CBRC "Secure & Controllable" Guidelines Officially Suspended


On April 16, Zhao Zeliang, Director-General of the Network Security Department of the Cyberspace Administration of China (CAC), told USITO and a few other foreign trade associations that the China Banking Regulatory Commission (CBRC) and Ministry of Industry and Information Technology (MIIT) had suspended implementation of the Notice on the Promotion Guidelines for Banking Applications of Secure and Controllable Information Technology (2014-2015) ("CBRC Guidelines" -Document 317), pending further stakeholder input and revision. An official notice of the postponement, dated April 13, was issued directly to all local banking regulatory bureaus and local banking financial institutions. 

CAC Director-General Zhao explained that certain aspects of the Guidelines were not in line with China's national principles and positions and required further amendment and revision. Zhao said, however, that China's national government would continue to require CBRC to effectively and reasonably secure and improve IT security in the banking sector.