On December 1, the Office of the Leading group for the Special Rectification of Internet financial risks and P2P network loan risks officially issued the notice on Regulating and Reciting “cash loan” business (hereinafter referred to as the notice). This notice standardizes cash loan business in a comprehensive way, including qualification supervision, business supervision and borrower suitability supervision, and provides the arrangement for the gradual withdrawal of stock. The business subjects involved in the notice include cash lending institutions, network small loan companies, banking financial institutions, P2P network lending institutions, etc., among which the lending institutions have the greatest impact. The following research institute of Net Lending Home will interpret each article.
Normative requirements for information security protection. In addition, the business of lending agencies, which provide a credit cushion, has the nature of lending and needs to hold a license. This provision is also mentioned in the Regulations on Non-deposit Lending Organizations (draft). Direct lending licenses include banks, consumer finance companies, and online small loans. P2P makes judicious use of “data driven”. At present, the risk control model of cash loan companies relies heavily on data, but has not experienced the test of a complete cycle. The notice here is intended to indicate the risk. For non-compliant cash loan platforms identified by regulators, financial institutions and non-bank payment institutions should stop providing financial services, and communication authorities should deal with Internet financial websites and mobile applications in accordance with the law, which are relatively direct and effective.
Network security emergency early warning system established more than 100 million users information leaking report from our correspondent for catastrophic event Journalists than static Issued by the ministry recently announced the “public Internet network security emergency contingency plans”, has been clear about the event classification, monitoring and early warning, emergency disposal, prevention and emergency preparedness, security measures. The pre-plan shall be implemented as of the date of issuance. Which regulates: across a large number of Internet users can’t normal surfing the Internet, the analytical efficiency drops sharply CN national top-level domain system, more than 100 million Internet users information, network virus in the nationwide explosion, other especially serious harm caused or may cause or effect of network security events for special major network security event.
From the network security law, more and more clear to see, network security construction is no longer in accordance with the operator’s willingness to choose the strength of investment, and more become a kind of obligation and responsibility, responsible for themselves, for the user for society. At the same time, financial enterprises are also advised to strengthen their investment in incident detection and response.
In the 1990s, shortly after the rise of the Internet, our information security is terminal as the boundary; In the 2000s, when the Rapid development of the Internet, information security began to network as the key; In the decade, the Development of the Internet entered the fast lane, cloud computing, virtualization, mobile Internet technology exploded when the Internet scientific and technological revolution, “systematic/systematic” information security thinking has been favored by the public enterprises; Now, the Internet has entered the mode of interconnection of all things, and information security in the new era is also facing new challenges. As the manager of enterprise information security, how to change ideas and seek reform is a topic worth studying deeply. As the director of enterprise information security, the author has rich experience and unique views on information security construction and development planning of financial, especially insurance enterprises. He believes that the industry’s usual over-focus on known threats can no longer cope with the new situation of the development of financial enterprises and their new requirements for security capabilities. He stressed that information security planning should focus on details, local start, dynamic development, and gradually establish and realize the overall security concept. (Credit: Ann Jae)
NEWS FROM THE LAB
