The foundation for regulatory harmonisation lies in the ASEAN Economic Community (AEC) Blueprint 2025, published in 2015.
The establishment of the AEC was a major milestone in ASEAN’s economic integration agenda, offering opportunities via a huge market, whose combined population stands at 622 million people (Population for Southeast Asia is 687.7 million).
Since that pivotal moment, ASEAN embarked on a journey characterised by innovation, adaptability, and resilience. Our primary objective has been to instil predictability, minimise uncertainties, and foster a spirit of innovation. This is important for the AEC to achieve a single market and production base, allowing seamless flow of goods, services, investments, skilled labour, and even capital across our member nations, said Minister of Investment, Trade and Industry (Miti) Tengku Datuk Seri Zafrul Tengku Abdul Aziz at the Asean Business & Investment Summit 2023 in Jakarta, Indonesia today (Sept 4).
“The rationale behind this harmonisation is straightforward yet profound. We aspire to eradicate technical impediments to trade, ensuring adherence to standardised regulations and assessment procedures.
“Given the vastness of this topic, I would like to focus on establishing a regulatory framework to increase trust on intra-ASEAN data sharing between stakeholders. This trust forms the foundation upon which we can amplify cross-border data flows, to further promote e-commerce, trade, and investments across our region. However, our path is not without its challenges. Let us first frame the problem.”
Tengku Zafrul cited that according to research by the ISEAS Yusof Ishak Institute, firstly, regulatory frameworks to enable data flows are unevenly developed across different enablers and countries. This gets more complicated due to different levels of enforcement of regulations; and secondly, the area where all ASEAN countries are doing relatively well is in e-commerce and e-transactions related regulations.
However, e-commerce firms and consumers in ASEAN countries have not yet reaped the full benefits of data flows due to limited reuse of public intent data3 and private intent data4 domestically.
The solution, he suggested, lies in a unified regulatory approach on cross-border data flows, underpinned by the guidelines set forth in the ASEAN Economic Blueprint.
Commendably, the region has made significant strides in harmonising its regulatory regimes by strengthening the adoption of Good Regulatory Practices (GRP). On this, ASEAN is building upon key initiatives such as the ASEAN OECD GRPN Meeting (est. 2015)5; ASEAN GRP Principles (2018)6: ASEAN Trade Repository (2020)7; ASEAN GRP Handbook (2022)8; and the User Handbook
Public intent data refers to data collected with the intent of serving the public good by informing the design, execution, monitoring, and evaluation of public programmes and policies. Such data include administrative, census and survey data produced by government agencies, citizen-generated data produced by individuals, and machine-generated data produced without human interactions.
Private intent data refers to data collected by the private sector as part of routine business processes. Such data include transaction and browsing histories, mode of payments, internet protocol (IP) addresses, and smartphone app logs.
An annual event uniting ASEAN and OECD government officials and practitioners, co-chaired by Malaysia and New Zealand, is dedicated to advancing good regulatory practices. It achieves this through knowledge exchange and capacity building, aiming to improve regional regulatory frameworks.
These core principles establish a robust framework for effective regulation, aligning regulatory actions with policy objectives while minimizing costs and market distortions. Facilitating transparency in non-tariff measures, this online platform offers comprehensive trade-related information for ASEAN stakeholders.
It also provides essential guidance on implementing GRP principles, this resource promotes consistency and clarity in regulatory practices across member states.
Mapping the Study and Gap Analysis Report on the Establishment of ASEAN DEFA by the Boston Consulting Group shows that it has reached a record high of USD224 billion, up 5%, even as global FDI reduced by 12%.
The rapid growth of e-commerce and availability of digital platforms (e.g., social networks, e-commerce marketplaces) are an opportunity for small and medium sized enterprises (SMEs) in ASEAN to increase their participation in domestic and international markets.
In terms of private intent data, about 50 million SMEs use Facebook to find customers; 70% of their fans are domestic, and 30% are from outside the country. Enhancing data flows will reduce transaction costs, promote sharing of ideas, and enable users to make use of new findings and technologies.
