Get more with myNEWS
A personalised news feed of stories that matter to you
Learn more
The first day of the 2021 Hong Kong FinTech Week at the Hong Kong Convention and Exhibition Centre in Wan Chai on 3 November 2021. Photo: K. Y. Cheng

China’s central bank speaks up as data privacy advocate as it curbs unauthorised and excessive data collection by fintech companies

  • China’s central bank Governor Yi Gang says it will continue to crack down on fintech companies’ misuse of data, and unfair practices
  • PBOC has joined other top regulators in enforcing personal data protection, and data cross-border transfer by Chinese tech firms
The People’s Bank of China said it will take the lead to curb the unauthorised and excessive collection of personal data by technology companies that provide financial services, as it steps up to the plate as an advocate of data privacy in the world’s largest fintech market.
Advancements in artificial intelligence (AI), cloud computing, big data, blockchain and e-commerce have come at the cost of personal data protection, as financial institutions adopt fintech, said the Chinese central bank’s Governor Yi Gang, in an 8-minute keynote speech devoted to data protection during the 2021 Hong Kong Fintech Week.
“Big data is at the heart of technology,” Yi said in his televised remarks from Beijing. “Companies with large traffic could acquire new customers … and enjoy steady data flow. Fintech has increasingly gained the upper hand in using, accessing and storing data.”
Yi’s speech underscores the legal framework for personal data protection that is taking shape in China with the passage of a data security law this year and a personal information protection law, which became effective this month. It also bookmarks the year-long crackdown by Chinese financial and antitrust regulators on fintech giants such as Ant Group, Tencent Holding’s WeChat and’s JD Digits businesses over the storage, usage and management of personal data collected by technology platforms.
Yi Gang, the Governor of the People's Bank of China, speaking in a televised speech from Beijing during the Hong Kong Fintech Week on 3 November 2021. Photo: EPA-EFE
The Chinese central bank is not exactly waking up to data protection, as it had published a set of rules since 2005 to govern the management of data in anti-money-laundering, credit information and consumer protection. What is different now is the central bank shifting its focus to unfair and what it calls excessive collection of data, especially by fintech firms.

“Some [companies] collect data without permission, [and are] leaking customer data, so the strengthening of personal data protection is an urgent matter,” Yi said. “We are cracking down on excessive collection of consumer data, and unfair practices that require customers to hand over data in exchange for financial services.”


Tightened regulations among key trends shaping China’s internet in 2021

Tightened regulations among key trends shaping China’s internet in 2021
Ant Group, an affiliate of this newspaper’s owner Alibaba Group Holding, was the lightning rod of the Chinese authorities’ fintech crackdown, when its US$39.7 billion initial public offering (IPO) was scrapped a year ago.
A US$4.4 billion New York listing in late June by Didi Global against the injunctions of Chinese regulators resulted in the Cyberspace Administration of China (CAC) tightening its grip over data management.
The CAC released a set of draft rules last week that proposed adding to the requirements for businesses wanting to transfer Chinese data abroad. The draft, likely to become official after the public feedback period ends on November 28, is set to have a far-reaching impact on the overseas listings of Chinese companies, and could potentially affect data flows between the mainland and Hong Kong, as they cover all data leaving China’s “borders”.
The latest fintech firms to come under the central bank’s scrutiny are Futu and Tiger Brokers, two internet-based brokerages that allow mainland Chinese traders to transact in Hong Kong and US-listed equities.
The Chinese central bank’s Financial Stability Department head Sun Tianqi said last month the operating model of cross-border online brokerages could be illegal. While Sun did not name any firms, Futu and Tiger had been the two dominant online brokers that offer cross-border trades to mainland investors without onshore licences.
People’s Daily, the mouthpiece newspaper that reflects the thinking of the Communist Party, cited a lawyer in saying in October that Futu and Tiger faced challenges in meeting the requirements of the personal information protection law.

Futu previously said it does not believe that it engages in a securities brokerage business in China, but there remain “uncertainties” about the interpretation and implementation of relevant laws and regulations in the mainland.

Data protection and the promotion of fairer use of data is intended to “unleash the vitality and innovation capacity of market players,” Yi said. “Going forward, we will continue to improve the legal framework for personal data protection in the financial sector and strengthen regulation accordingly.”

This article appeared in the South China Morning Post print edition as: Central bank boss takes aim at fintech on data collection