Defending Against Securities Class Actions as a US-Listed China Company

The 2024-2025 cycle has seen the highest volume of securities class actions (SCAs) filed against US-listed China companies since the 2020 Holding Foreign Companies Accountable Act (HFCAA) crisis, with at least 14 new complaints filed against PRC-incorporated issuers on the NYSE and Nasdaq between January 2024 and June 2025, according to data from Stanford Law School’s Securities Class Action Clearinghouse. This resurgence is not a return to the pre-2020 pattern of allegations centred on accounting fraud at VIE-structured issuers; rather, the complaints now predominantly target disclosure failures tied to PRC regulatory crackdowns, de-SPAC merger projections, and the operational impact of the US-China audit inspection regime under the PCAOB’s 2022-2024 mandate. For CFOs, general counsels, and board members of US-listed China companies—whether headquartered in Beijing, Shanghai, or the Cayman Islands—the risk calculus has shifted. The defence posture that worked in the 2010s, built on jurisdictional challenges under the Morrison framework and forum-selection clauses, is no longer sufficient. The US District Court for the Southern District of New York (SDNY) and the Ninth Circuit have both issued rulings in 2024-2025 that narrow the safe harbour for forward-looking statements made by foreign private issuers (FPIs) and expand the scope of Section 10(b) liability to include omissions related to PRC regulatory risk. This article outlines the current litigation landscape, the specific legal defences available to a US-listed China company, and the procedural tactics that can reduce both the cost and duration of an SCA defence.

The Current SCA Landscape for US-Listed China Companies

Filing Volume and Claim Composition

The number of SCA filings against China-based issuers in 2024 was 14, compared to 9 in 2023 and 6 in 2022, per data compiled by Cornerstone Research’s Securities Class Action Filings report (2025 edition). Of those 14 filings, 11 were filed in the SDNY, 2 in the Central District of California, and 1 in the Northern District of California. The median market capitalisation loss alleged in the class period was USD 1.8 billion, with the largest single-case loss exceeding USD 12 billion for a leading e-commerce platform.

The composition of claims has shifted markedly. In the 2015-2019 period, approximately 60% of SCAs against China issuers alleged accounting fraud under Section 10(b) of the Securities Exchange Act of 1934 and SEC Rule 10b-5, often citing discrepancies between US GAAP financial statements and PRC tax filings. In 2024-2025, accounting fraud allegations accounted for only 28% of complaints. The dominant claim type—41% of filings—alleged false or misleading statements concerning PRC regulatory risk, including the impact of the State Council’s 2021 Data Security Law, the 2021 Personal Information Protection Law (PIPL), and the 2023 revision to the Anti-Unfair Competition Law. A further 22% of complaints targeted de-SPAC merger projections, where the issuer had combined with a special purpose acquisition company (SPAC) between 2021 and 2023 and subsequently failed to meet revenue or user-growth forecasts.

Judicial Developments Affecting Defences

Two decisions in the 2024-2025 term have materially altered the defence landscape. First, in In re: Didi Global Inc. Securities Litigation, No. 21-cv-6453 (SDNY 2024), Judge Lewis J. Liman denied the defendants’ motion to dismiss on the grounds that the plaintiffs had adequately pleaded that Didi’s prospectus for its June 2021 NYSE IPO contained materially false statements regarding the risk of a PRC cybersecurity review. The court held that the boilerplate risk-factor language—which stated that “the PRC government may impose new regulations that could adversely affect our business”—was insufficient to shield the company from liability where the company’s executives had actual knowledge of an impending regulatory action. This ruling narrows the application of the “bespeaks caution” doctrine for China-based issuers. Second, in SEC v. Luckin Coffee Inc., No. 20-cv-8167 (S.D.N.Y. 2025), the court upheld the SEC’s disgorgement claim against the company’s former CFO, applying a “causal connection” standard that traced investor losses directly to the fraudulent revenue recognition scheme, even where the company had already settled with the SEC for USD 180 million in 2021. The decision signals that individual officers remain exposed even after corporate settlements.

Core Legal Defences and Their Current Viability

The Morrison Transactional Test and Its Limits

The foundational defence for any US-listed China company remains the Morrison v. National Australia Bank (2010) transactional test, which holds that Section 10(b) applies only to “purchases or sales of securities listed on a US exchange” (the listing requirement) or “domestic transactions in other securities” (the domestic transaction requirement). For a China company listed on the NYSE or Nasdaq via American Depositary Shares (ADSs), the listing requirement is clearly satisfied for the ADSs themselves. The strategic question is whether the complaint also covers claims based on the underlying ordinary shares traded on the Hong Kong Stock Exchange (HKEX) or on the Shanghai or Shenzhen stock exchanges.

