How to Navigate e-CNY Regulations in China: 2026 Guide for Foreign Companies
China’s digital yuan (e-CNY) regulatory framework has evolved rapidly from experimental pilot rules into a comprehensive legal structure that governs issuance, circulation, merchant acceptance, corporate treasury use, and — increasingly — cross-border applications. For foreign companies operating in China, understanding this regulatory landscape is essential for both compliance and strategic planning. The PBOC has made it clear that e-CNY is not merely a payment innovation but a core component of China’s monetary sovereignty strategy, and the regulatory framework reflects this priority. This guide provides a detailed roadmap of the e-CNY regulatory ecosystem as it applies to foreign companies in 2026.
The regulatory foundation for e-CNY rests on four pillars: the PBOC’s Monetary Authority under the People’s Bank of China Law (which establishes the PBOC’s exclusive authority to issue the digital yuan), the CBDC-specific regulations issued by the PBOC’s Digital Currency Research Institute (DCRI), the general financial regulatory framework (AML, KYC, data protection, and consumer protection laws) that applies to e-CNY as a form of legal tender, and the evolving cross-border CBDC framework developed in collaboration with SAFE and the Ministry of Commerce. Foreign companies interact with all four pillars depending on their role in the e-CNY ecosystem — whether as merchants, corporate treasury users, payment service providers, or technology partners.
The PBOC’s Regulatory Authority Over Digital Yuan
The People’s Bank of China Law (as amended in 2024) explicitly includes digital currency within the definition of “legal tender of the People’s Republic of China.” Amendment Article 16 states: “The Renminbi, including its physical and digital forms, is the legal tender of the People’s Republic of China. No entity or individual may refuse to accept Renminbi in its physical or digital form unless otherwise provided by law.” This amendment resolved the pre-2024 legal ambiguity about whether e-CNY had the same legal tender status as physical cash — it now does, and this has important implications for foreign businesses.
The PBOC exercises its regulatory authority through the Digital Currency Research Institute (DCRI), established in 2016. The DCRI is responsible for: e-CNY protocol design and technical standards development, licensing and supervision of operating institutions (the seven designated banks), approval of wallet service providers and payment aggregators, cross-border e-CNY pilot program management, and enforcement of CBDC-specific AML/CFT regulations. Foreign companies that engage with e-CNY at the infrastructure level — as technology providers, wallet developers, or payment gateway operators — must obtain DCRI approval or work through a DCRI-licensed operating institution.
The DCRI publishes three categories of regulatory documents: CBDC Technical Standards (binding on all participants in the e-CYN infrastructure), CBDC Business Guidelines (regulating operating institutions, wallet service providers, and merchant acquirers), and CBDC Enforcement Circulars (case-specific rulings and interpretation notices). Foreign companies should monitor the DCRI’s regulatory publication portal (accessible through the PBOC website at http://www.pbc.gov.cn) for new circulars and standards.
Step 1: Determine Your Regulatory Classification
Your foreign company’s regulatory obligations depend on how you interact with the e-CNY ecosystem. The PBOC classifies participants into six categories, each with distinct regulatory requirements.
Category 1 — End-User Merchant: Your business accepts e-CNY as a payment method from customers. This is the least regulated category. Your obligations include: merchant registration with an operating institution or licensed aggregator, basic AML transaction monitoring (reporting transactions over RMB 50,000), and compliance with the PBOC’s e-CNY merchant terms. No separate DCRI license is required — the operating institution or aggregator assumes the regulatory responsibility through their license.
Category 2 — Corporate Treasury User: Your business uses e-CNY for internal treasury operations (cash pooling, intercompany transfers, supplier payments). Your obligations include: corporate e-CNY wallet registration with enhanced KYC, AML/CFT program updates to cover CBDC flows, and SAFE reporting for any cross-border e-CNY transactions. Most foreign companies fall into Category 1, Category 2, or both.
Category 3 — Payment Aggregator or Acquirer: Your business provides e-CNY merchant acquiring services to other businesses. This requires a DCRI license as a “CBDC Payment Service Provider” — a regulatory classification introduced in 2025. Licensing requirements include minimum registered capital of RMB 50 million, a DCRI-approved CBDC payment system, and annual system audits.
