On March 28, 2025, the National Financial Regulatory Administration (“NFRA”) released the Administrative Measures for the Suitability Management of Financial Institution Products (Draft for Comments) (“Consultation Draft”). The issuance indicates the NFRA’s efforts to establish unified regulatory requirements regarding the suitability obligations applicable to financial institutions under its supervision. The legislative and regulatory purposes of the Consultation Draft are consistent with the Measures for the Suitability Management of Securities and Futures Investors firstly issued in 2016 by the China Securities Regulatory Commission (“CSRC”) (the “Securities and Futures Suitability Measures”). They both aim to strengthen the regulatory framework for the suitability management of financial institutions and protect the lawful rights and interests of investors. This briefing provides a brief analysis of the key provisions of the Consultation Draft.
I. Scope of Application
Article 3, paragraph 1 of the Consultation Draft defines “financial institution products” as investment-type products issued, sold, or traded by financial institutions where returns are uncertain and there is a risk of principal loss, as well as insurance products. The Consultation Draft applies to financial products that bear two characteristics: (i) uncertain returns, and (ii) potential for loss of principal. These characteristics align with the basic principles of the financial product classification set forth in the Minutes of the National Courts’ Civil and Commercial Trial Work Conference (“SPC Minutes”).
Article 3, paragraph 2 of the Consultation Draft provides further clarification on the applicable scope of financial institutions1. Prior to the issuance of the Consultation Draft, various types of financial institutions within the NFRA’s regulatory regime—such as commercial banks, trust companies, wealth management subsidiaries and insurance institutions—had established their own suitability management requirements based on industry self-disciplinary rules or departmental rules. However, these rules were fragmented and resulted in potential regulatory gaps. By contrast, the Securities and Futures Suitability Measures, which were implemented in 2017, established a relatively mature investor suitability management framework in the securities and futures sector. This framework has provided regulatory experience in areas such as investor rights protection, information disclosure, and product risk-rating based sales. The Consultation Draft can be regarded as a benchmark regulation aimed at standardizing and addressing longstanding gaps in suitability management across the banking, insurance, trust and wealth management sectors.
The SPC Minutes define “options and other over-the-counter derivatives” as high-risk financial products in which suitability obligations apply. Whether the Consultation Draft would directly apply to “futures and derivatives” is a point of concern for financial institutions. We believe that not all futures and derivatives would fall within the Consultation Draft’s scope because: (i) the legal basis referenced in Article 1 of the Consultation Draft does not include the Futures and Derivatives Law of the People’s Republic of China; (ii) in futures and derivatives transactions conducted for hedging purposes, the client’s intention is to manage risk and lock in the value of underlying assets rather than to earn investment returns. In many “futures and derivatives” transactions, there is no concept of “principal” in the traditional sense; instead, parties establish a “notional principal” on the date of the transaction. Losses in futures and derivatives transactions at settlement often imply gains in the value of the underlying assets, which differs from the principal loss when clients conduct investment-type transactions. These features are slightly different from the characteristics of financial institution products defined in the Consultation Draft.
Further clarification may be required for the above-mentioned issues. Should the Consultation Draft be interpreted to cover all futures and derivatives, financial institutions may need to reassess the risk assessment of derivatives business and the suitability obligations in the sales process. For instance, under the Provisional Measures for the Administration of Derivatives Trading Business of Banking Financial Institutions, separate regulatory standards apply to individual and institutional clients. It sets up that the provisions for individual wealth management business apply to the risk assessment and sales process of individuals’ derivatives trading, but there is a lack of detailed guidance on how to conduct risk assessment for institutional clients. Notably, the Consultation Draft does not distinguish between individual and institutional clients for different suitability management requirements, which may indicate that higher requirements are imposed on suitability obligations such as risk assessment for institutional clients’ derivatives transactions.
II. Suitability Requirements
“Suitability obligations” have already been set out in the SPC Minutes. These refer to the duties that a selling institution must perform when recommending or selling high-risk financial products—such as insurance investment products—to financial consumers. These obligations include knowing your client, knowing your product, and selling (or offering) suitable products (or services) to suitable financial consumers. In essence, the principle is that “the seller exercises due diligence and the buyer assumes risks.”
Pursuant to the Consultation Draft, financial institutions shall act with due diligence and prudence, in accordance with the law and regulations. They shall assume primary responsibility for suitability management regarding the products they sell or trade, and sell or offer suitable products through suitable channels to suitable clients. Specifically:
(1) “Suitable products” necessitate a product risk rating;
(2) “Suitable channels” indicates that, even when financial institutions sell or trade products through online channels such as the Internet, they must also fully perform suitability obligations. Financial institutions are required to strengthen the qualification management and training of sales personnel to ensure that such personnel possess the requisite qualifications and understand the product features and risk levels;
(3) “Suitable clients” requires financial institutions to understand investors’ information related to suitability management, assess investors’ risk tolerance, and provide suitability matching opinions accordingly.
