China’s Cyber Watchdog to Police Chinese Overseas Listings
The agency that prodded ride-hailing giant Didi to delay its IPO will take a lead role in regulating Chinese companies’ overseas listings
Apowerful agency that China’s President Xi Jinping set up during his first term to police the internet is taking on a new role: regulating U.S.-listed Chinese companies. The Cyberspace Administration of China, which reports to a central leadership group chaired by Mr. Xi, is taking a lead role in Beijing’s just-announced push to strengthen interagency oversight of companies listed overseas, especially those traded in the U.S., and to tighten rules for future foreign listings, according to people with knowledge of the matter.
Behind the agency’s rising clout is a desire to fix a lack of coordination between regulators, which has enabled the kind of mixed messages that preceded the blockbuster initial public offering of ride-hailing giant Didi Global Inc. last month.
While the cybersecurity regulator sounded alarms to Didi about its network security, the people say, the main economic and financial regulators were largely supportive of Didi’s listing plan. In the absence of being told explicitly to stop its planned stock sale, Didi pressed ahead.
For future overseas stock sales, the cyber watchdog could conceivably block a plan that is seen as threatening Chinese security.
It also highlights Mr. Xi’s escalating effort to control the private corporate sector — especially technology firms with reams of valuable data.
The increased involvement in corporate oversight by the cyberspace regulator, which has been entrusted with strengthening the state’s sway over digital information, could risk accelerating a decoupling between the financial markets in China and the U.S.
On one end are China’s regulators, led by the cyberspace authority, which are moving to make it harder for Chinese companies to sell shares overseas. On the other are American lawmakers, such as Sen. Marco Rubio (R., Fla.), who are stepping up calls to block Chinese firms from going public in the U.S. unless they submit to U.S.-style audit requirements.
In China, “the cyber regulator has become the new securities regulator,” says Victor Shih, a University of California, San Diego, professor of political economy who focuses on Chinese policies. “Investors and companies will find it much harder to manage the listing process.”
The cyberspace administration didn’t respond to written questions.
In the vast Chinese bureaucracy, the agency is a relative newcomer with a mandate central to Mr. Xi’s vision for making China a superpower that is ringfenced from foreign interference or influence.
Mr. Xi set up the agency in 2014, two years after he rose to power, in a bid to centralize and beef up the country’s overall network and data safety. In 2013, former Central Intelligence Agency employee Edward Snowden’s leak of classified information on the U.S.’s global surveillance program had spooked the Chinese leadership with a realization of how easily information on Chinese citizens or companies could fall into the wrong hands.
Since then, the cyberspace administration has been driving the formulation of laws and regulations aimed at beefing up state power over information flows. For instance, a new data-security law — drafted with the agency in the lead — was completed in June to give authorities greater power to get private-sector firms to share data collected from social media, e-commerce, lending and other businesses.
In essence, the law shows that such digital records should be considered a national asset, which can be tapped or restricted according to the state’s needs.
Didi’s IPO isn’t the first time poor coordination among China’s regulators has caused missteps and hurt the global credibility of Beijing’s economic stewardship. In 2015, a stock-market selloff was exacerbated by a fragmented system in which the central bank and other financial regulators acted in isolation and sometimes even at cross-purposes.
Didi’s American depositary shares have plunged since Beijing launched a cybersecurity investigation into the company just days after its stock sale in the U.S. The government also ordered mobile-app stores to remove Didi’s app and announced broad plans to toughen the rules on companies listed and seeking to list overseas.
Several class-action lawsuits have already been filed in the U.S. against Didi, accusing the company of having misled investors before its IPO. And many investors who bought into Didi’s IPO were confused or even enraged by the sudden regulatory actions.
In the push to strengthen regulations on companies listed overseas, according to the people, the cybersecurity administration is playing an active role in drafting provisions on information that is considered core to national security and thus shouldn’t be disclosed by companies to foreign regulators.
That could put Chinese rules even more at odds with those set by U.S. regulators, making it increasingly difficult for Chinese companies to satisfy demands from both sides.
The U.S. Securities and Exchange Commission has sought to gain greater access to audits of Chinese companies, some of which have resisted, saying that China’s laws prohibit them from turning over audit papers to U.S. regulators. Analysts say many Chinese companies could be delisted from the U.S. markets as a result.
Meantime, the cyberspace administration is also working with China’s top securities regulator and other ministries in revising longstanding rules governing so-called variable interest entities, the people say. Such corporate structures, known as VIEs, have enabled foreign investors to buy into Chinese companies in technology and other sensitive sectors without outright owning voting shares in these firms.
It’s a structure used by many Chinese tech giants — including e-commerce behemoth Alibaba Group Holding Ltd., conglomerate Tencent Holdings Ltd. and Didi — in their first-time stock sales overseas. Previous Chinese leaders had viewed it as a way for Chinese companies to gain international prestige, but the current leadership has increasingly frowned upon the model because of deepening fears of sensitive information falling into foreign hands.
One option being considered by the regulators is to require companies using the VIE structure to seek regulatory approval before selling shares in foreign markets, the people said. That could make it a more cumbersome process.
“This would be a significant tightening of Chinese securities regulations,” said Winston Ma, an adjunct law professor at New York University and author of The Digital War, a book about China’s growing technological prowess. “Almost every U.S.-listed Chinese company that foreign investors like pension funds and endowments can buy is listed through a VIE structure.”
‘‘ The cyber regulator has become the new securities regulator. Investors and companies will find it much harder to manage the listing process. VICTOR SHIH Professor of political economy, University of California, San Diego