One way is to work towards a comprehensive regulatory framework to increase trust on intra-ASEAN data sharing between stakeholders, comprising the reuse of both public and private intent data. While enabling the reuse of public intent data may be a more complex process, what we can consider today is to further enable the reuse of private intent data via regulations across ASEAN.
Efforts Towards Harmonising Regulations On Cross-Border Data Flows
Regionally, Tengku Zafrul said, multilateral arrangements to facilitate cross border data flows include the RCEP provisions on e commerce and the ASEAN e-Commerce Agreement. The e-commerce chapter under RCEP aims to create a conducive e-commerce environment through protection of online consumers and online personal data as well as facilitating cross-border data flows.
Improved coherence in data-related policies will create more trust, and boost e-commerce within the region, as well as between ASEAN and other international markets.
The ASEAN GRP Handbook (2022) is the common reference to ensure greater applicability of ASEAN GRP core principles to assist ASEAN Member States in improving their regulatory practice, and foster ASEAN-wide regulatory cooperation. The Handbook offers guidance for analysis to help regulators and regulatory officials understand, formulate, and implement regulations in accordance with global practices.
“In ensuring next-level GRP implementation in Malaysia, we launched the National Policy on Good Regulatory Practice (NPGRP) in 2021, with improvements after GRP was first introduced in 2013. The gatekeeper for this policy is the Malaysia Productivity Corporation (MPC), an agency under the MITI, Malaysia.
MITI, through MPC, is responsible for ensuring Malaysia’s commitment to a comprehensive nationwide GRP implementation that also incorporates ASEAN’s GRP principles. As of now, Malaysia’s regulatory efforts on improving public and private intent data include mandated IP Rights holders to provide voluntary licensing access to critical data or applications; established the legal recognition of e-signatures; established government-recognised digital ID systems that enable people to remotely authenticate themselves to access online services; established standards for open application programming interfaces (APIs) for G2G, government to business (G2B), and government to consumer (G2C) services, and standardised communications protocols for accessing metadata.
In building on the foundation that ASEAN has developed thus far, ASEAN can strengthen the implementation of GRP (next-level GRP). ASEAN countries are still in the early stages of developing their regulatory frameworks for sharing public and private intent data. To that end:
a. Firstly, policymakers and regulators should incorporate international best practices into their domestic legislative procedures. For private intent data, this includes introducing legislation or policy that encourages open data licenses between private firms, promoting the right to data portability for individuals, and access to a machine-readable format of data portability from say, one vendor to another.
b. Secondly, ASEAN countries should seriously consider establishing mutual recognition arrangements and/or harmonizing their data-related regulations both within and outside the region. This can also be taken up through the upcoming negotiations on the ASEAN Digital Economy Framework Agreement (or DEFA). ASEAN
Leaders have envisioned DEFA as a modern, comprehensive, and coherent digital transformation strategy towards an ASEAN Digital Economy, where the seamless and secure flow of goods, services, and even data is underpinned by enabling rules, regulation, infrastructure, and talent.
c. Third, build capacity on GRP: Acknowledging capacity issues in some member states, tailored capacity-building programs and specialized training should be implemented to help bridge regulatory capacity gaps effectively.
d. Fourth, encourage regulatory cooperation in selected sectors: Implementing a targeted approach to regulatory cooperation in 2-3 strategically chosen sectors can help us gain traction in this space.
e. Fifth, enhance public-private collaboration: The private sector, as on-ground market players, are the ones who will benefit from the boon, or suffer from the bane of regulations. Public-private collaboration and consultation is, therefore, critical to ensure that harmonised regulations are practical, effective and culturally sensitive to foster regionwide, broad-based acceptance.
Investors and businesses appreciate regulatory clarity and transparency. Investment-wise, ASEAN is currently in a sweet spot where manufacturing and supply chains are likely to migrate to many Southeast Asian countries. This is driven in part by a confluence of factors: favourable trade agreements (such as RCEP), external geopolitical factors, and the capacity readiness in these countries. Additionally, operational and labour costs in Southeast Asia are becoming relatively cheaper.
Further, as e-commerce activity in the region skyrockets, foreign companies will likely boost their manufacturing base in the region, not just to cater to global demand, but also to fulfil the region’s appetite for goods and services.