Abstract: FinTech has expanded the scope and depth of financial activities, and data, as an indispensable element of FinTech, has not only become the core driving force of FinTech, but also brought about complex data risks to FinTech. The governance dilemma of such risks is related to regulatory path dependence and confusing division of functions among financial regulators. It also reflects that current data governance path can not address the problem of information gap and insufficient empowerment of multiple governance subjects. To tackle the data risks of FinTech, it is recommended to establish a risk prevention and control system from the perspectives of governance subjects’ empowerment and data risk absorption in accordance with the logic of “source prevention and control, industry modification, collaborative governance, and risk absorption”. On the one hand, it is essential to mitigate the information gap in the market by strengthening the obligation to report data security incidents and disclose data flow information in FinTech. Moreover, it is necessary to amend the existing data flow mechanism to empower multiple governance subjects so as to restrain the data risk exposure in the FinTech industry. On the other hand, it is imperative to establish a data risk absorption space based on the existing regulatory sandbox and financial infrastructure management system to prevent the outward transmission of data risks.