中国大陆和香港的金融业内部审计监管政策和活动——2025年第4季度

21January 2026 In Q4 2025, financial regulatory requirements are further refined and implementation accelerated, while enforcementinspections and accountability measures remained at a high level. Under these circumstances, internal audit functions within This article aims to provide insights and highlights on regulatory requirements and areas of focus related to internal auditsinthe financial industry across the Chinese mainland and Hong Kong. It also covers the activities of international and Chinese 1. Chinese mainland financial industry regulations In Q4 2025, the National Financial Regulatory Administration (NFRA), People’s Bank of China (PBOC), China SecuritiesRegulatory Commission (CSRC), China Securities Association (CSA) and other organizations have issued new regulations orself-regulatory rules for Banks, insurance companies, financial leasing companies, securities companies and other sectors, Key regulations related to internal audit, as well as areas that internal audit teams should focus on in the Chinese mainland Anti-money laundering (AML) ▪In October, to implement the newly enacted Anti-Money Laundering Law, PBOC, NFRA and CSRC jointly issued theAdministrative Measures for Customer Due Diligence and the Retention of Customer Identity Information andTransaction Records by Financial Institutions, requiring financial institutions to identify customer and beneficial owner ▪In October, the Anti-Money Laundering Bureau of PBOC issued the Notice on the Issuance of the Guidelines forFinancial Institutions Money Laundering Risk Self-Assessment, clarifying the specific requirements for the new round ▪In October, the PBOC issued the Relevant Matters Concerning the Implementation of the Measures for the Supervisionand Administration of Anti-Money Laundering and Counter-Terrorism Financing by Financial Institutions, aiming tofurther standardize anti-money laundering supervision and the operational requirements for financial institutions. ▪In December, the PBOC issued the Administrative Measures for the Identification of Beneficial Owners of Customers byFinancial Institutions, aiming to standardize the identification and verification of beneficial owners, strengthen riskmanagement and requirements for information authenticity, and establish a sound system for identifying and verifying Asset management trusts business ▪In October, the NFRA issued the Administrative Measures for Asset Management Trusts (Draft for Comment) forseeking public comments, calling for full-process standardization in the establishment, operation and informationdisclosure of trust products. The measures emphasize enhanced investor suitability management, stricter controls on Sustainability disclosure management for enterprises ▪In November, nine departments including the Ministry of Finance, PBOC and NFRA jointly issued the SustainabilityDisclosure Standard for Enterprises No. 1—Climate (for Trial Implementation). The standard regulates the disclosure ofclimate-related information by enterprises, focusing on four key dimensions: governance, strategy, risk and opportunity Financial leasing business management of financial leasing companies ▪In December, NFRA issued the Administrative Measures for the Financial Leasing Business of Financial LeasingCompanies, requiring financial leasing companies to adhere to the principles of legal compliance and prudentoperations by establishing a due diligence and risk assessment system. The measures mandate the establishment of a Custody business of commercial banks ▪In December, the NFRA issued the Measures for the Supervision and Administration of Custody Business of CommercialBanks (for Trial Implementation), aiming to standardize commercial banks' custody business and strengthen riskprevention and control. The measures require banks to have sound governance structures, robust internal control Asset–liability management of insurance companies ▪In December, the NFRA released the Measures for the Asset-Liability Management of Insurance Companies (Draft forComment), aiming to enhance insurers' asset-liability management capabilities and prevent mismatch risks. Themeasures require insurance companies to establish a comprehensive management framework covering the entire Securities company governance–Audit Committee ▪In December, to implement the amendments in the new Company Law regarding the renaming of the "shareholders'meeting" and the newly introduced requirements concerning the board's audit committee, the CSA issued the Decisionon Centralized Revision of Certain Self-Regulatory Rules. The decision systematically revised relevant provisions in 18 2. Chinese mainland financial industry regulatory enforcements and internal In Q4 2025, regulatory enforcement actions continued to focus heavily on the AML area. Multiple large fineswere imposed for AML-related violations, including failure to perform customer due diligence as required,failure to properly retain customer identifi