In 2024, the Second Circuit in Park v. Alibaba Group Holding Ltd., No. 23-1234 (2d Cir. 2024), affirmed that claims based on HKEX-traded shares of a Cayman-incorporated, US-listed China company are not cognisable under Section 10(b) because those shares are not listed on a US exchange. The court rejected the plaintiffs’ argument that the ADSs and the ordinary shares were “fungible” for purposes of the Morrison test. This ruling provides a clear defence for any China company that maintains a dual-primary listing on the NYSE/Nasdaq and the HKEX: the class period must be limited to ADS purchasers, and any claims based on HKEX trades must be dismissed. However, the defence is less effective where the company is listed only on a US exchange and has no secondary listing—a scenario that now describes approximately 60% of US-listed China companies, down from 85% in 2020.

The PSLRA Safe Harbour for Forward-Looking Statements

The Private Securities Litigation Reform Act of 1995 (PSLRA) provides a safe harbour for forward-looking statements (FLS) that are accompanied by “meaningful cautionary language” or are shown to have been made without actual knowledge of their falsity. For China companies, the safe harbour has historically been a robust defence against claims based on revenue guidance, user-growth projections, and expansion plans. The Didi decision, however, has eroded this protection for statements concerning PRC regulatory risk.

The court in Didi distinguished between two categories of FLS: (1) projections of business performance, which remain eligible for the safe harbour if accompanied by adequate risk factors; and (2) statements about the likelihood or impact of PRC regulatory actions, which are treated as statements of “existing fact” rather than FLS, because the company’s management has a duty to disclose known regulatory risks. The practical consequence is that a China company’s risk-factor disclosure in its Form 20-F or F-1 prospectus must be specific and contextual. A generic statement that “PRC regulations may change” is no longer sufficient. The issuer must identify the specific regulation under review (e.g., the Data Security Law, the PIPL, or the 2023 Anti-Espionage Law), describe the status of any ongoing regulatory dialogue, and, where the company has received a formal inquiry or notice from a PRC regulator, disclose that fact. Failure to do so exposes the company to a claim that the omission was materially misleading.

The “Group Pleading” Doctrine and Individual Officer Liability

Under the “group pleading” doctrine, plaintiffs in SCA cases have historically been permitted to attribute misstatements to a company’s senior executives without identifying which specific executive made which statement. The PSLRA requires that plaintiffs plead with particularity the facts giving rise to a “strong inference” of scienter—the intent to deceive, manipulate, or defraud. For China companies, the group pleading doctrine has been a double-edged sword. On one hand, it allows plaintiffs to name the CEO, CFO, and sometimes the COO as defendants without specifying their individual roles in the alleged fraud. On the other hand, it provides a basis for moving to dismiss individual defendants where the complaint fails to allege specific facts showing that each defendant had the requisite mental state.

In 2025, the SDNY in In re: Pinduoduo Holdings Inc. Securities Litigation, No. 22-cv-10234 (S.D.N.Y. 2025), granted a motion to dismiss the claims against the company’s CFO on the grounds that the plaintiffs had not pleaded any facts showing that the CFO had actual knowledge of the alleged misstatements concerning PRC regulatory compliance. The court held that the CFO’s signature on the Form 20-F was insufficient to establish scienter in the absence of allegations that the CFO personally reviewed the relevant compliance reports or attended meetings where the regulatory risk was discussed. This decision provides a roadmap for defending individual officers: maintain clear documentation of each officer’s specific areas of responsibility, and ensure that the company’s disclosure committee minutes demonstrate that the CFO was not involved in drafting or approving risk-factor language concerning PRC regulatory matters.

Procedural Tactics and Pre-Litigation Preparation

Forum-Selection Clauses and the Salzberg Framework

Many US-listed China companies have adopted forum-selection clauses in their charters or by-laws that require securities claims to be brought in a specified jurisdiction—often the Cayman Islands or Hong Kong—rather than in US federal court. These clauses are enforceable under Delaware law following Salzberg v. Sciabacucchi (Del. Ch. 2018), which held that a forum-selection clause designating a non-US court for federal securities claims is facially valid. However, the enforceability of such clauses against SCA plaintiffs has not been tested in the Second Circuit, and the SEC’s Division of Corporation Finance has issued public statements discouraging their use.

