In order to further implement the law enforcement and coordination requirements set forth in the E-Commerce Law of the People's Republic of China, the Measures for the Supervision and Administration of Online Transactions, and other relevant laws and regulations, to improve the law enforcement coordination mechanism for online transactions, and to promote the healthy development of the platform economy, the State Administration for Market Regulation has issued the Interim Measures for Law Enforcement and Coordination in Online Transactions. The key contents of these measures are as follows:
Interim Measures for Law Enforcement and Coordination in Online Transactions
Effective from January 20, 2025
In order to further implement the law enforcement and coordination requirements set forth in the E-Commerce Law of the People's Republic of China, the Measures for the Supervision and Administration of Online Transactions, and other relevant laws and regulations, to improve the law enforcement coordination mechanism for online transactions, and to promote the healthy development of the platform economy, the State Administration for Market Regulation has issued the Interim Measures for Law Enforcement and Coordination in Online Transactions. The key contents of these measures are as follows:
1.Clarification of the Scope of Law Enforcement Coordination
The scope of application is clarified to include the requirement for platform operators to provide information on the operators within the platform and related transaction information when
market regulatory authorities carry out law enforcement activities. This also includes the need to verify, confirm, and respond to coordination matters, assisting in law enforcement actions.
2.Further Standardization of Law Enforcement Coordination Subjects
It is clarified that market regulatory authorities at or above the county level can legally require platform operators to assist in investigations. For products or services within specific timeframes, categories, or regions, the State Administration for Market Regulation or its authorized provincial-level market regulatory authorities may request platform operators to assist in providing relevant information.
3.Further Specification of the Content of Law Enforcement Coordination
It is specified that market regulatory authorities may legally and in accordance with regulations require platform operators to provide information such as operator identity within the platform, product or service information, payment records, logistics and delivery details, returns and exchanges, and after-sales transaction data. To standardize the actions of grassroots market regulatory authorities and enhance data security management, the Measures also stipulate that if special information outside of the standardized fields is required for case handling, the request must be approved by the provincial-level market regulatory authorities.
4.Clarification of the Subjects of Law Enforcement Coordination
The Measures identify three categories of business entities involved in law enforcement coordination: (1) online transaction platform operators, (2) online service providers offering platform services such as network operating spaces, product browsing, and online payments, and (3) operators providing services to online transaction operators such as publicity and promotion, payment settlements, and logistics and delivery.
Regulations on the Management of Cyber Data Security
Effective from January 1, 2025
In order to regulate online data processing activities, safeguard the security of online data, and protect the legitimate rights and interests of individuals and organizations, these regulations are formulated in accordance with the **Cybersecurity Law of the People's Republic of China** and other relevant laws. The key contents of these regulations are as follows:
1.Provisions on the Protection of Personal Information
1.1The regulations clarify the requirements for fulfilling the obligation of notification through the establishment of rules for the processing of personal information, including the content, form, and other aspects.
1.2The regulations specify the basic requirements for processing personal information based on individual consent.
1.3The regulations outline the rights of individuals to access, copy, correct, supplement, and delete their personal information, and elaborate on the specific conditions for transferring personal information.
1.4The regulations require the establishment of specialized institutions or the appointment of representatives within China, in accordance with **Article 53 of the Personal Information Protection Law.
1.5The regulations stipulate additional obligations for network data processors who handle personal information of over 10 million individuals.
2.Provisions on the Security of Important Data
Important data refers to data from specific sectors, groups, regions, or with a certain level of precision and scale, which, if tampered with, destroyed, leaked, illegally obtained, or misused, could directly endanger national security, economic operations, social stability, public health, and safety. To ensure the security of important data, the regulations:
2.1Clarify the requirements for establishing a directory of important data and the obligations of network data processors to identify and declare important data.
2.2Define the responsibilities of the network data security officers and the network data security management institutions.
2.3Require risk assessments to be conducted before providing, entrusting, or jointly processing important data, and clarify the key areas to be assessed.
2.4Mandate that data processors of important data carry out an annual risk assessment of their data processing activities, and specify the contents of the risk assessment report.
3.Provisions on the Establishment of a Mechanism for Cross-Border Data Flow
3.1The regulations specify that the national cyberspace administration will coordinate relevant departments to establish a specialized mechanism for the safety management of outbound data, research and formulate policies related to the security management of cross-border data, and coordinate the handling of major matters concerning the security of outbound data.
