On 3 September 2014, China Banking Regulatory Commission (CBRC) issued the Guidance Opinions on the Strengthening of Banking Industry’s Internet Security and Information Construction by the Use of Secure and Controllable Technology (the Guiding Opinions). The Guiding Opinions provides for certain generic requirements in terms of improving IT security in the banking sector.
On 26 December 2014, CBRC issued the Guidelines for the Use of Secure and Controllable IT (2014-2015) (the Technology Procurement Rules). The Technology Procurement Rules lay down further details for the implementation of the Guiding Opinions.
The Technology Procurement Rules are not publicly available yet, but based on the public information, they include the following specific requirements:
- Filing of source code
- Independent IP rights in China
- Controllable supply chain
- Local R&D centres