China outlines data security regulations for auditors
Published: Nov 14, 2023 10:31 AM
data security File photo

data security File photo

The Ministry of Finance (MOF) and the Office of the Central Cyberspace Affairs Commission have drafted a set of new rules to strengthen data security regulation on auditors in line with the country's laws and regulations including the Data Security Law and the Network Security Law.

Industry analysts said that the new draft will have no impact on foreign auditors' business in the Chinese mainland, as it aims to strengthen data security management rather than tightening regulation on business operations.

According to the circular posted on the website of the MOF, auditors should try to improve data security management. Their audit working papers and related data should be stored within Chinese borders and there should not be data backup outside the country.

Auditors will be required to apply for regulatory approval if the working papers are to be sent overseas. In this regard, auditors need to undergo additional checks and take necessary measures to strictly implement management responsibility of all sensitive information, the circular noted.

The transmission of auditors' core data should be encoded so as to ensure its security, the circular said.

In addition, auditors' contracts with their clients, and related documents, should not involve such clause as agreeing to provide overseas regulators data about auditing projects that are conducted in China.

The draft is open for public consultation until December 11.

A partner of a Chinese subsidiary of the world's Big Four accounting firm, who declined to be named due to the sensitivity of the issue, told the Global Times that the new regulations will not have an impact on the work already done on the Chinese mainland. "In our accounting work, we always strictly manage data security," he said.

Zhang Yi, CEO of the iiMedia Research Institute, told the Global Times that it is understandable that the Chinese authorities are pushing to strengthen data security regulation for financial auditing, as some global accounting firms carry out auditing of China's centrally-administered state-owned enterprises and other leading firms - which are strategically important to the economy.

"However, if the auditors have always conducted auditing work in line with China's laws and regulations, the new rule will have no impact on their future business at all," he said, stressing that the law should better ensure market access for foreign auditors' business in China.