1. Product Risk Rating
The Consultation Draft categorizes financial products into two types: investment-type products and insurance products.
For investment-type products, financial institutions shall rate the product risk level of the investment-type products they issue and offer, from low to high into five levels (Level 1 to Level 5). For products involving portfolio investments, risk ratings shall reflect the overall risk profile of the product. Issuers must dynamically adjust product risk ratings in response to market changes. The risk rating process must be conducted by a dedicated department or team within the financial institution, or this can be entrusted to a qualified third-party professional institution, though the financial institution shall retain ultimate responsibility. In cases where the risk ratings assigned by the issuer and the distributor differ, the distributor must adopt the higher rating and disclose the rating result accordingly.
For insurance products, financial institutions must consider four key factors when classifying and grading products: the type of insurance, coverage responsibilities, certainty of policyholder benefits, and other relevant elements.
2. Know-Your-Client (KYC) Requirements
Knowing your client is a core element of fulfilling suitability obligations. Article 24 of the Consultation Draft mandates that financial institutions must collect information necessary for suitability assessment when selling investment-type products. The scope of this information largely aligns with the KYC requirements in Article 6 of the Securities and Futures Suitability Measures.
Articles 6 and 7 of the Consultation Draft further require financial institutions to establish comprehensive suitability management frameworks, and to ensure the availability of information systems and infrastructure that support such suitability practices. Article 11 further provides that when selling or transacting specific products, or conducting certain market businesses, financial institutions must formulate client eligibility standards and procedures, and strictly perform client eligibility assessments in accordance with internal suitability policies. These requirements imply that the entry standards and review processes related to client eligibility should be fully incorporated into the financial institution’s internal suitability management policies.
There are key issues that the suitability management policies needs to address. These include: whether financial institutions must formulate specific policies for the access requirements of client qualification reviews for specific products or specific market businesses; what are the review standards for a client’s financial payment capacity and financial status as stipulated in Article 12, paragraph 3 and Article 24 of the Consultation Draft; whether financial institutions can rely solely on the information and commitments provided by the clients themselves, or if clients providing a certain level of basic supporting materials is sufficient; and whether financial institutions need to proactively review changes in the client’s financial payment capacity and financial status during the product sales or trading process. The current provisions in the Consultation Draft are relatively general, and some details may need further clarification.
3. Professional Investors
Consistent with the Securities and Futures Suitability Measures, the Consultation Draft classifies investors into two categories: professional investors and ordinary investors. Investors who meet the conditions set forth in Article 27 of the Consultation Draft2 may apply to be recognized as professional investors. Financial institutions are responsible for conducting reviews of professional investors, which includes obtaining additional information, conducting investment knowledge tests for individuals, and providing a comprehensive explanation of the differences in fulfilling suitability obligations between professional and ordinary investors.
There are several noteworthy distinctions between the Consultation Draft and the Securities and Futures Suitability Measures regarding the conditions for identifying professional investors:
1) The Consultation Draft includes asset service trusts and public welfare/charitable trusts managed by trust companies within the scope of professional investors.
2) While financial institutions and their managed products are automatically classified as professional investors, both institutional and individual investors must meet specific conditions to qualify. For institutional investors, the Consultation Draft only requires RMB 20 million in net assets and RMB 10 million in financial assets. Notably, it does not require institutional investors to have any specific investment experience, whereas the Securities and Futures Suitability Measures require institutional professional investors to have two years of investment experience.
3) Compared to the Securities and Futures Suitability Measures, the Consultation Draft sets a higher threshold for individual professional investors by requiring at least five years of investment experience. In contrast, the Securities and Futures Suitability Measures allow employees of financial institutions and third-party individuals with financial expertise and skills to substitute for investment experience, but the Consultation Draft does not provide for the same exemption.
4. Risk Assessment of General (Non-Professional) Investors
For general investors other than professional investors, financial institutions are required to assess their risk tolerance prior to marketing or selling investment-type products. The risk tolerance level should include at least five levels ranging from low to high. Typically, this assessment is conducted through a risk assessment questionnaire completed by the investor. Although the Consultation Draft does not mandate a specific template for the questionnaire, the questionnaires currently used by financial institutions, such as banks, are largely consistent with those used by mutual fund companies and securities firms. These questionnaires use multiple-choice questions to gather information about the investor’s financial situation, investment experience, risk preference, etc., and score the responses to assess the investor’s risk tolerance level.
