In our previous alert, we reported on the proposal of the China Administration of Cyberspace (“CAC”) to relax the cross-border data transfer compliance requirements under the PRC Personal Information Protection Law (“PIPL”). On 22 March 2024, the CAC issued the much-anticipated Provisions on the Promotion and Regulation of Cross-border Data Transfer (“Provisions”) which confirm the relaxation measures which will have significant implications for multinational businesses. The CAC’s guidelines on applications for security assessment and standard contract recordal (“Updated Guidelines”) have also been updated to reflect the new measures. The Provisions and the Updated Guidelines have all come into force with immediate effect.