance Requirements
After incorporation, companies must complete several mandatory formalities, including:
- Company seal engraving and registration
- Opening a Direct Investment Capital Account (DICA) for capital transfers
- Tax code registration and e-invoice activation
- Securing applicable sub-licenses (e.g., education, finance, regulated services)
- Completing labor and employee registration
Failure to complete post-licensing obligations on time may result in operational delays or administrative penalties.
Set Up Compliant Team Without Local Entity? Explore Reco's EOR Service - Get Started Now2.2. Operational Compliance
After obtaining initial business licenses, FDI companies must complete a series of compliance procedures that enable lawful operations and mitigate regulatory risk. Regulatory compliance requirements include:
- Digital Signature Registration
- Statutory Accounts and Tax Registration
- Ongoing Tax Compliance
- Social Insurance and Payroll Reporting
Beyond routine tax returns, FDI companies must comply with several periodic regulatory submissions that reinforce governance and transparency. Moreover, depending on the nature of their business activities, these firms must obtain industry-specific licenses or environmental and safety permits to ensure industry regulatory compliance. In case your business employs foreign workers, work permits and visa renewals are essential, while labor law compliance is critical to avoid inspections and fines.
2.3. Corporate Tax Compliance in Vietnam
Vietnam’s tax system presents unique challenges for foreign investors. The corporate income tax (CIT) rate is 20%, but effective tax rates vary significantly due to incentives, transfer pricing adjustments, and industry-specific regulations. Specifically, eligible FDI enterprises in the tech sector may benefit from reduced CIT rates such as 10%, 15%, or 17%.
Core tax obligations:
- Corporate income tax (CIT)
- Value-added tax (VAT)
- Foreign contractor tax (FCT)
- Personal income tax (PIT)
3. Corporate Compliance in Vietnam: HR & Employment Law Risks
Employment compliance in Vietnam is a high-risk governance area for foreign companies due to detailed statutory requirements and increasing regulatory enforcement. Vietnam’s Labor Code and related regulations impose comprehensive obligations on employers, and non-compliance can result in administrative fines, employee disputes, and reputational damage.
3.1. Mandatory Social Insurance Contributions
Employers must register all employees for Social Insurance (SI), Health Insurance (HI), and Unemployment Insurance (UI) and make monthly contributions. Late registration, incorrect salary bases, or delayed payments can lead to retrospective collection of unpaid contributions, interest charges, and significant fines. In severe cases, violations may affect license renewals or trigger criminal liability.
3.2. Probation, Working Hours, and Overtime
The Labor Code prescribes specific probation periods based on job level, limits regular working hours (typically 8 hours/day or 48 hours/week), and tightly restricts overtime, requiring premium compensation rates (e.g., up to 300% for holidays). Misapplication of these rules or failure to compensate correctly increases the risk of disputes and regulatory penalties.
3.3. Statutory Probation and Termination Procedures
Employment termination in Vietnam is highly regulated with strict notice periods (often 30–45 days depending on contract type) and procedural requirements. Employers must follow formal termination processes; failure to do so can result in illegal dismissal rulings, compensation liabilities, reinstatement orders, or extended disputes.
3.4. Overtime and Working Hour Limits
Employers must manage regular hours and overtime within statutory limits and ensure appropriate compensation. Overtime caps and premium pay rates are clearly defined, and violations can trigger fines and employee claims.
3.5. Trade Union Obligations
Employers must contribute a compulsory trade union fee (typically a percentage of the social insurance salary base) even if no union exists in the workplace. Failure to remit this fee can lead to payroll compliance violations and penalties.
Vietnamese labor inspections are intensifying, particularly for FDI entities and tech companies with large local workforces. Inspections often focus on contract compliance, insurance registrations, payroll contributions, and internal labor regulations, making proactive HR compliance systems essential to avoid costly enforcement actions.
4. Best Practices for Governance, Risk, and Compliance in Vietnam
Organizations that adopt structured, localized best practices are better positioned to mitigate regulatory risk, ensure operational continuity, and scale sustainably.
