This Recognition Demonstrates the Bank’s Ongoing Commitment to Privacy and Data Security

BEIJING, Dec. 29, 2023 /PRNewswire/ — Industrial Bank (Shanghai:601166) (“the Bank”) disclosed a considerable rise in its Environmental, Social, and Governance (ESG) rating by MSCI, a leading global index provider, from A to AA, making it the highest-rated bank in China’s banking industry. The enhancement places the bank at the forefront of ESG performance within China’s banking sector. As a result of this upgrade, Industrial Bank has distinguished itself as the first publicly-listed bank in China to achieve the AA ESG rating from MSCI. Moreover, the bank is now recognized as the first in its peer group to consistently maintain the top ESG rating for a period of five consecutive years.

Industrial Bank is now positioned among the top quartile of financial institutions for its performance in ESG indicators, including financing and environmental impact, access to finance, human capital development, corporate governance, and corporate behavior. In privacy and data security, the bank, during the first half of 2023, deployed its corporate-level digital intelligent anti-fraud platform to scrutinize 5.032 billion transactions related to online financial services. The vigilant monitoring enabled the bank to intercept and prevent 12 million high-risk transactions, safeguarding 78.786 billion yuan (approximately US$11 million). Additionally, the platform generated 67 million risk alerts during the reporting period.

Industrial Bank places a high priority on consumer financial protection as well as privacy and data security. In its approach to product development and design, the bank has minimized the collection of customers’ personal information while increasing the use of privacy-enhancing technologies. Furthermore, Industrial Bank has also developed a comprehensive cyberfinance risk management system that has implemented varied security measures, adapting to different equipment environments, business functionalities, usage scenarios, and transaction risk levels. The measures include advanced authentication protocols and the active blocking of suspicious transactions. During the first half of the year, Industrial Bank identified over 15.6 million high-risk cyberattack attempts, achieving a real-time blocking rate of 99.8 percent.

In cybersecurity, Industrial Bank addressed 203 incidents involving counterfeit Internet applications during the first six months of the year. Furthermore, the bank replaced cards for 1,117 clients affected by international cyberattacks as a precaution to safeguard the personal information and financial assets of affected customers, reinforcing the bank’s dedication to upholding stringent security standards and customer trust.

In supply chain management, the Bank has implemented an information security access mechanism for IT suppliers. The system includes clearly specified requirements for suppliers, as well as comprehensive tracking and supervision. Key focal points of the requirements include data security, source code and personal information protection, and information system security. These aspects are rigorously addressed throughout the procurement of information technology products and services and during the course of collaboration. Concurrently, the bank conducts annual inspections and evaluations of its suppliers, ensuring compliance and adherence to the established information security standards and protocols.

Regarding employee security education, Industrial Bank rigorously restricts employee access to customer personal information. To enhance the oversight and deterrence of non-compliant inquiries, the bank undertakes special inspections of its information systems and conducts analyses of abnormal personal information inquiries. Alongside these measures, Industrial Bank has implemented targeted cybersecurity training programs for its workforce. In the first half of the year, 55,966 employees, including the bank’s own staff, dispatched personnel, and outsourced workers, completed the cybersecurity training and passed the assessments. This marks a completion rate of nearly 95% across the entire workforce.

For consumer financial protection, the Bank conducted 6,380 consumer protection reviews during the first half of the year, encompassing product and service development and design, pricing management, and the formulation of agreements. Since 2017, the bank’s leadership group for network and information and data security, headed by Chairman Lyu Jiajin, has convened special meetings annually to examine and implement key initiatives related to network and data security.