Dada Nexus Limited
22/F, Oriental Fisherman’s Wharf
No. 1088 Yangshupu Road
Yangpu District, Shanghai 200082
The People’s Republic of China
October 5, 2022
VIA EDGAR
Mr. Robert Littlepage
Mr. Joseph Kempf
Mr. Jeffrey Kauten
Mr. Kyle Wiley
Division of Corporation Finance
Office of Technology
Securities and Exchange Commission
100 F Street, N.E.
Washington, D.C. 20549
| Re: | Dada Nexus Limited (the “Company”) |
Form 20-F for the Fiscal Year Ended December 31, 2021
Filed on April 28, 2022
File No. 001-39305
Dear Mr. Littlepage, Mr. Kempf, Mr. Kauten and Mr. Wiley,
This letter sets forth the Company’s responses to the comments contained in the letter dated September 21, 2022 from the staff (the “Staff”) of the Securities and Exchange Commission (the “Commission”) regarding the Company’s annual report on Form 20-F for the fiscal year ended December 31, 2021 filed with the Commission on April 28, 2022 (the “2021 Form 20-F”). The Staff’s comments are repeated below in bold and are followed by the Company’s responses thereto. All capitalized terms used but not defined in this letter shall have the meaning ascribed to such terms in the 2021 Form 20-F.
Annual Report on Form 20-F
Item 3 - Key Information
D. Risk Factors, page 16
| 1. | In your summary of risk factors, disclose the risk that the Chinese government may intervene or influence your operations at any time, or may exert more control over offerings conducted overseas and/or foreign investment in China-based issuers, which could result in a material change in your operations and/or the value of the securities you are registering for sale. Acknowledge any risks that any actions by the Chinese government to exert more oversight and control over offerings that are conducted overseas and/or foreign investment in China-based issuers could significantly limit or completely hinder your ability to offer or continue to offer securities to investors and cause the value of such securities to significantly decline or be worthless. |
Division of Corporation Finance Office of Technology Securities and Exchange Commission October 5, 2022 Page 2 |
In response to the Staff’s comment, the Company respectfully proposes to revise the referenced disclosure as follows (page references are made to the 2021 Form 20-F to illustrate the approximate location of the disclosure) in its future Form 20-F filings (with deletions shown as strike-through and additions underlined), subject to updates and adjustments to be made in connection with any material development of the subject matter being disclosed.
Page 15:
Risks Related to Doing Business in China
. . .
| · |
. . .
| 2. | For each summary risk factor related to doing business in China, provide a specific cross-reference to the more detailed risk factor discussion. |
The Company undertakes to provide a specific cross-reference to the more detailed risk factor discussion for each summary risk factor related to doing business in China in future filings of its annual report on Form 20-F.
| 3. | In light of recent events indicating greater oversight by the Cyberspace Administration of China (CAC) over data security, particularly for companies seeking to list on a foreign exchange, please revise your disclosure to explain how this oversight impacts your business and your offering and to what extent you believe that you are compliant with the regulations or policies that have been issued by the CAC to date. |
Division of Corporation Finance Office of Technology Securities and Exchange Commission October 5, 2022 Page 3 |
The Company respectfully proposes to revise the referenced disclosure as follows in future filings of its annual report on Form 20-F (with deletions shown as strike-through and additions underlined), subject to updates and adjustments to be made in connection with any material development of the subject matter being disclosed. Page reference is made to the 2021 Form 20-F to illustrate the approximate location of the disclosure.
Pages 22-24:
Our business is subject to complex and evolving laws and regulations regarding data privacy and cybersecurity. Failure to protect confidential information of our customers and network against security breaches could damage our reputation and brand and substantially harm our business and results of operations.
. . .