Category 4 — Wallet Service Provider: Your business develops or operates e-CNY wallets for end users. This requires a DCRI license as a “CBDC Wallet Service Provider,” with additional requirements including PBOC-certified cryptographic key management, a DCRI-approved wallet architecture, and mandatory wallet functionality standards (offline payment support, tiered KYC, and transaction limits).
Category 5 — Technology Provider: Your business provides hardware or software components to the e-CNY ecosystem (POS terminals, security modules, integration SDKs). You do not need a DCRI license, but your products must receive DCRI technical certification before they can be deployed in the e-CNY ecosystem. Certification tests are administered by the National Financial IC Card Security Testing Center (NFISTC).
Category 6 — Cross-Border e-CNY Service Provider: Your business facilitates cross-border e-CNY transactions — including inbound payments from overseas customers, outbound remittances from China, or settlement between China and foreign entities. This requires approval from both the DCRI and SAFE under the Cross-Border CBDC Pilot Program framework. The regulatory requirements include a China-incorporated entity, a cross-border e-CNY operations manual approved by SAFE, and a minimum capital commitment of RMB 100 million.
Most foreign companies reading this guide will be Category 1 (merchants) or Category 2 (corporate treasury users) or both. If you are considering Category 3–6 activities, you should engage specialized China financial regulatory counsel before proceeding.
Step 2: Comply with AML/CFT Requirements
The PBOC’s CBDC Anti-Money Laundering and Counter-Financing of Terrorism (AML/CFT) Guidelines, issued in 2025 and updated in early 2026, impose specific obligations on all e-CNY ecosystem participants. For foreign companies, these obligations build on the existing AML framework under the Anti-Money Laundering Law of the PRC but include CBDC-specific requirements.
Customer Due Diligence (CDD): All e-CNY wallet holders (individual and corporate) must undergo CDD at the wallet opening stage. For corporate wallets, the CDD requirements include: verification of the legal representative’s identity, ultimate beneficial owner (UBO) identification (for foreign-owned entities, this includes the entire ownership chain to the natural person ultimate owner), proof of business address and operational status, and classification of the customer’s AML risk level (low, medium, or high). Foreign companies designated as high-risk (e.g., entities from FATF-listed jurisdictions, or entities in industries with inherent money laundering risk such as gaming or high-value goods trading) are subject to enhanced due diligence (EDD), which includes quarterly transaction reviews, reduced transaction thresholds for automatic review, and a mandatory AML compliance officer appointment.
Transaction monitoring: Corporate e-CNY wallet holders must implement automated transaction monitoring that flags: single transactions over RMB 500,000 (Category 1 merchants) or RMB 5 million (Category 2 corporate treasury), aggregate daily transactions over RMB 2 million for any single wallet, transactions involving personal wallets with anonymous (tier-1) functionality (note: since 2025, anonymous e-CNY wallets have been phased out — all wallets now require at minimum tier-2 KYC with real-name registration), rapid structuring of multiple transactions just below the reporting threshold, and any transaction where the counterparty wallet is outside mainland China. Flagged transactions must be reviewed by a designated compliance officer within 24 hours, and suspicious transaction reports (STRs) must be filed with CAMLMAC within 5 business days of confirmation.
AML/CFT program documentation: Foreign companies that maintain corporate e-CNY wallets must maintain a written AML/CFT program that includes: a risk assessment specific to e-CNY operations, policies and procedures for CDD (including EDD for high-risk customers), transaction monitoring protocols with threshold parameters, STR filing procedures with designated compliance officer contact, independent audit requirements (annual AML audit by a qualified external auditor), and staff training records (all employees involved in e-CNY operations must complete annual AML/CFT training). The AML/CFT program must be maintained in both Chinese and English for inspection by the PBOC or CAMLMAC.
Step 3: Manage Data Protection and Privacy Compliance
e-CNY operations fall squarely within the scope of China’s three primary data protection laws: the Personal Information Protection Law (PIPL), the Data Security Law (DSL), and the Cybersecurity Law (CSL). The PBOC has also issued CBDC-specific data protection guidelines that supplement these general laws.
