China issues new financial data rules in major cybersecurity push

China has issued new financial data service rules in a pursuit to strengthen data security management, regulate industry development and expand cybersecurity push.

These guidelines issued on Saturday will help classifying, protecting and grading financial information service data and all the service providers working within China would be obliged to follow these rules in compliance with national data security law, as stated by the Cyberspace Administration of China, the People’s Bank of China and four other regulators in a joint statement.

According to the Cyberspace Administration of China, the data would be classified into four-tiers: Important, sensitive general and routine general-based on importance, sensitivity and the potential harm from leaks.

Driven by a significant surge in data generation and frequent information flows, these measures establish a standardized framework designed to strengthen overall security and promote the lawful use of information.

“Financial information services are developing in an ⁠orderly manner, and the volume of data is expanding … which urgently requires standardised, classified ⁠and graded management,” the guidelines said.

However, The rules do not apply to data involving ⁠state secrets or military information.

The core objectives of these rules are to protect sensitive information and support broader national efforts to secure data processing within the financial sector.

These guidelines also requires firms and companies to: