China Announces New Data Security Rules for Accounting Firms
China's Financial Regulators Announce New Data Security Measures for Accounting Firms
New data security measures for accounting firms have been announced by China's financial regulators. The rules, which take effect on October 1, 2024, require auditing documents to be stored domestically. For cases where documents need to be sent abroad, approval must be obtained following national regulations. The new measures apply not only to accounting firms providing services for listed companies, but also to those serving state-owned financial institutions, centrally-administered enterprises, and platforms with over 100,000 users. This move follows a similar regulation in February 2023, which mandated that work documents related to overseas listings of Chinese companies be stored domestically, with approval needed for any outbound documents.
Key Takeaways
- New data security rules for accounting firms in China announced, taking effect on Oct 1, 2024.
- Scope of the rules extends beyond auditors of listed companies to include those serving state-owned financial institutions, central enterprises, and platforms with over 100,000 users.
- Audit work papers must be stored domestically; outbound papers require approval per national regulations.
- This follows the Feb 2023 guidelines for securities companies and services involved in offshore issuance and listing of Chinese enterprises, mandating domestic storage of related work papers.
- Offshore papers need approval under national regulations, emphasizing data security and confidentiality.
Analysis
China's new data security measures for accounting firms, effective October 1, 2024, will impact global auditing companies, domestic storage providers, and Chinese businesses with overseas operations. The rules aim to strengthen data security and confidentiality, affecting firms serving state-owned financial institutions, central enterprises, and platforms with over 100,000 users. This move follows February 2023 guidelines for securities companies and offshore listings, emphasizing domestic storage and regulation of outbound documents. The consequences include potential market shifts to local auditors, increased demand for domestic data storage, and stricter regulatory compliance. In the long term, this could lead to a more robust domestic auditing industry, increased data protection, and potential barriers for Chinese companies seeking overseas listings. The measures also highlight the growing emphasis on data security and sovereignty in an increasingly digital world.
Did You Know?
- Centrally-administered enterprises: These are large state-owned enterprises in China that are directly managed by the State-owned Assets Supervision and Administration Commission (SASAC) of the State Council. They are significant contributors to the Chinese economy and operate in various strategic sectors such as energy, telecommunications, and transportation.
- Domestic storage of auditing documents: Under the new data security measures, auditing documents related to Chinese accounting firms' clients (including listed companies, state-owned financial institutions, centrally-administered enterprises, and platforms with over 100,000 users) must be stored domestically. This requirement aims to strengthen data security and confidentiality, ensuring that sensitive information remains within China's jurisdiction.
- Offshore papers and approval process: When Chinese accounting firms need to send auditing documents abroad, they must first obtain approval according to national regulations. This process emphasizes data security and confidentiality, ensuring that outbound documents comply with China's data protection policies and do not pose a risk to national security or economic interests.