China’s finance ministry is proposing additional cybersecurity checks for auditors involved in work related to national security. The draft measures, revealed on Friday, also provide guidelines for how accounting firms should handle data related to Chinese companies.
These measures specifically target auditors engaged by domestic firms or involved in cross-border work, with the chief partner of an auditing firm designated as responsible for data security, according to the draft rules. The public can provide input on the draft until December 11, and major auditing firms like PricewaterhouseCoopers, Deloitte, KPMG, and EY have not yet responded to requests for comments.
Over the past two years, China’s cybersecurity authority has been actively establishing policies outlining how businesses, in general, should handle and implement security assessments. The heightened concern about data security has led Chinese authorities to increase scrutiny of auditors.
Rules issued in May already mandate that state-owned companies and listed enterprises strengthen checks on accountants’ ability to manage information security. In an effort to reduce the influence of Western auditors, Beijing has reportedly asked some state-owned firms to cease using the big four global accounting firms.
Last year, the United States and China reached a settlement to resolve a longstanding dispute over auditing compliance of U.S.-listed Chinese firms. The agreement involves conducting audit inspections in Hong Kong, as China has been reluctant to grant full access to U.S. regulators.