Adrian Johnson
TLDR:
- China’s Ministry of Finance and the Cyberspace Administration of China release interim measures for data security management by accounting firms effective from October 1, 2024.
- The measures aim to standardize data processing activities, promote institutionalization and respond to the development of the digital economy.
China has released a series of interim measures for data security management by accounting firms, with the aim of standardizing data processing activities. Effective from October 1, 2024, the measures refine the relevant provisions for national network and data security management in the certified public accountant (CPA) profession. This provides a basis for CPA firms to carry out data security management activities, promoting institutionalization and standardization of data security management in the CPA profession. The provisional measures regulate areas such as data classification and grading, manuscript management, and network management.
The measures also address international engagement by accounting firms, stipulating that audit working papers should be deposited in China and setting rules for overseas regulators to access these papers through cross-border regulatory cooperation mechanisms. Accounting firms are required to establish a data backup system, encryption equipment, and a team for operation and maintenance in China. These measures aim to ensure the security and accessibility of audit working papers even in the event of technical restrictions.
