New security rules put overseas IPO on hold

Chinese internet companies of more than a million users must pass cybersecurity check before applying for IPOs overseas.

By ZHANG Zitong


The impact of new regulations governing the way Chinese internet companies apply for IPOs could be huge. Before making their initial offering overseas, those that store information on more than a million users must go through a cybersecurity check.

Current rules were laid down just over a year ago, in April 2020, and stamped by 12 government departs, including the Ministry of Public Security and the State Administration for Market Regulation. Now, the China Securities Regulatory Commission has joined the group. The commission’s influence on the new regime is clear.

Companies need to submit an analysis of national security risk and procurement tracing. The emphasis is on risk in procurement, data processing, and overseas listing. Highlighted are core data or massive personal information escapes, illegal use of data, the integrity of key infrastructure, and meddling by foreign governments.

Many Chinese internet companies that exceed the million-user threshold have recently postponed IPOs in the United States, including Himalaya FM, fitness app KEEP, and bike-sharing firm Hellobike.