(Reuters) – China’s bank regulator temporarily suspended this week new financial industry cybersecurity rules after feedback from banks, showing the practical challenges of the nation’s long-term effort to cut dependence on entrenched foreign technology.
In a notice issued on Monday and reviewed by Reuters, Chinese regulators said the decision on the rules, which would have effectively replaced foreign tech products with domestic alternatives, came after “financial institutions in the banking industry and related parties put forward opinions for improvements and proposed changes.”
Although U.S. technology firms, business lobbies and the White House have been the most vocal critics of the new rules, analysts say key opposition also likely came from within Chinese banks themselves, which like their peers around the world run critical operations on industry-standard products, from IBM (IBM.N) servers to Oracle Corp ORCL.O databases.
“The banks themselves have a limited acceptance of domestic IT products,” said Forrester analyst Gene Cao. “The banks want to avoid failures. For the banks, if there was a failure because of domestic equipment, the responsibility would be on them, not necessarily the CBRC.”
The notice from the China Banking Regulatory Commission (CBRC) and the Ministry of Industry and Information Technology said the rules will be re-issued after they are amended but did not say how long the process would take. The CBRC and the ministry declined to provide immediate comment on Friday.
China has recently advanced a wave of new policies to tighten cybersecurity roughly 18 months after former National Security Agency contractor Edward Snowden disclosed that U.S. spy agencies planted code in American tech exports to snoop on overseas targets.
The Chinese policies, most clearly articulated in the bank-technology rules and a proposed counter-terrorism law, call for greater use of “secure and controllable” technology products that are developed in China or have released their source code to Chinese inspectors. Foreign business groups and governments argue the rules are unfair and motivated by protectionism and would hamper Chinese business operations.
The United States said on Friday it welcomed the decision. “We understand China has issued an official notice to its banking sector, suspending banking measures that impose serious restrictions on foreign firms. Premier Li, in my meeting with him on Monday, conveyed this decision to me personally. We welcome this suspension,” U.S. Secretary of Commerce Penny Pritzker said in emailed comments to Reuters.
Anticipating the official announcement of the bank rules last December, technology departments at China’s large banks have been testing running Chinese equipment since early last year, mostly with non-critical operations, according to people with knowledge of the matter.
“I think the government concern is reasonable, but it’s technically impossible to comply with such rules,” said a banker at a foreign bank in China who declined to be identified because of the sensitivity of the matter.
The notice came on the same day when 31 foreign trade associations urged Chinese leaders to “suspend implementation of the guidelines through a written public notice…and initiate a formal public consultation consistent with China’s international obligations.”
Analysts say there is little doubt that Chinese leaders are committed to weaning the country off foreign technology and developing domestic contenders as a long-term ambition.
China is also working on an anti-terrorism law that would require foreign companies to hand over encryption keys, triggering U.S. protests.
Reuters reported in March that China had agreed to delay implementing the technology restrictions, which have grown to become a major irritant in U.S.-China relations.
Washington has said it is working with allies in Europe and Japan to break down the Chinese barriers and had requested through the World Trade Organization that Beijing clarify the banking technology rules.