China starts new cybersecurity reporting measures for financial institutions

( June 3, 2025, 05:22 GMT | Official Statement) -- MLex Summary: The People’s Bank of China has started new administrative measures requiring financial institutions to report cybersecurity incidents linked to the central bank's business areas — including currency and credit, cross-border RMB, interbank market, payment and clearing, anti-money laundering, credit reporting and credit rating. Set to go into effect on Aug. 1, the rules establish baseline criteria to classify incidents into four tiers: extraordinarily severe, severe, significant and general. They also lay out reporting requirements covering the pre-incident, incident, and post-incident phases, specify the necessary content for reports that address accountability as well as clarify associated legal liabilities.Below please find the statement: ...

Prepare for tomorrow’s regulatory change, today

MLex identifies risk to business wherever it emerges, with specialist reporters across the globe providing exclusive news and deep-dive analysis on the proposals, probes, enforcement actions and rulings that matter to your organization and clients, now and in the longer term.

Know what others in the room don’t, with features including:

Daily newsletters for Antitrust, M&A, Trade, Data Privacy & Security, Technology, AI and more
Custom alerts on specific filters including geographies, industries, topics and companies to suit your practice needs
Predictive analysis from expert journalists across North America, the UK and Europe, Latin America and Asia-Pacific
Curated case files bringing together news, analysis and source documents in a single timeline

Experience MLex today with a 14-day free trial.

Start Free Trial

Already a subscriber? Click here to login

China starts new cybersecurity reporting measures for financial institutions

Prepare for tomorrow’s regulatory change, today

Related Sections