3.2The regulations stipulate the conditions under which network data processors may provide personal information to foreign countries, clarifying that data which has not been identified or publicly declared as important data by relevant regions or departments does not require a security assessment for outbound data.
3.3The regulations specify that network data processors may provide personal information and important data to foreign countries only after passing a security assessment for outbound data, and the data provided must not exceed the purpose, methods, scope, type, and scale defined in the assessment.
Furthermore, the regulations provide that the government will adopt measures to prevent and address cross-border data security risks and threats.
Revised Anti-Money Laundering Law
Effective from January 1, 2025
On November 8, 2024, the 12th meeting of the Standing Committee of the 14th National People's Congress approved the revised **Anti-Money Laundering Law of the People's Republic of China** (hereinafter referred to as the “Anti-Money Laundering Law”), which will come into effect on January 1, 2025. The main provisions are as follows:
1.Introduction of a “Risk-Based” Regulatory Concept
The revised **Anti-Money Laundering Law** requires financial institutions to adopt appropriate risk management measures based on the money laundering risks posed by their customers. It emphasizes that financial institutions' money laundering risk management measures should be limited to their business scope.
2.Strengthening the Anti-Money Laundering Obligations of Financial Institutions
New provisions include the establishment of internal control systems for anti-money laundering, as well as regular assessments of money laundering risks. The law further details the obligations of financial institutions to conduct customer due diligence for anti-money laundering purposes, stresses the need for institutions to establish risk management measures for money laundering, highlights the application of technology in anti-money laundering management, and clarifies the mechanisms for information sharing related to anti-money laundering.
3.Penalties and Enforcement Period
3.1In accordance with the principle of proportionality between violations and penalties, the law sets different levels of legal responsibility for financial institutions and responsible personnel for relevant illegal activities. A variety of enforcement measures, including orders to rectify, warnings, fines, and restrictions on business operations, may be applied.
3.2The law significantly increases the upper limit of fines.
3.3Administrative penalties are also strengthened for directors, supervisors, senior management, and other directly responsible personnel.
4.Improvement of International Cooperation Provisions on Anti-Money Laundering
The new law clarifies that the **State Council's Anti-Money Laundering Administrative Authority** is responsible for organizing and coordinating international cooperation on anti-money laundering. It further stipulates that relevant national authorities may require foreign financial institutions meeting specific conditions to cooperate with domestic authorities in investigating money laundering and terrorist financing activities. Additionally, it states that foreign countries or organizations that directly request financial institutions to submit information or seize funds and assets must not take such actions unilaterally.
Notice on Issues Concerning Participation of Older Unemployment Insurance Beneficiaries in the Basic Pension Insurance for Enterprise Employees
Effective from January 1, 2025
On October 26, 2024, the Ministry of Human Resources and Social Security, the Ministry of Finance, and the State Taxation Administration issued the **Notice on Issues Concerning Participation of Older Unemployment Insurance Beneficiaries in the Basic Pension Insurance for Enterprise Employees**, which will take effect on January 1, 2025, and remain in force until December 31, 2039. The key provisions are as follows:
1.Clarification of the Scope of Eligible Persons
Clarification of the Scope of Eligible PersonsOlder unemployment insurance beneficiaries (hereinafter referred to as "older beneficiaries") are defined as unemployed individuals who are receiving unemployment insurance benefits and are less than one year away from reaching the statutory retirement age. This includes individuals whose unemployment insurance benefits have expired but who continue to receive the benefits until they reach the statutory retirement age, as they have not found employment.
2.Payment Standards
Older beneficiaries, who participate in the basic pension insurance for enterprise employees as individuals in the region where they receive unemployment insurance benefits, must make contributions. The portion of the contribution equivalent to the local minimum payment standard for flexible employment individuals will be covered by the unemployment insurance fund.
3.Optimizing Service Procedures
The policy will be implemented under a “pay first, reimburse later” model. Eligible older beneficiaries who participate in the basic pension insurance for enterprise employees and make the required contributions can apply to the local handling agency for reimbursement of the contributions paid by the unemployment insurance fund. After verification by the handling agency, the reimbursement will be promptly paid to the individual’s social security card bank account.
4.Suspension of Benefits
The payment of pension insurance contributions by the unemployment insurance fund will cease when the older beneficiary reaches the statutory retirement age or if any statutory condition for the cessation of unemployment insurance benefits occurs.