Personal information handling: When your business accepts e-CNY payments, you process certain personal information of the payer: the payer’s wallet identifier (a pseudonymous identifier, but still classified as personal information under PIPL because it can be linked to a natural person through the operating institution’s KYC records), the transaction amount and timestamp, and the transaction location (for in-store payments where POS location data is collected). Under the PIPL principle of data minimization, you must only collect the personal information necessary for payment processing. You are not permitted to access the payer’s real name, ID number, or wallet balance — these remain with the operating institution. Your privacy policy must disclose: what e-CNY transaction data you collect, how it is used (payment processing only), how long it is retained (10 years under PBOC record-keeping rules), and whether it is shared with third parties (e.g., aggregators, banks).
Data localization: As noted in the treasury integration guide, all e-CNY transaction data must be stored on servers physically located within mainland China. For foreign companies, this means: your China entity’s e-CNY transaction database must be hosted on an Alibaba Cloud, Huawei Cloud, Tencent Cloud, or AWS China (Beijing/Ningxia) region server — not on your global AWS, Azure, or GCP instances. If your global treasury or analytics team needs access to e-CNY transaction data from overseas, you must implement one of the legally permissible data transfer mechanisms: a CAC security assessment (mandatory for important data transfers), a PIPL Standard Contractual Clause (SCC) filing with the CAC, or a PIPL certification by a CAC-designated certification body. The SCC route is the most practical for most FIEs — the filing process takes 2–4 months for a standard personal information cross-border transfer.
Cyber security requirements: The Multi-Level Protection Scheme (MLPS/等级保护) 2.0 standard applies to all e-CNY systems. Your e-CNY merchant system or treasury integration must be registered at the appropriate MLPS level (typically Level 2 for merchant systems, Level 3 for corporate treasury systems handling above-threshold volumes). The MLPS certification must be obtained from a qualified testing institution before the e-CNY system goes into production. The certification process includes vulnerability scanning, penetration testing, and security architecture review, and typically costs RMB 50,000–150,000 depending on the system’s MLPS level.
Step 4: Navigate Cross-Border e-CNY Regulations
Cross-border e-CNY transactions — where the payer or payee is outside mainland China — are the most heavily regulated aspect of the e-CNY framework. As of 2026, cross-border e-CNY usage is permitted within specific pilot programs and subject to strict conditions.
Permitted cross-border e-CNY use cases (2026 pilot programs):
- Inbound tourism spending: Foreign visitors to China can load e-CNY onto their wallets through designated exchange points at airports, hotels, and bank branches, and spend at participating merchants during their stay. The maximum load is RMB 20,000 per visitor, and the e-CNY must be spent within mainland China — it cannot be transferred out of the country. This pilot operates in the Greater Bay Area (Guangdong-Hong Kong-Macau), Beijing, Shanghai, and Hainan.
- Cross-border trade settlement: Foreign companies engaged in trade with China can settle invoices in e-CNY through the Cross-Border CBDC Trade Settlement Pilot. The pilot covers exports from China to designated partner countries and imports from designated partner countries into China. As of mid-2026, the pilot partner countries include Thailand, the UAE, Hong Kong SAR, and Singapore. Settlement is processed through the mBridge multi-CBDC platform — a collaboration between the PBOC, the Hong Kong Monetary Authority, the Bank of Thailand, and the Central Bank of the UAE.
- Hong Kong-China corridor: The PBOC and the Hong Kong Monetary Authority have established a bilateral e-CNY corridor that allows cross-border e-CNY transfers between China-mainland wallets and Hong Kong e-CNY wallets. The daily transfer limit is RMB 10,000 per individual and RMB 100,000 per corporate entity. This corridor does not require underlying trade documentation for individual transfers, but corporate transfers require a supporting trade or service contract.
