China’s National Financial Regulatory Administration has instructed banks and insurers to conduct a comprehensive review of their cyber and data security. This move, aimed at protecting against ransomware attacks and other cyber threats, follows a major cyberattack on the US operations of Industrial & Commercial Bank of China Ltd. (ICBC) in November. Chinese banks are specifically urged to enhance email security and phishing defences. The directive aligns with China’s increasing focus on national security and data control under President Xi Jinping, including the 2021 data security law. This law has impacted foreign firms’ expansion in China and heightened investment concerns. The ICBC incident, which led to temporary reliance on physical data transfer methods like thumb drives, has raised global awareness of the potential for cyberattacks to disrupt critical financial systems.
top of page
bottom of page