China Daily:
It has been reported that some banks and insurance institutions sold millions of pieces of their client's information. Is this true? What will the China Banking and Insurance Regulatory Commission (CBIRC) do to ensure the information security of clients? Thank you.
Huang Hong:
Thank you. I will take your question. The CBIRC has adopted a zero-tolerance attitude towards acts that infringe on the rights and interests of financial consumers and damage the information security of clients. Once discovered, such acts will be investigated in accordance with the law and punished severely. We have taken note of the media reports. In fact, we had already begun monitoring the illegal sale information outside of China two days before the reports came out, and we immediately asked relevant institutions to carry out a sweeping investigation. The institutions have subsequently released responses. Most of the information was fabricated and patched up by hackers.
The CBIRC attaches great attention to the cybersecurity of banks and insurance institutions, and the protection of client information, in particular, is a top priority. Over the years, we have issued a lot of regulatory policies requiring banks and insurance institutions to implement individual information protection laws and regulations, enhance the protection of clients' private information and strictly carry out institutionalized management of client information from collection, to storage to destruction.
The CBIRC established long-term working mechanisms that involve cybersecurity risk monitoring, risk warning, off-site supervision, on-site inspection and supervision rating, and incorporated the protection of client information in the banking and insurance sector into daily information technology risk monitoring. The CBIRC has also held special campaigns for client information protection and cybersecurity of the banking and insurance sectors at irregular intervals, thereby guiding and supervising banks and insurance institutions to strengthen the investigation and rectification of cybersecurity risks.
Next, the CBIRC will uphold the principle of "supervision for the people," further enhancing the cybersecurity supervision of the banking and insurance sectors and urging banks and insurance institutions to keep intensifying relevant work. We will further create a safe and reliable internet financial environment and protect the rights and interests of financial customers.
Xi Yanchun:
Thanks again to the speakers and everyone else. Today's press conference is hereby concluded.
Translated and edited by Wang Yiming, Fan Junmei, Yang Xi, Wang Qian, Zhang Tingting, Zhang Junmian, Zhang Rui, Yan Xiaoqing, Wu Jin, Li Huiru, Lin Liyao, Guo Xiaohong, Zhou Jing, Xiang Bin, Zheng Chengqiong, Wang Yanfang, Wang Wei, Qin Qi, Cui Can, Li Xiao, David Ball, Scott Rainen. In case of any dispute over a discrepancy, the Chinese version is deemed to prevail.
