PBoC issued draft measures on January 11 to regulate domestic credit investigation agencies and prevent such agencies from collecting excessive information from individuals, as reported by Eastmoney on January 12. The measures specify rules for credit reporting agencies to collect, organize, save, and process personal credit information. The principle for data collection is to ask for the least and only necessary most necessary information, while curbing the abuse of such information collection. According to the new guidelines, when providing corporate credit information inquiry services overseas, credit reference agencies should review the identity and purpose of information collection, to ensure legal use of data.

This is another regulation for the domestic credit investigation industry following previous ones PBoC released in 2013 and 2015, respectively for the credit information collection sector and credit agencies. Compared to the two measures, the latest draft defines credit information and credit reference businesses, and expands the scope of credit information to include alternative data. Alternative data contains information regarding identity, addresses, debt, property, consumption, etc.

Echoing the Cybersecurity Law and the draft of the Personal Data Protection Law, PBoC’s measures signal tightening supervision over the credit investigation sector, especially personal data collection. For example, on December 30, 2020, the central bank imposed a RMB20m fine on Pengyuan Credit Service for engaging in the personal credit business without regulatory approval, marking it as the largest fine of credit reference agencies in China.

In addition, according to foreign media, Chinese regulators including PBoC allegedly considered using the new measure to push tech giants such as Ant Group, Tencent , and JD.com to share their consumer credit data. PBoC did not confirm the statement, nor did the three companies comment. To give a sense of the scale of operation, Ant Group, the operator of internet finance platform Alipay, collects data from more than 1bn individuals. Moreover, Tencent’s online bank, WeBank, released over 460m loan drawdowns, while JD.com’s JD Finance had 70m annual active users as of the end of 2019, implying a huge amount of individual information collection from all three tech giants.

Reference

https://telecom.economictimes.indiatimes.com/news/chinese-regulators-to-push-tech-giants-to-share-consumer-credit-data-sources/80225260

http://finance.eastmoney.com/a/202101121770529072.html

http://www.cb.com.cn/index/show/zj/cv/cv135110311261/p/1.html

http://finance.caixin.com/2021-01-12/101649975.html