The accelerated global expansion of Chinese enterprises has become a crucial pathway for broadening development space and optimizing resource allocation, while also providing significant support for China's establishment of a new development paradigm. However, fundamental shifts in the global data governance landscape are presenting multiple challenges for these companies venturing abroad. During the 2026 National People's Congress sessions, Li Dan, a member of the National Committee of the Chinese People's Political Consultative Conference and Chief Partner of PwC Zhongtian Certified Public Accountants, put forward several recommendations on strengthening data security and compliance management for Chinese firms operating overseas. He emphasized that guiding these enterprises to effectively navigate overseas data security compliance challenges is a systematic project vital to the nation's long-term development, requiring the construction of a comprehensive response system characterized by "government guidance, enterprise leadership, professional support, and internal-external coordination." Additionally, he proposed multiple suggestions on implementing the "Artificial Intelligence Plus" initiative and advancing the intelligent development of the professional services industry.
Encouraging Enterprises to Appoint a "Chief Data Compliance Officer" Major global economies are rapidly building regulatory barriers centered on "data sovereignty." For instance, new regulatory frameworks like the European Union's General Data Protection Regulation and the United States' Executive Order 14117 have been successively established. The security and compliance of cross-border data flows are not merely technical or legal issues but also a significant arena for countries vying for regulatory dominance and industrial competitiveness. Against this backdrop, Li Dan summarized the challenges faced by Chinese companies abroad as the "predicament of compliance, the peril of barriers, the chain of responsibility, and the pain point of technology." Specifically, data regulatory frameworks across countries are becoming increasingly complex, fragmented, technical, and frequently updated. Disparate standards regarding the scope of "restricted data," cross-border transfer mechanisms, and data localization storage requirements significantly increase corporate compliance costs. Furthermore, some rule designs carry elements of local protectionism, potentially imposing additional scrutiny or differential requirements on enterprises from specific countries, creating non-tariff barriers. Secondly, compliance responsibilities extend vertically along the supply chain, requiring companies to ensure the data processing compliance of global suppliers and partners, which poses new tests for the resilience and operational efficiency of global industrial chains led by China. Finally, he noted a high reliance on international commercial solutions in key compliance technology areas such as data classification and grading, encryption and desensitization, anonymization processing, and audit tracing, raising concerns about technological constraints and security risks.
To build the comprehensive "government guidance, enterprise leadership, professional support, internal-external coordination" response system, Li Dan proposed five specific recommendations: First, strengthen top-level design and macro-guidance. Relevant national ministries should lead the research and formulation of guiding documents for the overseas data security and compliance management of Chinese enterprises. Dedicated efforts should track, analyze, and issue risk warnings regarding data regulation dynamics and enforcement cases in key countries and regions, establishing a "one-country, one-policy" compliance guidance repository. Concurrently, core concerns like reciprocity in cross-border data flow rules and non-discriminatory treatment should be incorporated into international economic and trade negotiations. Second, reinforce corporate primary responsibility and capacity building. Enterprises should be encouraged to appoint a "Chief Data Compliance Officer" and establish world-class data governance systems and compliance internal control mechanisms. Support should be given for relevant industry associations to take the lead in establishing internationally aligned corporate data compliance management system certification standards and implementing a "Compliance Capability Certification" plan. The establishment of special funds or the provision of tax incentives should be studied to appropriately support corporate investments in compliance technology R&D, overseas compliance infrastructure development, and obtaining international certifications. Third, overcome constraints in key technologies and standards. Special projects should be established within national key R&D programs to support breakthroughs in independently controllable key technologies like data classification and grading, privacy-preserving computation, and trusted cross-border transmission, alongside the development of integrated solutions. Active participation in the work of international standardization organizations should be pursued, striving to incorporate China's practical achievements in data security and personal information protection into international rule systems, thereby promoting the "going global" of Chinese standards. Fourth, build a professional service and emergency response ecosystem. A cohort of professional service institutions in law, accounting, and consulting with global service capabilities should be cultivated to provide enterprises with one-stop compliance solutions. Relying on platforms such as overseas chapters of the China Council for the Promotion of International Trade and overseas Chinese enterprise business associations, mechanisms for emergency response to overseas data compliance risks should be established, providing timely guidance and necessary support for companies facing foreign law enforcement inspections and handling data security incidents. Fifth, deepen international cooperation and mutual trust through consultation. Equivalence and mutual recognition cooperation in data protection certification should be expanded with Belt and Road partner countries and major trading partners to reduce the compliance burden on enterprises. Through multilateral platforms like the G20 and WTO e-commerce negotiations, the advocacy for building open, inclusive, and equitable international rules for the digital economy should be championed.
