China Banking and Insurance Regulatory Commission issues implementation plan for high-quality digital finance across banking and insurance

The China Banking and Insurance Regulatory Commission published an implementation plan to promote high-quality development of digital finance in the banking and insurance sectors, setting out requirements for institutions to deepen digital transformation while strengthening security and risk controls. The plan adopts a “dual-wheel drive” approach based on digital technologies and data elements and, building on the 2022 digital transformation guidance, adds “AI+” and “Data Elements ×” workstreams across governance mechanisms, service enablement, new technology adoption, data capability, risk management and supervisory digitalisation. For firms, the plan highlights eight priority application areas, including support for technology companies and advanced manufacturing, green finance, enhanced small and micro enterprise services using multi-source data, targeted digital products for healthcare and ageing-related services alongside measures to narrow the digital divide, rural revitalisation, major regional development strategies and trade digitisation. It encourages eligible institutions to build enterprise AI platforms and explore quantum computing, blockchain and privacy computing, while requiring stronger in-house controllability over technology stacks, distributed and microservice upgrades, and shared digital infrastructure; it also calls for enterprise-wide data governance, data asset management and secure data ecosystems, with specific emphasis on data protection in apps and mini-programs. Risk expectations cover strategic alignment of transformation with firms’ capabilities, liquidity, operational and outsourcing risks, intelligent risk platforms using machine learning and graph techniques, classification and grading frameworks for AI use with human intervention mechanisms, full lifecycle model risk management to improve transparency and explainability, end-to-end management of consumers’ personal information, and tighter oversight of third-party ecosystem partners; for supervisors, the plan seeks higher digital and intelligent capability in licensing, off-site supervision, inspections and enforcement, greater use of AI and big data for penetrating supervision and early warning, standardised regulatory data via a “one-form” reporting approach, and strengthened talent development combining technology, data and supervisory expertise.