4

From a December 2021 media report ...

Chinese ride-hail giant DiDi said it will delist from the New York Stock Exchange, following a Chinese government crackdown on foreign listings... Backstory: DiDi isn't just the Uber of China. It's the company that beat Uber in China, buying up the U.S. company's business before going public this past June at a $73 billion valuation... What wasn't known at the time was that Chinese officials had asked DiDi to postpone the IPO, over concerns that sensitive data could fall into foreign hands.

A stock listed on the New York Stock Exchange has to file annual and quarterly reports. The annual financial statements have to be audited. The auditor has to be responsive to the PCAOB (Public Company Accounting Oversight Board).

A link to a PCAOB statement about China matters.

We remain concerned about our lack of access in China and will continue to pursue available options to support the interests of investors and the public interest through the preparation of informative, accurate, and independent audit reports.

This matter about accessing auditors in China is being negotiated. Presumably when this matter is settled, it will not affect DiDi because it will no longer be listed on the NYSE. Presumably other companies will be affected such as China Life Insurance which has been listed on the NYSE since 2003.

Company reports typically discuss the revenue and profit earned in a recent period, and some statistics related to the business. For ride-hailing it might include, for example, the average number of monthly users, the average number of rides per user, customers gained, changes in driver enrollment, and plans for retained earnings or further investment. The conference call to discuss the report would cover these same matters and some discussion about the outlook. What kind of sensitive data is China's government worried about?

Improve this question
3
  • I would think that this question more or less hinges on the definition of "sensitive data". Any personally identifiable information or location data associated with government officials seems like a very easy thing to label as sensitive.
    – David S
    Commented Dec 3, 2021 at 16:55
  • The articles mention concerns that an NYSE-approved auditor would have to audit company reports; such an auditor would have a wide access to company financial records and other information far beyond what is in the public domain. It can only be speculation what specific information DiDi and the Chinese government were worried about: it could include a wide range of things from salaries, payments, staff, and business interests to details of individual rides.
    – Stuart F
    Commented Dec 3, 2021 at 17:06
  • 1
    I think this is a good example of the concerns as it shows information being gathered from a fitness app. bbc.com/news/technology-42853072
    – Joe W
    Commented Jan 10, 2022 at 21:01

2 Answers 2

Reset to default
2

Stuart F is right about the actual US legislation regarding the documents that should be available.

Bit of history on the topic; The specific articles were part of well known 2002 Sarbane Oxley Act and "given the mission of regulating the auditing methods and standards for companies whose shares trade publicly on American stock exchanges, including foreign companies listed here.".

Before Sarbane-Oxley those year-end financial statements generated by firms were not audited externally (isn't the US great!). The Act made it mandatory not to share the documents, but to hire external firms to audit, and accept some level of legal liability. (also from here). However some loopholes (lack of enforcement mechanism mostly) allowed companies (Chinese for the most part it seems) not to report this information, which is what the 2020 Holding Foreign Company accountable Act which forced companies owned by foreign government to make such audits, lest they would be delisted.

Now on the speculative side: I am not sure that Didi in particular was the worry for the Chinese governement, besides being a national pride (and assuming the books aren't cooked). I believe the worry was not to set a precedent for other companies that are listed in the US, and even more so the one cross-listed in either Hong Kong or Shanghai. China Life Insurance Company Limited is one that would likely have very strongs Alibaba, China Petroleum & Chemical Corp ADRs, Weibo, etc. And here you can see how we fall in what could potentially be very sensitive and even strategic information for the CCP to share with the US regulators.

Improve this answer
3
  • Wherever names don't matter to investors, data can be anonymized. Maybe there are other specifics that should be anonymized. Regardless, there are database administrators in every company in the world that can see practically everything. They usually want to keep their jobs so usually they don't leak. If external auditing companies are a concern China seems to be treating these people as a risk that is different from that of DBAs. There are probably fewer DBAs than individual auditors so the risk is of a different magnitude. The internal / external distinction probably matters.
    – H2ONaCl
    Commented Jan 9, 2022 at 1:10
  • 1
    You are referring to the risk that would follow from either hacking or whistleblowing? Fair concern, but my bit was mostly referred to information that would legally come out of those audits, potentially ‘leaking’ information about SOEs or Chinese government officials, assuming a dual listing in China (not the case of Didi)
    – J.C
    Commented Jan 9, 2022 at 12:30
  • 1
    Board membership would have already been disclosed just to get onto a U.S. or Hong Kong exchange. Legally required disclosure about major SOE contracts might be concerns of the CCP. Ironically these things are less likely with a newish internet ride-hailing company started by private individuals than with an old business like China Life that is 70% government owned.
    – H2ONaCl
    Commented Jan 10, 2022 at 21:58
1

What kind of sensitive data is China's government worried about?

Agreements with the Chinese government to disclose (or conceal from lesser authorities) private information about who used the service when and where contrary to expectations of customer privacy perhaps?

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .