Core Points - The People's Bank of China (PBOC) has issued the "Data Security Management Measures for the Business Areas of the People's Bank of China," effective from June 30, 2025, to enhance data security in financial institutions [1][2] - The measures consist of seven chapters and fifty-six articles, covering data resource classification, security management regulations, technical security provisions, risk monitoring, and supervisory responsibilities [2][3] - The PBOC emphasizes the importance of data protection obligations for data processors while allowing for exemptions under certain circumstances, aiming to encourage proactive data security measures [3] Group 1 - The "Data Security Management Measures" aim to implement the decisions of the Central Committee and the State Council regarding data security and to establish a legal foundation for data security in financial sectors [1][2] - The scope of the measures focuses on financial institutions and other entities approved by the PBOC, specifically in areas such as monetary credit, macro-prudential management, and anti-money laundering [2][3] - The measures include provisions for data collection, storage, usage, processing, transmission, and deletion, ensuring comprehensive security management throughout these processes [2] Group 2 - The PBOC will guide financial institutions in complying with the measures to ensure the security of business data and promote the lawful use of data while protecting the rights of individuals and organizations [3] - The measures also outline the responsibilities of the PBOC and its branches in supervising data processing activities and addressing violations [2][3] - The PBOC encourages data processors to enhance data security protection and to provide valuable risk intelligence to identify significant data security risks [3]