China News Service, Beijing, August 14 (Reporter Chen Kangliang) The China Securities Regulatory Commission stated on the 14th that the China Securities Regulatory Commission drafted the "Regulations on the Administration of Securities Companies Lease of Third-Party Online Platforms to Carry out Securities Business Activities (Trial)" (hereinafter referred to as "Administrative Regulations") , Soliciting opinions from the public.
The relevant person in charge of the China Securities Regulatory Commission stated that in recent years, with the rapid development of Internet technology, business institutions represented by securities companies have rented cyberspace business premises on third-party network platforms to provide investors with securities brokerage, securities investment consulting and other securities. Service demand. Among them, in order to seek a rapid increase in the number of customers and transaction activity in the short term, individual securities companies ignore potential risks in new business scenarios, and even actively reduce compliance, risk control, and information security audit standards to provide convenience for illegal activities. Affect the security and stability of the securities market.
There are 21 articles in the "Administrative Regulations", which mainly clarify matters such as the responsibility boundary, code of conduct, procedural requirements, and prohibitive regulations for securities companies to rent third-party online platforms to carry out securities business activities. include:
Clarify the boundaries of responsibility. Securities companies are the main body responsible for conducting securities business activities. Third-party institutions are limited to providing cyberspace business sites and other related information technology services, and may not intervene in any link of securities companies engaging in securities business activities.
Standardize business activities. The first is to ensure technological security. Securities companies shall independently operate and independently manage relevant business information systems or functional modules. The second is to do a good job of data isolation to ensure that third-party institutions do not touch and store relevant business and customer data. The third is to standardize the charging model and stipulate the upper limit of fee payment. The fourth is to maintain business independence, clarify investor protection measures, and clearly remind investors that the securities services are provided by securities companies.
Strengthen internal control requirements. The first is to require securities companies to conduct internal evaluations, formulate business plans in advance, and be reviewed by the Information Technology Governance Committee. At the same time, a written agreement was signed with the relevant third-party organization to clarify the conduct that it must not engage in. The second is to continue to track and evaluate the compliance and security of the third-party network platform and the implementation of the agreement between the two parties during the event, and incorporate cooperation into the scope of the company's compliance risk control. The third is to do a good job of emergency management afterwards and establish an exit mechanism.
Clarify supervision and management requirements. Including information reporting requirements, the division of responsibilities of supervisory departments, supervisory methods, penalties, etc. (Finish)