Airwallex Under Scrutiny: Senator Cotton Calls for Federal Investigation into CCP Access to U.S. Data
U.S. Senator Tom Cotton, a Republican from Arkansas, has urged Attorney General Pam Bondi to initiate a federal investigation into whether sensitive personal and corporate data processed by financial platform Airwallex could be accessible to the Chinese Communist Party.
In a letter sent Tuesday to Bondi, Cotton warned that Airwallex, a global cross-border payments platform with significant operations in mainland China and Hong Kong, handles highly sensitive information for major American companies. This, he argued, potentially places the data within reach of Beijing through China’s extensive intelligence laws.
Cotton detailed that Airwallex operates as a licensed money transmitter in the United States and provides payment, payroll, and reimbursement infrastructure for U.S.-based firms including Zip, Brex, Rippling, Deel, and Navan. Through these platforms, Airwallex processes data linked to companies such as OpenAI, Anthropic, Coinbase, and defense contractor Anduril Industries.
The sensitive information in question includes Social Security numbers, dates of birth, supplier payments, payroll records, and employee reimbursement accounts that can reveal detailed travel patterns, Cotton added.
He stated that the breadth and sensitivity of this data raise “material national security concerns” given Airwallex’s operational presence in China.
The senator cited reports that internal alarms were raised at Airwallex as early as 2023. According to the letter, Briar Mercier, the company’s head of operations and strategy, allegedly warned that China-based staff were pushing to access client “know your customer” data, including names, birth details, and government identification numbers.
Cotton noted that these concerns were dismissed by Airwallex executives because restricting access could harm revenue, despite acknowledging a potential compliance breach.
Additional reporting referenced in the letter claims that when Airwallex relocated its headquarters to Singapore in 2023, the company determined it was unable to fully quarantine customer data from its China-based operations.
Cotton emphasized that under China’s National Intelligence Law, organizations and individuals under Chinese jurisdiction are legally required to assist state intelligence work and maintain secrecy. This, he wrote, creates an “unavoidable risk” that sensitive U.S. data could be compelled by the Chinese government without disclosure.
The senator drew parallels with prior incidents involving Zoom and TikTok, where assurances about data security were later undermined by revelations of China-based access.
Cotton argued that if Airwallex is providing sensitive U.S. data to China, it could violate Executive Order 14117, which restricts transactions enabling the transfer of bulk sensitive personal data to countries of concern.
He formally requested that the Department of Justice launch a full investigation into whether Airwallex has allowed the Chinese Communist Party access to U.S. data.