The Consultation Draft stipulates that an investor may not complete more than two risk assessments with the same financial institution in a single day, and no more than eight times cumulatively per year. If an investor’s risk tolerance assessment level is inconsistent with the most recent result, the financial institution should remind the investor. The validity period of a risk assessment is one year. If more than a year has passed since the last assessment, or if the investor informs the institution of circumstances that may affect their risk tolerance, the financial institution must reassess the investor’s risk tolerance before making another sale. These provisions align with the requirements for commercial banks to assess their clients’ risk tolerance as stipulated in the recently released Administrative Measures for the Agency Distribution Businesses of Commercial Banks by the NFRA. We understand that these provisions may serve as quantifiable indicators for courts in the event of a dispute to determine whether a financial institution has fulfilled its suitability obligations.
Article 32 of the Consultation Draft, in line with Article 23 of the Securities and Futures Suitability Measures, imposes disclosure obligations on financial institutions when dealing with general investors, including disclosure of potential principal loss and suitability matching advice. The Consultation Draft only stipulates that such disclosure must be made in a manner that is “easy to understand and accept”. However, pursuant to Article 76 of the SPC Minutes, if a financial institution merely relies on a handwritten statement from the consumer stating “I am clearly aware of the risk of principal loss” as proof of having fulfilled its disclosure obligations, without providing other supporting evidence, such a defense will not be upheld by the court. Therefore, when fulfilling disclosure obligations, it is recommended that financial institutions should design necessary notification scripts and risk warning procedures, ensure that audio and video recordings meet evidentiary standards and are duly reviewed, and keep electronic records of online notifications.
Articles 17 and 18 of the Consultation Draft include special provisions for investors aged 65 and above, as well as those with limited or no civil capacity. This requires financial institutions to fulfill enhanced disclosure obligations, such as strengthening notification and risk warnings, extending consideration periods, and conducting follow-up calls.
5. Suitability Matching
Article 5, paragraph 1 of the Consultation Draft states that on the basis of understanding the product and taking into account the suitability matching opinion provided by the financial institution, clients shall make independent, prudent decisions in accordance with their own circumstances and assume the corresponding risks. This aligns with the legislative intent set out in Article 78 of the SPC Minutes3. However, the SPC Minutes also stipulate that if a consumer purchases an inappropriate product or service due to their own fault, such as refusing to take advice from the selling institution, the selling institution may be exempt from liability. The Consultation Draft imposes higher requirements on financial institutions. According to Article 12, paragraph 2, except for the limited circumstances under Article 39 (which only apply to insurance products)4, financial institutions are prohibited from selling unsuitable products to clients. This provision does not seem to address a scenario whereby a client rejects the institution’s suitability matching advice and insists on purchasing an unsuitable product. It remains uncertain whether courts will still accept the SPC Minutes’ exemption defense invoked by financial institutions under similar circumstances in the future.
The Consultation Draft prohibits financial institutions from selling mismatched products to investors solely based on the investor’s request. This requirement aligns with current restrictions on the sale of mismatched private asset management products and private funds. The recently issued Administrative Measures for the Agency Distribution Businesses of Commercial Banks provide that commercial banks may only distribute products whose risk rating is equal to or lower than the client’s risk tolerance level, unless otherwise specified by the national financial regulatory authority. This provision establishes the principle of “prohibition of mismatch sales” in the distribution business of commercial banks, meaning that banks must ensure a strict alignment between a product’s risk levels and a client’s risk tolerance when distributing public funds, trust plans, and other financial products. The requirements of the Consultation Draft are consistent with this principle.
6. Traceability and Evidentiary Requirements
The Consultation Draft requires that financial institutions record key aspects of their suitability management processes in an objective and complete manner and properly preserve all relevant information and materials, including but not limited to product rating results, client assessment results, notification and reminder materials, audio/video recordings, etc. This is to ensure traceability in the suitability management process. When selling investment-type products to professional investors, financial institutions may simplify or waive such recordkeeping based on the actual circumstances. These records shall be retained for at least five years following the termination of the contractual relationship with the client. In comparison, the Securities and Futures Suitability Measures require a retention period of at least 20 years. For online product sales or transactions governed by Article 14 of the Consultation Draft, financial institutions shall pay particular attention to maintaining electronic traceability due to the use of electronic contracting and the frequent updates to products and interfaces. This includes records of logins, browsing history, e-signature records (including the electronic signing of relevant contracts, and relevant procedural steps such as any “click to confirm” or pop-up reminders, etc., in all steps), while ensuring a complete traceability path, and retaining technical documentation for each system version upgrade. This ensures that, in the event of a future dispute, the financial institution will be able to rely on historical data to substantiate its compliance with suitability obligations.
