SHANGHAI (Reuters) -China’s cyberspace regulator said on Tuesday it will implement new rules from Feb. 15 that require platform companies with data for more than 1 million users to undergo a security review before listing their shares overseas.
The Cyberspace Administration of China (CAC) also said such firms should apply for cybersecurity reviews before submitting listing applications to foreign securities regulators, according to statements published on its WeChat account.
Companies will not be allowed to list abroad if the review finds that national security could be impacted, it said in a statement on its official WeChat account.
It was the latest move in a series of recent regulatory changes ordered by the Chinese government to tighten the rules governing offshore listings.
Hong Kong stocks weakened on the CAC news. The Hang Seng Index fell 0.36% in early trade on Tuesday and the city’s tech index lost 1.32%.
Shares in Hong Kong Exchanges and Clearing Ltd, the operator of the Hong Kong stock exchange, were last down 1.8%, after having fallen as much as 2.4% following the announcement.
The CAC first proposed the rules in July https://www.reuters.com/world/china/china-widens-clampdown-overseas-listings-with-pre-ipo-review-firms-with-large-2021-07-10, saying that the security review will put a focus on risks of data being affected, controlled or manipulated by foreign governments after overseas listings.
New rules governing the use of algorithm recommendation technology will also be implemented from March 1, the CAC said in a separate statement.
Those rules, which were first proposed in August https://www.reuters.com/technology/china-issues-draft-guidelines-internet-recommendation-algorithms-2021-08-27 last year, will require companies to give users the right to switch off the service and will also tighten oversight of news providers that use such technology.
China’s cyberspace regulators are imposing tighter restrictions on data collection and data storage. Authorities are also more broadly pushing for companies to list domestically.
Two other new sets of rules, the Data Security Law and the Personal Information Protection Law, which cover data storage and data privacy respectively, went into effect last year.
(Reporting by Brenda Goh and Scott Murdoch, Editing by Tom Hogue and Ana Nicolaci da Costa)