The term "information technology service institutions" as mentioned in these Measures refers to institutions that provide information technology services for securities fund business activities. The scope of information technology services is as follows:
(a) Development, testing, integration and evaluation of important information systems;
(two) the operation and maintenance of important information systems and daily safety management;
(3) Other circumstances stipulated by the China Securities Regulatory Commission.
The above institutions are collectively referred to as securities fund management service institutions. Article 4 Securities fund operating institutions are responsible subjects engaged in securities fund business activities, and should ensure sufficient investment in information technology, make full use of modern information technology to improve customer service system, improve business operation mode, enhance internal management level, enhance compliance and risk control capabilities, and continuously strengthen the supporting role of modern information technology in securities fund business activities on the premise of complying with laws and effectively preventing risks. Article 5 The China Securities Regulatory Commission and its dispatched offices shall, according to law, use information technology to supervise and manage the business activities of securities funds or provide relevant services.
China Securities Industry Association and China Asset Management Association shall formulate and improve relevant self-discipline rules in accordance with these Measures, and implement self-discipline management for securities fund operating institutions to engage in securities fund business activities or provide related services by means of information technology.
CSI Information Technology Service Co., Ltd. (hereinafter referred to as CSI Information) formulates relevant supporting business rules under the guidance of the China Securities Regulatory Commission to assist in information technology-related filing, monitoring, testing and inspection. Chapter II Governance of Information Technology Article 6 Securities fund operating institutions shall improve the allocation mechanism of rights and responsibilities in the application of information technology, establish and improve information technology management systems and operational procedures, ensure that the input level of information technology is commensurate with the scale and complexity of business activities, and continuously meet the requirements of availability, security and compliance of information technology resources. Article 7 The board of directors of a securities fund operating institution shall be responsible for reviewing the information technology management objectives of the company, being responsible for the effectiveness of information technology management, and performing the following duties:
(1) Review the information technology strategy to ensure consistency with the company's development strategy, risk management strategy and capital strength.
(two) the establishment of information technology human and financial security program;
(3) Evaluating the overall effect and efficiency of annual information technology management;
(4) Other information technology management duties as stipulated in the articles of association. Article 8 The management of a securities fund operating institution is responsible for implementing the information technology management objectives, undertaking the information technology management responsibilities and performing the following duties:
(1) Organizing the implementation of relevant resolutions of the board of directors;
(2) Establish an organizational structure of information technology management with clear responsibilities and procedures, and define management responsibilities, working procedures and coordination mechanisms;
(3) Improve the performance appraisal and accountability mechanism;
(four) other information technology management responsibilities as stipulated in the articles of association or authorized by the board of directors. Article 9 A securities fund operating institution shall set up an information technology governance committee or designate a special committee (hereinafter referred to as the information technology governance committee) under the management of the company to formulate the information technology strategy and consider the following matters:
(1) Information technology planning, including but not limited to information technology construction planning, information security planning and data governance planning;
(2) Information technology investment budget and distribution plan;
(three) major information system construction or major transformation projects, major changes;
(4) Information technology emergency plan;
(five) the review report and annual evaluation report on the use of information technology to carry out related business activities;
(6) Matters submitted for consideration by members of the Information Technology Governance Committee;
(seven) other matters that have a significant impact on information technology management.
The information technology governance committee shall be composed of senior managers and principals from compliance management departments, risk management departments, audit departments, major business departments, information technology management departments and other departments, and external professionals may be hired as members or consultants of the information technology governance committee. Article 10 A securities fund operating institution shall designate a senior manager who is familiar with securities and fund business, has professional background, work experience and performance ability related to information technology as the chief information officer, who shall be responsible for information technology management and meet the following conditions:
(a) engaged in information technology related work for more than ten years, including securities and fund industry information technology related work experience of not less than three years; Or have worked in a securities regulatory agency or a self-regulatory organization of the securities fund industry for more than eight years;
(2) It has not been subjected to administrative punishment in the last three years, or has been subject to major administrative supervision measures by the financial supervision institution;
(3) Other conditions stipulated by the China Securities Regulatory Commission.