Morgan Stanley has told its bankers traveling to China that they must bring a separate phone for the trip, a move that underscores the growing tension between international data security rules and the needs of global finance. The policy, described by people familiar with the matter, applies to all bankers visiting the country and effectively creates a strict hardware barrier between their routine business communications and any data they might access while in China.
The New Policy
The mandate means bankers will leave their primary work phones at the border — or at least powered down and stored — while using a second device for all in-country calls, messages, and app-based work. The second phone is to be wiped clean on departure. Morgan Stanley declined to comment on the policy, which is meant to reduce the risk that sensitive client or internal information could be exposed to local surveillance or data requests.
China’s cybersecurity and data-localization laws have grown more aggressive in recent years, requiring companies to store certain data on domestic servers and granting authorities broad access to foreign-owned devices and accounts. For a bank like Morgan Stanley, which handles everything from merger advice to multi-billion-dollar trades, a single compromised phone could leak years of deal flow. The separate-phone rule is a blunt but logical response: keep the sensitive stuff off the network entirely.
The policy also reflects a broader unease among global firms operating in China. While many technology and consulting companies have long maintained “clean” devices for high-risk travel, the financial sector has been slower to adopt such measures. Morgan Stanley’s move may push others to follow, especially as U.S.-China tensions show no sign of easing.
Broader Implications
If other major banks and multinationals copy the approach, it could reshape how cross-border business gets done. Traveling with two phones is cumbersome, but the alternative — a data breach or a legal confrontation with Chinese authorities — is far costlier. The policy also signals that even routine business travel now carries a security burden that didn’t exist a decade ago.
For employees, the rule adds a layer of friction. Bankers already juggle demanding schedules; now they must also manage device hygiene before each China trip. But the industry is watching closely. If Morgan Stanley sees the policy as necessary, competitors may conclude they can’t afford to do less.
What remains unclear is how far the practice will spread. Will the rule become standard for all China travel in finance, or will it remain an outlier? And as more firms adopt similar measures, China’s data regulations may become a permanent cost of doing business — one that shows up in the small details, like which phone you pack.
