官方通报！55款涉金融应用小程序，存在风险！

Core Viewpoint - The rapid development of financial technology and the popularity of mobile internet have made mini-programs a crucial channel for financial institutions to provide online services, despite exposing significant security risks and compliance loopholes [1][2]. Group 1: Security Risks in Financial Mini-Programs - A recent inspection by the China Internet Finance Association revealed that all 55 sampled financial mini-programs exhibited varying degrees of security risks, with an average of 18.13 risk issues per program [5][6]. - High-risk issues, which threaten core financial security, were found in 18.19% of the inspected mini-programs, primarily related to "key leakage" and "application error vulnerabilities" [6]. - Medium-risk issues were highly concentrated, with 38 programs showing "unobfuscated code" risks and 30 programs having "internal domain leakage" risks [6]. Group 2: Regulatory and Compliance Issues - Some local financial organizations were found to be using mini-programs to conduct illegal financial activities, such as high-interest lending, violating national regulations on interest rate management and financial marketing [9]. - The association has requested the removal of these problematic mini-programs from the WeChat platform and will refer the cases to relevant authorities [9]. Group 3: Recommendations for Enhancing Financial Security - The China Internet Finance Association recommends that financial institutions strengthen their management responsibilities for digital channels, including mini-programs, and enhance their security governance systems [10]. - Mini-program platforms should establish comprehensive admission review, daily monitoring, and violation handling mechanisms to maintain a clear digital financial ecosystem [10]. - Financial consumers are encouraged to improve their self-protection awareness and risk identification capabilities, carefully assess their repayment abilities, and be cautious of excessive marketing and false advertising [10]. Group 4: Ongoing Self-Regulation Efforts - The association plans to enhance self-regulation of financial apps and mini-programs, conducting regular self-checks and initiating mini-program filing work to improve industry safety and compliance levels [11]. - The initiation of mini-program filing work indicates a shift towards proactive regulation, allowing for better oversight and risk prevention from the outset [11].