Morgan Stanley has begun instructing bankers traveling to mainland China to carry separate, dedicated phones, a policy shift driven by escalating concerns over data security and surveillance in the country. The move reflects a quiet but accelerating trend among global financial institutions rethinking how they operate on Chinese soil.

Morgan Stanley’s travel security guidelines already recommend using so-called “burner” phones for certain high-risk destinations. The guidelines also caution employees against connecting to unsecured Wi-Fi networks and using public charging ports, both of which can serve as vectors for data interception or malware installation.

China’s data regulatory environment has tightened considerably in recent years, with laws that can compel companies operating within its borders to store data locally and, in some circumstances, grant government authorities access to it. China’s Data Security Law was implemented in 2021 and the Counter-Espionage Law was enacted in mid-2023.

Morgan Stanley maintains a substantial presence in Greater China with offices in Beijing and Shanghai serving both local and international clients. The bank’s broader privacy framework already involves monitoring internal communications to flag unauthorized usage and potential financial crime.

A growing number of multinational corporations have been implementing similar device policies for employees traveling to China, driven by the same cocktail of regulatory ambiguity and geopolitical friction.