China Proposes Strict Cybersecurity Regulations for Financial Sector

China Proposes Strict Cybersecurity Regulations for Financial Sector

First seen 14 Jul 2026, 14:06 UTC CaixinglobalThebanker 78% similarity 24.9

Article Content

Browse articles
ThreatCluster

On July 13, 2026, China's National Financial Regulatory Administration (NFRA) proposed new cybersecurity rules targeting banks, insurers, and financial holding companies. The draft Administrative Measures categorize cyber incidents into four tiers based on severity, with stringent requirements for 'extremely serious' breaches. Institutions facing major data leaks or outages lasting over three hours must notify users and regulators every two hours until the issue is resolved. The regulations aim to hold top executives accountable for severe network outages and data breaches. This initiative reflects a growing emphasis on cybersecurity within China's financial sector, aiming to enhance overall resilience against cyber threats.

Key Points: • China's NFRA proposed new cybersecurity regulations for banks and insurers. • Cyber incidents will be categorized into four tiers based on severity. • Executives will be held accountable for severe data breaches and outages.

ThreatCluster AI

Timeline

2026-07-13
China proposed new cybersecurity regulations
The NFRA announced draft rules for banks and insurers, categorizing cyber incidents into four severity tiers.
Caixinglobal
2026-07-14
Regulatory details published
The draft Administrative Measures include eight chapters and 72 articles outlining cybersecurity requirements.
Thebanker

Community

Browse all →