III.Division of Responsibilities Between Issuers and Distributors
Article 74 of the SPC Minutes provides the financial consumer’s right to claim joint and several compensation from both the issuers and distributors of financial products. Pursuant to this provision, consumers may rely on Article 167 of the General Principles of Civil Law (now Article 167 of the Civil Code) to assert joint and several liability. If either the issuer or distributor petitions the court to clarify their respective liability proportions, the court can uphold joint and several compensation while allocating liability shares between the parties, thereby preserving their rights of internal recourse. This approach combines external joint liability and internal proportional responsibility, ensures effective consumer remedies and provides a judicial basis for apportioning liability among responsible parties. It strengthens the collaborative responsibility of issuers and distributors in fulfilling suitability obligations.
The second paragraph of Article 20 of the Consultation Draft requires entrusting financial institutions and distributors to clearly define their responsibilities and obligations regarding suitability management in the distribution agreement. This obligation is established as a regulatory mandate and no longer merely subject to the autonomy of the contracting parties. Failure to set out the allocation of duties in the agreement shall constitute a direct regulatory breach. This provision requires financial institutions to establish the boundaries of each party’s obligations through specific clauses at the contracting stage, providing a dual normative basis for subsequent administrative liability determination and civil compensation claims.
The first paragraph of Article 20 and Article 21 of the Consultation Draft further clarifies that distributors are subject to independent suitability obligations. Distributors cannot rely solely on the risk ratings provided by issuers but must conduct independent risk assessments. In cases of rating discrepancies, the distributor shall apply the principle that the higher rating prevails and disclose the higher rating results. This rule effectively precludes the reliance on issuer-provided ratings as a defense and imposes a positive obligation on distributors to conduct independent reviews. It establishes a check and balance on the issuer’s rating in the sales process, preventing the failure of investor suitability management due to rating discrepancies. Consequently, this clause imposes a higher duty of care on selling institutions regarding product ratings, and it will also bring a heavier burden of proof for selling institutions in future judicial practice.
IV. Conclusion
The release of the Consultation Draft aims to fill the regulatory gap in the suitability management regime in the financial market, unifying investor protection standards across a wider range of financial institutions. Its consistency with the Securities and Futures Suitability Measures allows the suitability management system to achieve seamless integration across different financial institutions. With the formal implementation of the Consultation Draft, financial institutions will face higher compliance requirements, and the level of investor protection will be further enhanced.
We will continue to monitor the market practice after the official release of the Consultation Draft and share the regulatory and market developments with our clients in due course.
[1] “Financial Institutions” refer to financial holding companies, nationwide commercial banks, city commercial banks, rural commercial banks, village and township banks, foreign-funded banking institutions (including wholly foreign-owned banks, Sino-foreign joint venture banks, and branches of foreign banks), privately-owned banks, direct banks, rural cooperative banks, rural credit cooperatives, financial asset management companies, corporate group finance companies, financial leasing companies, auto finance companies, consumer finance companies, money brokerage companies, trust companies, wealth management companies, financial asset investment companies, life insurance companies, property insurance companies, insurance asset management companies, insurance group (holding) companies, mutual insurance organizations, and other institutions established within the People’s Republic of China.
[2] Article 27: The following entities are eligible to apply to a financial institution to be classified as professional investors:
1. Legal persons or other organizations that meet both of the following conditions:
1) net assets of no less than RMB 20 million at the end of the most recent fiscal year.
2) financial assets of no less than RMB 10 million at the end of the most recent fiscal year.
2. Natural persons who meet both of the following conditions:
1) household financial assets of no less than RMB 5 million, or an average personal annual income of no less than RMB 500,000 over the past three years.
2) possess more than five years of investment experience in wealth management, trusts, securities, funds, futures, etc., or more than two years of relevant work experience in financial product design, investment, risk management, etc.
A professional investor may apply to convert back to an ordinary investor if there is any change in circumstances.
[3] Article 78 of the SPC Minutes: If a financial consumer purchases an unsuitable product or service due to reasons attributed to themselves, such as intentionally providing false information or disregarding the advice of the selling institution, the court will support the selling institution’s claim for exemption from liability. However, a financial consumer can still challenge this claim by proving that the false information was provided due to misdirection by the institution. Additionally, if the selling institution can provide evidence that, based on the consumer’s past investment experience, educational background, and other factors, its breach of suitability obligations did not significantly impact the consumer’s ability to make an independent investment decision, the court will support the institution’s defense that the consumer should independently bear the investment risk.
[4] Article 39 of the Consultation Draft: If, before concluding an insurance contract, a financial institution determines that the policyholder and the insurance product are not appropriately matched, the institution should advise the policyholder to terminate the application.
If a policyholder declines this recommendation and insists on proceeding with the insurance contract, the financial institution must provide a comprehensive explanation of the associated risks. Additionally, the institution should obtain written confirmation from the policyholder, stating that they have made an informed and independent decision based on a thorough understanding of the product information.
