Monday, Feb 19, 2024

Draft rules aim to boost audit security

Draft rules aim to boost audit security

[Photo/IC]

China will strengthen regulation over accounting firms' data management, a move that experts said will bolster the country's data security, further safeguard national security and facilitate cross-border auditing cooperation.

The Ministry of Finance and the Office of the Central Cyberspace Affairs Commission issued a circular late on Monday which unveiled a new set of draft rules, and sought professional opinion by Dec 11.

According to the draft rules, under certain circumstances, China will carry out a cybersecurity review of data processing activities of accounting firms that audit sectors crucial to the Chinese economy or people's livelihoods.

The draft rules also urged the authorities concerned to implement full-range supervision and inspections, and continuously strengthen daily supervision of accounting firms undertaking audits of businesses in important sectors such as finance, energy, telecommunications, transportation, science, technology and defense.

"The new rules are good news for China's national data security. Ensuring data confidentiality is an important and globally accepted requirement for auditors providing services to clients," said Liu Feng, a professor at Xiamen University in Fujian province.

"Only when accounting firms regard data security as important as audit risk prevention could the security of audit data not become an issue," said Liu, who is also director of the Center for Accounting Studies of Xiamen University and a member of the Advisory Council of the International Financial Reporting Standards.

The new rules stipulate the protocols for handling issues related to sending audit work papers overseas, he said.

Liu Ying, a researcher at the Chongyang Institute for Financial Studies at Renmin University of China, said leaking data under the name of auditing is not acceptable.

"The draft rules have clarified (certain data-related practices of) accounting firms and applicable activities. The approval and implementation of the rules will likely be welcomed as they provide clear do's and don'ts for the auditing industry," Liu said.

Audit work papers generated within Chinese borders should be stored within Chinese borders and for those that need to be sent overseas, approval procedures in accordance with relevant laws and rules must be followed, the draft rules state.

Accounting firms must conduct multiple reviews on sending audit work papers overseas, and take necessary measures to strictly clarify management responsibilities with regard to confidential and sensitive information in audit work papers, the draft rules state.

They also stipulate that accounting firms must classify data on different scales of importance to apply differential management protocols. They also make specific provisions on aspects such as data transmission, encryption and backup, and set out specific requirements for data management means, data storage methods and data log management.

Last year, the China Securities Regulatory Commission, the Ministry of Finance and the United States Public Company Accounting Oversight Board signed an audit oversight cooperation agreement.

The agreement established a cooperation framework in line with the authorities' respective laws and regulatory mandates and set out specific arrangements for conducting inspections and investigations by both sides of relevant audit firms within the jurisdiction of both sides.

First uploaded on:
Latest Comment
Post Comment
Read Comments