New interim measures have been introduced in China, requiring accounting firms to store audit documentation on the mainland. These regulations are scheduled to take effect from October 1 and were jointly issued by the Ministry of Finance and the Cyberspace Administration of China (CAC). [para. 1][para. 2]. The measure also requires companies to secure approval to export audit reports and prohibits them from sharing data from domestic projects with foreign regulators. [para. 2][para. 3].
These rules apply to businesses operating in mainland China that serve a variety of entities, including listed companies, unlisted financial state-owned enterprises, central government-controlled state-owned enterprises, operators of critical information infrastructure, and operators of internet platforms. Particularly applicable to accounting firms. Million users. Furthermore, these regulations also target companies that engage in cross-border auditing. [para. 5].
Under the new framework, auditors working with critical or core data must manage this information according to specific classifications (core, critical, general). Each category has separate requirements for storage, logging, and transmission protocols. Additionally, encryption equipment must be installed locally within the mainland and managed by an in-country team to ensure that all encryption keys are stored within China. [para. 6][para. 7][para. 8].
These measures are part of a broader effort by Chinese authorities to strengthen data security following the enactment of several laws, including the Cybersecurity Law of 2017 and both the Data Security and Personal Information Protection Laws of 2021. It is. These laws collectively form a comprehensive legal structure.Data security and personal data privacy protection across industries, including accounting [para. 4][para. 9].
Despite these strict new rules, an analyst at a multinational accounting firm believes that these rules are a hindrance because audits related to foreign listings are typically conducted domestically without the need for data export. He pointed out that it should not. However, for Chinese companies listed in the U.S., audits required by the Public Company Accounting Oversight Board (PCAOB) must be made available to Chinese authorities such as the Treasury Department and the China Securities Regulatory Commission before exporting the audit report. Regulatory approval required. [para. 10][para. 11].
In 2022, a major agreement was reached between US and Chinese regulators, giving US authorities access to audit documents of Chinese companies in Hong Kong. The move is aimed at resolving a long-standing dispute that threatens to delist about 200 Chinese stocks from U.S. exchanges.The deal is described as a short-term solution that primarily focuses on increasing cooperation between audit institutions, rather than imposing restrictions on listed companies themselves. [para. 12][para. 13][para. 14].
The conditions under which audit documentation is exported depend on three main factors: One is adherence to the principle of reciprocity, which allows for mutual examination. Coordination with agreed scope for types of enterprises.Compliance with the agreement method including interviews with accounting firm personnel with the participation of the Chinese side [para. 15].
AI generated, for reference only