USCBC Comments on the Draft Measures on the Administration of Credit Reporting Services

On behalf of the 240 members of the US-China Business Council (USCBC), we appreciate the opportunity to submit comments on the draft Measures on the Administration of Credit Reporting Services (hereby referred to as “the Draft”) to the People’s Bank of China. We appreciate efforts to clarify how credit reporting agencies should treat individual and corporate credit information.

USCBC received comments from companies in the credit reporting sector, which could be impacted by the Draft. We respect the Draft’s emphasis on protecting personal and corporate information. It aims to standardize management of credit information, build on previous regulations related to credit reporting agencies, and strengthen oversight of information collection practices.

However, USCBC and its member companies would like to encourage the People’s Bank of China to take note of feedback on multiple issues that could impact US credit reporting agencies’ operations in China and the United States. In particular, we would like to highlight the following suggestions:

  • Narrow the definition of credit information: Article 3 states that credit information refers to any information used to assess individual or corporate credit circumstances, including individual and corporate identities, addresses, debt and property holdings, production and operations, and expenses, as well as any analysis based on this information. Under this broad definition and the previously issued Regulation on the Administration of the Credit Reporting Industry, many companies outside of the credit reporting industry would be considered to offer credit reporting services, including banks and other financial institutions that collect, save, and process publicly available information about corporations. We recommend clarifying that the definition of credit information does not include information that is publicly available, or analyses and evaluations based on credit information.
  • Remove limitations on the cross-border transfer of credit information: According to Article 36 of the Draft, credit reporting agencies that provide corporate credit information inquiry services overseas must only provide single inquiries, and cannot provide a substantial quantity of corporate credit information pertaining to a certain region or industry to a single recipient. Limiting transfers abroad could create obstacles for trade-oriented companies in China and large multinational corporations, which rely on access to data in bulk to carry-out cross-border trade and financing. In addition, companies often require credit information from multiple firms within the same sector to assess peers and select the right business partner or counterpart. We recommend removing limitations on the quantity of credit information that can be transferred overseas. We also recommend clarifying additional filing requirements under Articles 36 and 37, which target firms that provide corporate credit information to recipients abroad. The Draft should specify how these reports to the PBOC differ from those already required under Article 27.
  • Distinguish between individual and corporate credit information: Companies recommend that the Draft provide separate definitions for corporate and individual credit information, and clarify distinct regulatory requirements associated with each.
  • Clarify risk-based classification requirements for credit reporting agencies: Article 30 requires individual credit reporting agencies and corporate credit reporting agencies that store or process the credit information of more than 500,000 enterprises to meet the following requirements: 1) their systems must be evaluated to see if they reach level 3 or above on the national credit information security system, 2) they must select a person in charge of information security who will serve as senior management in company articles of association, and 3) they must establish a full-time department to manage information security and regularly check the implementation of the security management system. We recommend clarifying what is meant by the national credit information security system, and providing more information about the evaluation process.


Read the full comment submission below: