China cybersecurity law to increase bank scrutiny

Author: Ashley Lee | Published: 21 Jul 2015

Data protection and cybersecurity are growing increasingly important to regulators in China and lenders and their service providers could face additional approvals for their systems.

In Asia regulators from Singapore to Korea are implementing rules on cybersecurity and data protection, creating a web of obligations that can differ substantially between countries.

In China these areas have also been a government focus. Last December the China Banking Regulatory Commission (CBRC) and the Ministry of Industry and Information Technology (MIIT) issued CBRC Notice 317 on controlling information and communication technology. It required applications’ source code to be submitted to the CBRC for testing, and a Chinese entity was required to own and control intellectual property.

The rule was suspended following pressure from international organisations and businesses, but the government has introduced new legislation around data collection, storage and protection.

"Circular 317 threw a bit of a bomb into the world of suppliers...



close Register today to read IFLR's global coverage

Get unlimited access to for 7 days*, including the latest regulatory developments in the global financial sector, updated daily.

  • Deal Analysis
  • Expert Opinion
  • Best Practice


*all IFLR's global coverage published in the last 3 months.

Read IFLR's global coverage whenever and wherever you want for 7 days with IFLR mobile app for iPad and iPhone

"The format of the Review has changed over the years; the high quality of its substantive content has not."
Lee C Buchheit, Cleary Gottlieb