Out-Law News 1 min. read
17 Mar 2015, 3:32 pm
The rules demand that banks buy "secure and controllable" IT equipment if they are to operate in China, and their IT suppliers will be forced to hand over source code files to the China Banking Regulatory Commission, the Financial Times said.
Banks are also being asked to supply encryption keys protecting data, and to testing by the Chinese authorities, The Wall Street Journal reported.
It had been reported last month that business organisations in Europe had asked the European Commission to intervene to stop the measure, which they said would undermine the ability of European IT companies to do business with banks in China.
Banks were due to submit plans on how to convert their IT systems by 15 March and are asked to begin installation of new systems by 1 April, the Financial Times said. They will have four years to ensure that at least 75% of equipment meets the criteria.
Mainframe computers must be altered to meet the banking regulator's "secure and controllable" criteria, while and all new desktop purchases must meet the rules. No less than 10% of new software must meet the criteria, and at least 50% of new anti-virus software. The rules also cover air conditioning in machine rooms, where 80% of new purposes must conform, The Wall Street Journal said.
Both EU and US trade groups have criticised the measures, and The Wall Street Journal quoted "technology company executives" who say privately that China may back down on the source code demands.
However, some insiders see the rules as being a way to make banks change to Chinese vendors, to the detriment of the US companies that currently supply most banking technology, The Wall Street Journal said.
US embassy officials are believed to have met with Chinese regulators and vice president Ma Kai is expected to discuss the matter at the German business IT tradeshow CeBIT in Hanover this week, The Wall Street Journal said.
