China Proposes Strict Cybersecurity Rules for Banks, Insurers
Listen to the full version

China’s top financial regulator has proposed sweeping cybersecurity rules for the banking and insurance sectors, which would make top executives accountable for severe network outages and data breaches.
The National Financial Regulatory Administration (NFRA) draft rules categorize cyber incidents into four tiers based on severity. For “extremely serious” breaches — such as major data leaks or multi-province outages lasting three hours or more — institutions would be required to take immediate remedial action, notify users and report to regulators every two hours until the issue is resolved.
Unlock exclusive discounts with a Caixin group subscription — ideal for teams and organizations.
Save an extra $50. Introductory offer for new readers. Subscribe now.