On November 14, 2021, the CAC released the Regulations on the Network Data Security (Draft for Comments), or the Draft Regulations, and accepted public comments until December 13, 2021. The Draft Regulations provide that data processors refer to individuals or organizations that autonomously determine the purpose and the manner of processing data. In accordance with the Draft Regulations, data processors shall apply for a cybersecurity review for the following activities: (i) merger, reorganization or division of Internet platform operators that have acquired a large number of data resources related to national security, economic development or public interests to the extent that affects or may affect national security; (ii) listing abroad of data processors which process over one million users’ personal information; (iii) the listing of data processors in Hong Kong which affects or may affect national security; or (iv) other data processing activities that affect or may affect national security. However, there have been no clarifications from the authorities as of the date of this annual report as to the standards for determining such activities that “affects or may affect national security.” See “Item 4.B. Information on the Company—Business Overview—Regulations.” As of the date of this annual report, the Draft Regulations were released for public comment only, and their respective provisions and the anticipated adoption or effective date may be subject to change with substantial uncertainty. The Draft Regulations remain unclear on whether the relevant requirements will be applicable to companies that have been listed in the United States, such as us. We cannot predict the impact of the Draft Regulations, if any, at this stage, and we will closely monitor and assess any development in the rule-making process. If the enacted versions of the Draft Regulations mandate clearance of cybersecurity review and other specific actions to be completed by China-based companies listed on a U.S. stock exchange, such as us, we face uncertainties as to whether such clearance can be timely obtained, or at all. On December 28, 2021, the CAC, together with other relevant government authorities in China issued the Measures for Cybersecurity Review (2021 version), which became effective on February 15, 2022. Pursuant to the measures, any “online platform operators” controlling the personal information of more than one million users which seek to list on a foreign stock exchange are subject to prior cybersecurity review. On July 7, 2022, the CAC promulgated the Measures for the Security Assessment of Cross-border Data Transfer, or the Security Assessment Measures, which took effect on September 1, 2022. The Security Assessment Measures regulate the security assessment of important data and personal information collected and generated within the territory of China and transferred overseas by a data processor during its operation. According to the Security Assessment Measures, where a data processor transfers data overseas under relevant circumstances, it shall apply to the relevant provincial department of the CAC for a security assessment. As of the date of this annual report, we have not been involved in any formal investigations on cybersecurity review made by the CAC on such basis and are not required to go through cybersecurity review by the CAC. However, if we are not able to comply with the cybersecurity and network data security requirements in a timely manner, or at all, we may be subject to government enforcement actions and investigations, fines, penalties, suspension of our non-compliant operations, or removal of our app from the relevant application stores, among other sanctions, which could materially and adversely affect our business and results of operations, significantly limit or completely hinder our ability to continue to offer securities to investors, or cause the value of such securities to significantly decline. In particular, if it is determined in the future that the approval of the CAC or any other regulatory authority is required for our offering, any failure to complete such procedures for our offshore offerings, would subject us to sanctions by the CAC or other PRC regulatory authorities. See “—Risks Related to Doing Business in China—The approval of the CSRC or other PRC government authorities may be required in connection with our offshore offerings under PRC law, and, if required, we cannot predict whether or for how long we will be able to obtain such approval.” In addition to the cybersecurity review, the Draft Regulations requires that data processors processing “important data” or listed overseas shall conduct an annual data security assessment by itself or commission a data security service provider to do so, and submit the assessment report of the preceding year to the municipal cybersecurity department by the end of January each year. If a final version of the Draft Regulations is adopted, we may be subject to review when conducting data processing activities and annual data security assessments and may face challenges in addressing its requirements and make necessary changes to our internal policies and practices in data processing. Based on the foregoing, our PRC legal counsel does not expect that, as of the date of this annual report, the current applicable PRC laws on cybersecurity would have a material adverse impact on our business.
Division of Corporation Finance Office of Technology Securities and Exchange Commission October 5, 2022 Page 4 |
The PRC Cyber Security Law, the Data Security Law, the Personal Information Protection Law and Civil Code are relatively new and subject to interpretation by the regulators. Although we only gain access to user information that is necessary for, and relevant to, the services provided, the data we obtain and use may include information that is deemed as “personal information”, “network data” or “important data” under the PRC Cyber Security Law, the Civil Code and related data privacy and protection laws and regulations. As such, we have adopted a series of measures to ensure that we comply with relevant laws and regulations in the collection, use, disclosure, sharing, storage, and security of user information and other data. The Data Security Law also stipulates that the relevant authorities will formulate the catalogues for important data and strengthen the protection of important data, and state core data, i.e. data having a bearing on national security, the lifelines of national economy, people’s key livelihood and major public interests, shall be subject to stricter management system. The exact scopes of important data and state core data remain unclear and may be subject to further interpretation. If any data that we are in possession of constitutes important data or state core data, we may be required to adopt stricter measures for protection and management of such data.
We are constantly in the process of evaluating the potential impact of the laws, regulations and policies relating to cybersecurity, privacy, data protection and information security on our current business practices. All these laws and regulations may result in additional expenses and obligations to us and subject us to negative publicity, which could harm our reputation and negatively affect the trading price of the ADSs. We expect that these areas will receive greater public scrutiny and attention from regulators and more frequent and rigid investigation or review by regulators, which will increase our compliance costs and subject us to heightened risks and challenges. If we are unable to manage these risks, we could become subject to penalties, fines, suspension of business and revocation of required licenses, and our reputation and results of operations could be materially and adversely affected. We believe, to the best of our knowledge, that our business operations are compliant with the currently effective PRC laws relating to cybersecurity, data security, and personal data and privacy laws in all material respects. We have taken and will continue to take reasonable measures to comply with such laws and regulations.