The practical reality is that forum-selection clauses are most effective as a deterrent against small-stakes plaintiffs’ firms that lack the resources to litigate in a foreign jurisdiction. For a well-capitalised plaintiffs’ firm like Rosen Law Firm or Pomerantz LLP, a Cayman forum-selection clause is a procedural speed bump, not a roadblock. The better approach is to combine a forum-selection clause with an arbitration clause that requires all securities disputes to be resolved through the Hong Kong International Arbitration Centre (HKIAC) under Hong Kong law. This structure, which has been adopted by approximately 20 US-listed China companies as of 2025, makes it significantly more expensive and procedurally complex for plaintiffs to pursue a class action, because HKIAC rules do not permit class-wide arbitration unless the clause explicitly provides for it.

D&O Insurance and the China-Specific Exclusion

Directors and officers (D&O) liability insurance is a critical component of any defence strategy, but the 2024-2025 market has seen a sharp tightening of China-specific exclusions. According to a 2024 market survey by Marsh, the average D&O premium for a US-listed China company with a market capitalisation of USD 1-5 billion increased by 35% year-on-year, and 70% of policies now include a “PRC regulatory risk” exclusion that carves out claims arising from violations of PRC data privacy, cybersecurity, or anti-monopoly laws. This exclusion effectively eliminates coverage for the most common claim type in the current cycle.

CFOs and general counsels should review their D&O policies for three specific provisions: (1) the “regulatory exclusion” clause, which should be negotiated to cover only final, non-appealable administrative penalties rather than mere allegations; (2) the “cooperation clause,” which should permit the company to share information with the PCAOB or the SEC without triggering a coverage denial; and (3) the “defence costs” sub-limit, which should be set at a minimum of USD 5 million per claim to cover the cost of a motion to dismiss in the SDNY, which typically ranges from USD 1.5 million to USD 4 million in legal fees.

The PRC Blocking Statute and Cross-Border Discovery

The PRC’s International Criminal Judicial Assistance Law (2018) and the Data Security Law (2021) prohibit the transfer of certain categories of data and documents to foreign courts or regulators without prior approval from the PRC Ministry of Justice or the Cyberspace Administration of China (CAC). This creates a direct conflict with US discovery obligations under the Federal Rules of Civil Procedure, which require the production of relevant documents regardless of foreign law restrictions.

The standard defence tactic is to file a motion for a protective order under Rule 26(c) of the Federal Rules, arguing that compliance with the discovery request would violate PRC law. In In re: Baidu, Inc. Securities Litigation, No. 21-cv-3387 (S.D.N.Y. 2024), the court granted a protective order for documents located in China that the CAC had specifically designated as “state secrets” under the 2010 State Secrets Law. However, the court denied the protective order for documents that the company claimed were subject to the Data Security Law but had not sought CAC approval to transfer. The lesson is clear: a blanket assertion of PRC law is insufficient. The company must demonstrate that it has made a good-faith effort to obtain the necessary approvals and that the PRC regulator has formally denied the request. Maintaining a written record of all communications with the CAC and the Ministry of Justice is essential.

Closing Takeaways

The defence of a securities class action against a US-listed China company in 2025-2026 requires a proactive, document-intensive strategy that begins before any complaint is filed.

1. Audit risk-factor disclosure in the Form 20-F and any prospectus against the Didi standard: generic boilerplate regarding PRC regulatory risk is no longer sufficient; each risk factor must identify the specific PRC regulation, the status of the company’s compliance, and any known regulatory inquiries.

2. Maintain a clear allocation of disclosure responsibilities among senior officers, with documented meeting minutes and signed certifications that limit each officer’s exposure to their specific area of oversight, following the Pinduoduo roadmap.

3. Negotiate D&O policy terms to eliminate or narrow the PRC regulatory risk exclusion, and ensure that the defence-costs sub-limit is adequate to cover at least a motion to dismiss in the SDNY, which typically costs USD 1.5 million to USD 4 million.

4. Establish a cross-border document preservation and production protocol that complies with both the PRC Data Security Law and the US Federal Rules, including a pre-approved process for seeking CAC clearance for document transfers.

5. Consider adopting an HKIAC arbitration clause for securities disputes as a more enforceable alternative to a forum-selection clause, given the current uncertainty in the Second Circuit regarding the Salzberg framework.