Building a "Five-in-One" Intelligent System to Promote Professional Services Development Beyond the above, Li Dan also addressed the intelligent development of the professional services industry. In August 2025, the State Council's issued "Opinions on Deepening the Implementation of the 'AI Plus' Action" explicitly mentioned promoting "AI Plus" industrial development, listing the innovation of new service industry models as a key action. Li Dan noted that the professional services industry, encompassing knowledge-intensive sectors like accounting, law, consulting, and design, currently faces challenges in its transition to intelligence, including weak technological foundations and scenario adaptation capabilities, inadequate data governance systems and coordination mechanisms, and insufficient institutional environments and talent support. In response, he recommended strengthening top-level design and coordinated implementation to build a "five-in-one" intelligent enhancement system integrating "technological breakthroughs, data foundation, talent guarantee, institutional innovation, and ecosystem enablement."
According to Li Dan, a joint project for tackling key core technologies should be implemented. This includes organizing interdisciplinary and inter-institutional collaborative research focused on high-value professional service scenarios, prioritizing the development of AI Agent system architectures capable of multi-domain collaborative reasoning and joint decision-making, and promoting the deep integration of professional models from various fields. The application verification of technologies like causal reasoning, explainable AI, and reinforcement learning from human feedback in professional scenarios should be strengthened. Support should be given for leading enterprises, professional institutions, and AI companies to jointly build R&D platforms, accelerating technological iteration and industrial integration.
Regarding the construction of a high-quality, specialized data resource system, he suggested leveraging national data infrastructure to systematically develop professional databases covering key sectors and complying with standard specifications, in collaboration with industry organizations, associations, and universities. Mechanisms for secure cross-institutional data sharing based on technologies like privacy-preserving computation and blockchain should be explored. Simultaneously, corpus resources such as laws and regulations from Belt and Road countries, international technical standards, and transnational commercial cases should be expanded to provide globalized data support for the internationalization of professional services.
On strengthening computing infrastructure and talent strategy, he mentioned that priority access channels for AI applications in the professional services industry could be established within the national computing power layout, supporting the construction of industry-level intelligent computing centers. Universities should be encouraged to establish interdisciplinary programs in "AI Plus Professional Services," implement "AI Literacy Enhancement Plans" for professional practitioners, and increase the recruitment of international high-end, versatile talents.
Concurrently, the innovation system and regulatory framework should be optimized. Li Dan recommended advancing regulatory research and formulating management rules adapted to new "human-machine collaboration" business formats. Ethical guidelines and application guides for AI in the professional services sector should be issued, clarifying key boundaries concerning data privacy, algorithmic fairness, and liability attribution. Active participation in international standard-setting should be pursued, striving to form influential Chinese proposals in areas like the validity of smart contracts, cross-border data compliance, and intellectual property for AI-generated content.
Finally, he highlighted the need to create benchmark scenarios and an industrial ecosystem. Specifically, a "scenario-driven, demonstration-led" approach should be adhered to, selecting sectors with solid foundations and urgent needs for national-level demonstration projects. An alliance for the intelligent development of the professional services industry should be formed to create a "government-industry-university-research-application" collaborative innovation mechanism. A cultivation plan for intelligent service providers should be implemented, offering appropriate support to small and medium-sized enterprises that adopt intelligent services to accelerate technology普及 and industrial upgrading.