Item 5. Operating and Financial Review and Prospects
Results of Operations, page 103
| 4. | In your discussion, you cite multiple various factors as impacting your results of operations but provide no quantification of the contribution of each factor to the material changes in the various line items discussed. For instance, on page 104, you attributed an increase in revenues to two factors offset by a third factor. None of these factors are quantified. On page 105 you attribute an increase in operations and support costs to two factors also offset by a third factor. Again none of these factors are quantified. Please see the guidance provided by Section III. D of Release 33-6835 and, as applicable in future filings, revise throughout to quantify the impact of each material factor discussed when your results are impacted by two or more material factors. In addition, you should remove vague terms such as “primarily” in favor of specific quantifications. |
The Company undertakes to revise throughout to quantify the impact of each material factor discussed when the results are impacted by two or more material factors, and remove vague terms such as “primarily” in future filings of its annual report on Form 20-F.
Division of Corporation Finance Office of Technology Securities and Exchange Commission October 5, 2022 Page 5 |
Financial Statements
2 Principal Accounting Policies
2.25 Segment reporting, page F-25
| 5. | In light of the evolving nature of your business model and in particular the new JD Logistics business model adopted in April 2022, clarify for us how you determined that you operate in a single operating segment. Address for us your consideration of the operating segment criteria of ASC 280-10-50-1 as applicable to your “two major complementary business platforms: Dada Now, (your) local on-demand delivery platform, and JDDJ, (your) local on-demand retail platforms.” Tell us your consideration of the aggregation criteria of ASC 280-10-50-11. |
The Company respectfully advises the Staff that the Company operates its business as a single segment as the Company’s chief operating decision maker (“CODM”) reviews the performance of the Company on a consolidated basis, while revenue and a few other industry operation matrices including order volume and gross merchandise volume (“GMV”) of the Company are reviewed on a more disaggregated basis to identify performance problems and allocate resources.
The Company submits that this conclusion is in accordance with the guidance in ASC 280-10-50-1, which states that an operating segment is a component of a public entity that has all of the following characteristics:
a. It engages in business activities from which it may earn revenues and incur expenses (including revenues and expenses relating to transactions with other components of the same public entity).
b. Its operating results are regularly reviewed by the public entity’s chief operating decision maker to make decisions about resources to be allocated to the segment and assess its performance.
c. Its discrete financial information is available.
The Company’s chief executive officer (“CEO”) is the CODM, who is also responsible for decisions about overall resource allocation and performance assessment of the Company. The Company’s strategy is to continue innovating its services, with a focus on expansion and increase of revenues. The information the CODM reviews to monitor the Company’s performance and allocate resources has been driven by the Company’s strategy and principally focuses on revenue and industry operation metrics including order volume and GMV, both at consolidated level and by major business platforms. The operation and support expenses of the Company, which mainly include the riders’ cost, are managed on a centralized basis and the Company doesn’t allocate such costs to each platform for its CODM review purpose. No operating results containing profitability measurement (e.g., margin) at a disaggregated level is reviewed by the CODM to assess performance of and allocate resources to the business platforms. The new JD Logistics business model resulted in a change in the accounting for revenue recognition, however, it did not result in any change to the content of key metrics reviewed by the CODM. Therefore, the Company has reached the conclusion that it has only one operating segment as defined by ASC 280-10-50-1. As there is only one operating segment as concluded, the Company considers that the aggregation of operating segments under ASC 280-10-50-11 is not applicable.
General
| 6. | Please revise to refrain from using terms such as “we” or “our” when describing activities or functions of the VIEs. |
The Company undertakes to refrain from using terms such as “we” or “our” when describing activities or functions of the VIEs, and make necessary revisions in future filings of its annual report on Form 20-F.
* * *
If you have any additional questions or comments regarding the 2021 Form 20-F, please contact the undersigned at +86 21 3165 7167 or beck@imdada.cn or the Company’s U.S. counsel, Yuting Wu of Skadden, Arps, Slate, Meagher & Flom LLP at +86 21 6193 8225 or yuting.wu@skadden.com.
| Very truly yours, | ||
| /s/ Beck Zhaoming Chen | ||
| Beck Zhaoming Chen | ||
| Chief Financial Officer |
| cc: | Lijun Xin, Chairman of the Board of Directors, Dada Nexus Limited |
Huijian He, President, Dada Nexus Limited
Beck Zhaoming Chen, Chief Financial Officer, Dada Nexus Limited
Yuting Wu, Esq., Partner, Skadden, Arps, Slate, Meagher & Flom LLP
Kelly Yu, Partner, Deloitte Touche Tohmatsu Certified Public Accountants LLP