The Security Question in the AI Era: The Changing Logic of Bank Data Protection

Ask AI · How does full lifecycle management address AI data flow risk?

Cingjing News reporter Guo Jianhang, Beijing report

With the AI era’s collection and use of massive amounts of data, the importance of data security has become increasingly prominent.

AI technology is developing rapidly, and artificial intelligence will penetrate bank business decision-making and operating activities at a faster pace than expected. Previously, multiple banks publicly announced that they would continue to advance digital transformation efforts, driving a shift in working modes toward data-driven approaches. At the same time, both the market and regulators are also challenging whether banks’ data security protection capabilities can keep up. A bank’s data security protection will directly affect its compliance-based operating level.

The reporter from The China Business News noted that as of March 26, among administrative penalties and branches disclosed by the People’s Bank of China and its branches, the number of cases explicitly involving violations of “data security management” or “cybersecurity management” has exceeded 30.

Zhang Kun, General Manager of the Data Asset Delivery Department at Shenzhou Information, said: “In the AI era, a bank’s data security management needs to innovate and upgrade based on traditional data governance, tailored to the characteristics of AI applications. The key is to establish a fine-grained management system that ‘clearly marks the purpose, permissions, and lifecycle from the moment the data is generated.’ Through the organic combination of technological measures and institutional constraints, it both ensures data security and compliance and supports the healthy development of AI technologies.”

More than 30 penalty cases since the start of the year

In the first year of the “Fifteenth Five-Year Plan,” the security environment facing the banking industry is becoming even more complex. From passive compliance to active defense, from single-point governance to system-level operations, the contest around data security can be seen clearly from the regulators’ early-year penalty actions.

According to the aforementioned penalty announcements released by the People’s Bank of China for violations of data security and cybersecurity, provincial branches of state-owned large banks, joint-stock banks, and city and rural commercial banks have all received penalty notices.

Based on some of the penalties, Rural Commercial Bank of Rf (Rural Commercial Bank of Feng?) was fined RMB 3.17M, which ranks relatively high among the penalty amounts in the first quarter of 2026. The People’s Bank of China’s administrative penalty information shows that Rf Bank was penalized for multiple violations, including breaching rules on financial statistics management, account management rules, and rules on data security and cybersecurity management, as well as failing to carry out customer due diligence and report large-amount transactions as required. Regarding this penalty notice, Rf Bank told reporters: “This penalty was for early-stage issues (from the past two years). We have already made the required rectifications. The main issue involved nonstandard data applications. For细节性 problems, we will develop relevant plans in the future in conjunction with technology upgrades and industry changes, and we will make additional investments to upgrade the security protection system.”

In addition, two banks in Guizhou were penalized for “violating regulations on the collection, provision, inquiry of credit information and related management rules.” These two banks stated that they have not yet taken any rectification measures that can be disclosed. A person from a rural commercial bank in Guizhou Province told reporters: “At present, when rural commercial banks implement operational guidelines such as data security and cybersecurity, they generally manage according to rules and behavioral standards formulated by the provincial credit cooperative union. After a bank is penalized for a violation, the specific future rectification measures are also determined by the provincial credit cooperative union.”

By sorting through the reasons for the penalties listed in the penalty notices, it can be seen that violations of cybersecurity management rules and data security management rules occur most frequently. Next are violations of regulations on the collection, provision, inquiry of credit information and related management rules. There are also violations involving failure to take technical measures to prevent computer viruses and cyberattacks or to perform actions that could harm cybersecurity, such as network intrusion.

Behind the regulators’ consecutive penalty notices is the rapid formation of a financial data security regulatory framework. Since 2024, the National Financial Regulatory Administration and the People’s Bank of China have formed a “two-line supervision” pattern.

Public information shows that in December 2024, the National Financial Regulatory Administration issued the Measures for Data Security Management of Banking and Insurance Institutions, introducing “data security assessments” for banking and insurance institutions. In May 2025, the People’s Bank of China issued the Measures for Data Security Management in the People’s Bank of China’s Business Areas, further clarifying and specifying the bottom-line requirements for data security compliance in the People’s Bank of China’s business areas, and clearly stating the principle of “who manages business, who manages business data, and who manages data security.”

Entering 2026, the policy release schedule is moving forward steadily. The General Office of the National Financial Regulatory Administration issued the Notice on Carrying out a Special Campaign to Enhance Financial Institutions’ Data Security Management Capabilities, which clearly put forward overall requirements of “identifying a batch, rectifying a batch, notifying a batch, and penalizing a batch.” In addition, the Cyberspace Administration of China solicited public comments on the Financial Information Services Data Classification and Grading Guidance, further refining classification rules for core data, important data, and sensitive general data.

