China’s national security push aims to put auditors in cross hairs when sensitive data is involved
- Accounting firms and auditors look to come under greater scrutiny as Beijing tightens its grip on data security and management
- Move seen as a step toward further institutionalising China’s overall data-security architecture, and more industry-specific laws and regulations are expected
China’s finance ministry has proposed that auditors undergo or conduct additional cybersecurity reviews when their work involves national security, as authorities step up efforts to ensure data security.
The proposal is aimed at “strengthening the data-security management of accounting firms, and standardising the data-processing activities of accounting firms”, according to a statement posted by the Ministry of Finance on Monday.
The draft of the new measures, co-drafted by the Cyberspace Administration of China, apply specifically to auditors who have been hired by listed firms and non-listed state-owned financial institutions, as well as other state-owned companies. The draft rules also apply to those who conduct cross-border auditing.
The document highlighted Beijing’s latest efforts to tighten its grip on data security and management across industries since its introduction of two sets of law on data security and privacy in 2021. The law contained provisions on protecting “important” and “core” data concerning “national security” from being exported.
According to the document, accounting firms that undertake auditing business in “important areas related to the national economy and people’s livelihood carry out data-processing activities that affect or may affect national security”, and thus they should “conduct network-security reviews in accordance with relevant network-security review mechanisms”.