The “Plan” clarifies the risks and challenges that require increased attention and management in digital finance work. First, financial institutions are required to strengthen strategic risk management in digital transformation to ensure that digital transformation strategies and implementation processes match their own development strategies, technical strength, and risk control capabilities. Emphasize compliance management for innovative businesses and strengthen the management of liquidity risk, operational risk, and outsourcing risk in a digital environment. The second is to promote financial institutions to build intelligent risk control systems, build enterprise-level digital risk management platforms, and use machine learning, graph data and other technologies to improve risk monitoring, analysis and early warning capabilities. The third is to enhance AI security application capabilities, promote the establishment of an AI application classification and hierarchical management framework process, and establish an artificial intervention mechanism covering important business processes and key nodes. Promote the construction of an enterprise-level model risk management platform, establish a full-cycle management system for the algorithm model, ensure the robustness and reliability of the model, and continuously improve the transparency and interpretability of the algorithm. Fourth, strengthen cybersecurity and data security protection, implement full-process management of financial consumers' personal information, continue to raise data security awareness through a dual track of employee training and financial consumer education; establish a comprehensive cybersecurity defense system covering domestic and foreign branches, and normalize offensive and defense drills to enhance threat perception and emergency response capabilities. The fifth is to prevent the risk of digital ecosystem cooperation, strengthen the management of third-party partner institutions, clarify responsibilities and management requirements, and prevent external third party risks from being transmitted to financial institutions.

The “Plan” clarifies the risks and challenges that require increased attention and management in digital finance work. First, financial institutions are required to strengthen strategic risk management in digital transformation to ensure that digital transformation strategies and implementation processes match their own development strategies, technical strength, and risk control capabilities. Emphasize compliance management for innovative businesses and strengthen the management of liquidity risk, operational risk, and outsourcing risk in a digital environment. The second is to promote financial institutions to build intelligent risk control systems, build enterprise-level digital risk management platforms, and use machine learning, graph data and other technologies to improve risk monitoring, analysis and early warning capabilities. The third is to enhance AI security application capabilities, promote the establishment of an AI application classification and hierarchical management framework process, and establish an artificial intervention mechanism covering important business processes and key nodes. Promote the construction of an enterprise-level model risk management platform, establish a full-cycle management system for the algorithm model, ensure the robustness and reliability of the model, and continuously improve the transparency and interpretability of the algorithm. Fourth, strengthen cybersecurity and data security protection, implement full-process management of financial consumers' personal information, continue to raise data security awareness through a dual track of employee training and financial consumer education; establish a comprehensive cybersecurity defense system covering domestic and foreign branches, and normalize offensive and defense drills to enhance threat perception and emergency response capabilities. The fifth is to prevent the risk of digital ecosystem cooperation, strengthen the management of third-party partner institutions, clarify responsibilities and management requirements, and prevent external third party risks from being transmitted to financial institutions.