Industry insiders believe that the core regulatory orientation is to push banks to embed data security and cybersecurity into corporate governance and day-to-day business management, achieving a shift from phased, passive compliance to long-term, continuous governance.

From “wall-building thinking” to “data-flow management thinking”

Under regulatory policy pressure, the weak links in banks’ data security initiatives are becoming even more evident. What obvious weak links exist in banks’ data security development today?

Zhang Kun believes the first is insufficient capability for a comprehensive inventory of data assets. Many banks are not fully clear about their own data “housekeeping,” especially lacking effective unified management of “dark data” scattered across various business systems, test environments, personal computers, and legacy systems. If they don’t know where the data is, effective protection can’t be discussed. Second, there is insufficient visibility and control capability in the data transfer process. A pain point often discussed in the industry is “data is visible but not controllable”—that is, data is secure within core systems, but once it is exported to Excel, test libraries, or third-party systems through various means, it enters a “regulatory blind spot.” Traditional Data Loss Prevention (DLP) systems focus more on file flow, but monitoring and control are relatively weak for data access behaviors via API calls, database queries, and other methods. Third, there are problems with internal personnel’s data security awareness and operational compliance. Even if technological measures are advanced, if employees’ security awareness can’t keep up, it will still create a large risk exposure. This is especially likely to happen when business departments, in order to improve work efficiency, bypass security procedures or engage in noncompliant operations during data-sharing and collaboration.

Zhang Kun believes that, in the context of the introduction of policy and regulatory requirements, banks’ data security development is facing a critical period of transition from “compliance-driven” to “risk control.” However, under the current regulatory environment, banks still face multiple challenges in implementing data security initiatives in practice. For example, banks have established data classification and grading systems, but in actual execution they face “difficulty in putting them into practice.” Another example: as banks accelerate internationalization of their business, more and more scenarios involve data leaving the country, while cross-border data flow compliance requirements are being tightened. Banks need to build a data exit security assessment mechanism. At present, data flow relies on “new data channels” such as API interfaces and direct database connections, which also bring new risk exposure and other issues.

In fact, under the background of deep adoption of new technologies such as artificial intelligence (AI), the logic of data security protection in the financial industry has undergone fundamental change.

The负责人 responsible for cloud computing management and intelligent computing scheduling operations at Jiajie Yunzixing Technology told reporters: “In the AI era, the biggest impact on bank data security construction is that security policies must be dynamically deployed with every data call and every path. Under the traditional data access path of ‘user—application system—database,’ security policies are mainly built around network perimeters and a single application. In the AI era, access paths centered on AI agents become highly dynamic: users call various tools and APIs through AI agents, accessing enterprise data resources across systems, with paths planned autonomously and data flowing across domains, making traditional access control based on perimeters and applications difficult to work. At the same time, data leakage risk expands from a single scenario to concurrent multiple paths. In addition, to ensure that agents can complete tasks, granting broad permissions makes it easy to trigger risks such as excessive authority access. All these factors are influencing the shift in data protection strategy in the AI era.”

In the AI era, how should bank data security management cover the full lifecycle of data? Zhang Kun believes banks need to build a data-centric AI governance framework, improving data full lifecycle management capabilities from multiple dimensions. In the collection stage, it is necessary to establish a special assessment mechanism for data collection for AI applications. For data requirements in AI projects, it is necessary to specify the purpose and necessity field by field, and adhere to the “purpose limitation + minimum necessary” principle. At the same time, automated compliance detection tools should be introduced to perform privacy compliance scans on data when it is ingested, and a traceability mechanism for data sources should be established to ensure the “cleanliness” and legality of training data. In the storage and usage stages, privacy-enhancing technologies should be widely applied. In particular, the application of differential privacy adds mathematical noise to data so that attackers cannot infer specific individuals’ privacy information from model outputs. In sharing, a scenario-based fine-grained data sharing management mechanism should be established. Based on the characteristics of AI applications, clearly define the scope of data sharing, sharing methods, and security requirements under different scenarios. Technologies such as federated learning can be adopted to share data value while protecting data privacy. In the destruction stage, it is necessary to establish an intelligent, lifecycle-based automated operations mechanism. Use automated tools to mark and manage data along the entire chain; when the data completes AI training tasks or exceeds the compliant retention period, the system automatically triggers the security destruction process and generates tamper-proof destruction certificates.