"Administrative Measures for Reporting and Managing Network Security Incidents in the Business Field of the People's Bank of China" clearly defines the scope of application.

Officials from the relevant departments of the People's Bank of China answered questions from reporters on the "Management Measures for Reporting Network Security Incidents in the Business Field of the People's Bank of China." The "Measures" clearly state that incidents causing harm to the construction, operation, maintenance, management of the People's Bank of China's business field networks or the data in the People's Bank of China's business field due to human factors, cyber attacks, vulnerabilities, software and hardware defects or malfunctions, force majeure, etc., should be reported to the People's Bank of China or its local branch of the People's Bank of China in accordance with the "Measures." Network security incidents outside the business field of the People's Bank of China do not need to be reported according to the "Measures." For incidents involving state secrets, relevant regulations should be followed. The business field of the People's Bank of China refers to the areas supervised and managed by the People's Bank of China, including monetary credit, macro prudential regulation, cross-border RMB business, interbank market, comprehensive financial statistics, payment clearing, RMB issuance and circulation, treasury management, credit information and credit rating, anti-money laundering, etc.