4.1. Establishing Robust Internal Controls
Foreign firms should align global governance standards with local legal requirements. This includes clearly defined decision-making authority, documented internal controls, and maintained corporate records. Governance structures should reflect Vietnamese statutory expectations, particularly regarding legal representation, charter provisions, and shareholder approvals.
4.2. Embed Compliance into Day-to-Day Operations
Compliance in Vietnam is procedural and deadline-driven. Successful companies integrate compliance obligations, including tax filings, labor reporting, and investment reports, into routine operational workflows rather than treating them as periodic tasks. This reduces the risk of missed filings and administrative penalties.
4.3. Adopt Proactive Risk Management
Regulatory, tax, and labor risks should be identified early through regular compliance reviews and internal audits. Companies should assess how changes in regulations, business scope, or workforce structure may impact existing licenses, tax positions, or employment obligations.
4.4. Leverage Local Expertise
While some foreign companies attempt to manage compliance internally, most successful market entrants recognize the value of specialized expertise. Engaging local legal, tax, and HR advisors ensures accurate interpretation of regulations, timely updates on legal changes, and effective handling of inspections or audits, particularly for FDI and technology-driven businesses. Leveraging services such as employer of record and payrolling helps firms avoid legal risks by having local experts handle compliance complexities.
Read More: 10 Best HR Consulting Firms in Vietnam for Global Businesses4.5. Maintain Strong Documentation and Audit Readiness
Authorities in Vietnam place significant emphasis on documentation. Companies should maintain complete, up-to-date records covering corporate governance, employment contracts, payroll, tax filings, and investment activities to ensure readiness for inspections.
4.6. Review and Update GRC Frameworks Regularly
As Vietnam’s laws and enforcement practices evolve, governance, risk, and compliance frameworks should be reviewed periodically to remain aligned with current regulations and business growth objectives.
5. Reco Manpower – End-to-End HR Support in Vietnam
Reco supports foreign companies from initial market entry through long-term operations, providing end-to-end HR services tailored to Vietnam’s regulatory environment. Our in-country expertise and established talent network enable clients to build compliant, high-performing teams without the burden of managing complex HR internally.
How Reco Supports Foreign Companies in Vietnam
- End-to-end HR operations covering onboarding, payroll, social insurance, and employee lifecycle management
- Market Entry & EOR Services: Launch your presence immediately without the headache of entity setup. We act as the Employer of Record, absorbing the administrative and legal burden so you can focus on core business strategy.
- End-to-End HR Operations: From drafting bilingual labor contracts to managing monthly payroll and compulsory insurance (SHUI), we handle every detail of the employee lifecycle.
- Local talent network access, enabling compliant hiring of high-quality IT and tech professionals
By combining HR execution with local compliance expertise, Reco enables foreign businesses to focus on growth while confidently meeting Vietnam’s governance, risk & compliance requirements.
6. Conclusion
Successful market entry in Vietnam requires foreign companies to navigate governance, risk & compliance. Companies that invest in robust compliance frameworks from inception avoid costly remediation, build stronger relationships with authorities, and position themselves for sustainable growth. Partnering with a local HR expert like Reco helps global businesses reduce HR administrative burdens while securing a compliant tech team to scale effectively in Vietnam.
Looking to hire reliable and highly qualified tech professionals in Vietnam? Reach out to Reco Manpower today for tailored recruitment solutions that match your business needs.
FAQs
Most companies with fewer than 50 employees outsource monthly tax compliance and accounting while retaining one local finance manager. Companies with 100+ employees typically build in-house teams supported by external specialists.
- Inadequate transfer pricing documentation
- Missing monthly tax deadlines
- Misclassifying employees as contractors
- Operating without proper work permits
- Incomplete corporate governance records
Typically 2-4 months, including Investment Registration Certificate (15-20 days), Enterprise Registration (3-5 days), and additional licensing. Conditional sectors may take 3-6 months.
