Dear Members,

Welcome to the fifty-eight monthly newsletter designed to keep BIIA members informed of the significant developments on the policy dossiers being worked on in geographical territories that members operate in.  To download the document, please click on this link:  BIIA Monthly Regulatory Newletter 031221

BIIA would like to thank its fellow industry association, ACCIS (the Association of Consumer Credit Information Suppliers), for allowing us to re-use certain information that they have published on regulatory developments within Europe. 


In this month’s newsletter we report on a number of key regulatory developments in the area of data privacy and in particular the draft regulations for Personal Information Protection Law and Data Security Law in China. There is no doubt these regulations will have a significant impact on the use of data in the country and further afield.

We also report this month on a number of developments in credit reporting, business information, anti-money laundering, digital data as well in ESG. Interest in this last topic has been growing for some time now and following COP26 will become even more important for all sectors including the Information Industry. We are already starting to see governments mandating the reporting of ESG information by companies (see the article later in this newsletter) and the Information industry has an opportunity to help companies meet these requirements.

In last month’s newsletter we mentioned that the BIIA 2022 Biennial Conference will be held next year in Singapore from May 23rd to 25th. We are pleased to say that registration for the event is now open. For more information on the delegate fees and to reserve your place simply click here.

We are keen to ensure that we cover as many relevant regulatory developments as we can in this newsletter so if you have any items you feel would be worth incorporating, please do get in contact with Neil Munroe, Deputy Managing Director and Editor of the Regulatory Newsletter by email @

Finally we would like to advise our readers that due to the holiday season the next newsletter will be published at the end of January.  For those of you who celebrate Christmas and the New Year starting on 1st January, we wish you a happy holiday season.

In this issue you will find:


  • China – Detailed draft implementing regulations for Personal Information Protection Law and Data Security Law.  The regulations have wide-ranging scope, with the key developments being:
    • Network security
    • Personal data
    • Important data
    • Internet platform operators
  • European Union – European Data Protection Board (EDPB) publishes draft guidance on international transfers of personal data under the GDPR
  • UK – List of legitimate interests

Credit Reporting

  • Nepal – Introduction of Positive Credit Reporting – The Credit Information Act
  • USA – Consumer Financial Protection Bureau (CFPB) finds Credit Report Disputes far more common in majority black and Hispanic neighbourhoods

Business Information

  • Australia – Director Identification Numbers
  • European Union – Proposal for European Single Access Point

Financial Services

  • European Union – Mortgage Credit Directive


  • European Union – European Data Protection Board (EDPB) releases statement on the Digital Services Package and Data Strategy
  • European Union – Council Agrees Draft Digital Services Act and Digital Markets Act

Anti-Money Laundering (AML)

  • Hong Kong – AML Regtech Lab launched

ESG (Environmental, Social and Governance)

  • UK – Financial Conduct Authority (FCA) publishes updated ESG Strategy
  • UK – Government presses ahead with mandatory climate-related financial disclosures for PLCs and large private companies

More information on the latest regulatory developments from across the globe is available on the BIIA website in the Regulatory section                                      

Copyright © BIIA 2021 – For Member Internal Use Only – To Request Permission to Publish Contact:  Neil Munroe at