Restrictions on cross-border e-CNY use: Several activities are expressly prohibited: capital account transactions (equity investments, securities trading, real estate purchases) using e-CNY are not permitted without SAFE approval; outbound e-CNY transfers from China-mainland wallets to non-Hong Kong overseas wallets are not permitted outside the mBridge pilot framework; currency arbitrage between e-CNY and offshore RMB (CNH) is prohibited; and e-CNY cannot be used for cross-border gambling settlements or any transaction with FATF-listed sanctioned jurisdictions.
Foreign companies that engage in cross-border e-CNY transactions must submit quarterly reports to SAFE detailing: total cross-border e-CNY transaction volume, counterparty wallet jurisdiction distribution, and any refused or flagged cross-border transactions. The reporting obligation applies to both the China entity that initiates or receives the cross-border e-CNY payment.
Step 5: Stay Current with Evolving Regulations
China’s e-CNY regulatory framework is in a state of continuous development. The PBOC has signaled several regulatory initiatives for late 2026 and 2027 that foreign companies should monitor: the expansion of cross-border e-CNY pilot programs to additional Belt and Road Initiative partner countries (expected by Q1 2027), the introduction of “programmable e-CNY” regulations for conditional payments (expected pilot by end of 2026), and the publication of updated CBDC technical standards for enterprise integration (version 2.0 of the e-CNY API standard, expected Q3 2026).
To stay current, we recommend subscribing to the PBOC’s regulatory alert system, joining the AmCham China or European Chamber Digital Finance Working Group for monthly regulatory briefings, engaging a China financial regulatory counsel with CBDC expertise, and monitoring the Bank for International Settlements (BIS) CBDC publications for international standards that may influence China’s domestic framework.
e-CNY Regulatory Compliance Quick-Reference Checklist
Follow this ordered checklist to ensure your foreign company meets all e-CNY regulatory obligations in China.
- Determine your regulatory classification (Category 1–6) — Assess how your business interacts with e-CNY and identify the applicable license, registration, and compliance requirements.
- Complete merchant or corporate wallet onboarding with CDD/EDD — Submit all required KYC documentation and ensure your company’s ownership structure is fully disclosed.
- Update your AML/CFT program to cover e-CNY flows — Add CBDC-specific transaction monitoring thresholds, STR filing procedures, and annual training requirements.
- Ensure data localization for all e-CNY transaction data — Migrate data storage to mainland China servers and implement CAC-compliant cross-border data transfer mechanisms if needed.
- Obtain MLPS 2.0 certification for your e-CNY merchant or treasury system — Register at the appropriate security level and complete testing before going live.
- Register for applicable cross-border e-CNY pilot programs — Apply to SAFE for the cross-border trade settlement or Hong Kong corridor pilot if your operations involve cross-border flows.
- Establish quarterly SAFE reporting for any cross-border e-CNY activity — Set up automated data collection and report generation for the required quarterly filings.
- Engage a China financial regulatory counsel with CBDC expertise — Retain professional support for ongoing regulatory monitoring, license applications, and compliance program updates.
Where to Go From Here
Navigating e-CNY regulations in China requires a systematic approach that integrates CBDC-specific rules with China’s broader financial regulatory framework. The regulatory burden is significant — particularly for companies that fall into Category 3–6 — but the compliance investment positions your foreign company to participate in the world’s largest CBDC ecosystem as it continues to expand.
For most foreign companies (Categories 1 and 2), the immediate compliance priorities are: completing corporate wallet registration with proper CDD, updating the AML/CFT program, ensuring data localization, and obtaining MLPS certification. These four actions represent approximately 80% of the regulatory work and can be completed within 2–4 months. The remaining 20% — cross-border registration, ongoing reporting, and regulatory counsel engagement — should be addressed as your e-CNY usage expands. Begin with a regulatory gap assessment that maps your current e-CNY activities against each of the four regulatory pillars described in this guide. The output of this assessment will drive your compliance work plan and timeline.
China Gateway 360 — Your regulatory intelligence partner for navigating China’s digital financial ecosystem. From e-CNY compliance, AML/CFT program development, and data protection to cross-border CBDC regulatory strategy, we provide foreign companies with the expertise needed to operate confidently in China’s digital currency ecosystem. Contact our digital finance regulatory team for an e-CNY compliance gap assessment.
