2025年5月23日，中国人民银行发布《中国人民银行令〔2025〕第4号》，正式公布《业务领域网络安全 事件报告管理办法》(以下简称《办法》)，并明确自2025年8月1日起施行。该文件围绕金融行业网络安 全事件的分级标准、报告时限、处置流程与法律责任进行系统规范，被业内视为金融数据安全监管体系 的重要升级。 随着数字金融业务持续扩张，金融机构在网络攻击与数据泄露风险方面承压加剧。此次新规的出台，进 一步明确了数据泄露事件的量化标准与强时效报告机制，强化了金融行业的合规要求。 一、四级分类+量化标准：数据泄露正式纳入精细化监管框架 根据《办法》，网络安全事件按照"特别重大、重大、较大、一般"四个等级进行分类管理。对于数据泄 露类事件，将结合泄露数量、信息敏感程度等因素进行综合判定，并对应不同的报告与处置要求。 值得关注的是，《办法》明确提出具体数量分级红线，并将数据规模与敏感度作为核心认定指标。这意 味着，金融机构不仅要具备发现风险的能力，更需在短时间内完成泄露规模测算和等级判断。 业内分析指出，数据分级能力已成为金融行业网络安全治理的关键能力之一。 二、"1小时简报"机制压缩响应窗口 《办法》第十五条明确规定 ...

Core Insights - The implementation of new regulations for internet lending has shown significant results, with approximately 120 financial institutions disclosing their cooperation lists with over 500 technology and financial service companies by the end of October [1][2] - However, issues such as non-standard disclosure formats and inaccurate information have been identified, including hidden disclosure locations and lack of search functionality [1][2] Group 1 - As of the end of October, around 120 financial institutions have disclosed their internet lending cooperation lists, with nearly 4000 instances of disclosures [1] - The disclosed cooperation lists include over 500 companies, but the format and accuracy of the information remain problematic [1][2] - The China Internet Finance Association has proposed three initiatives to improve the disclosure process, emphasizing the need for clear and accessible information for consumers [2] Group 2 - The new regulations, effective from October 1, aim to address issues in the internet lending sector, including management inadequacies and consumer rights protection [2][3] - Financial institutions are required to manage their cooperation lists and disclose them through official channels, ensuring timely updates and accurate information [3] - The regulations prohibit banks from collaborating with institutions not included in the approved lists, reinforcing compliance and oversight [3]