Financial Crime World

Here is the converted article in Markdown format:

Philippines National Cybersecurity Plan

The Philippines has launched a comprehensive National Cybersecurity Plan to protect its citizens and critical infrastructure from cyber threats. The plan is coordinated with various government agencies, including the National Privacy Commission (NPC), National Telecommunications Commission, and Cybercrime Investigation and Coordinating Center.

Regulation of Fintech and Private Express Services

As part of the plan, the Department of Information and Communications Technology (DICT) has been regulating Private Express and/or Messenger Delivery Services (PEMEDES), which provide logistics and courier services essential to e-commerce platforms. The DICT is also responsible for regulating fintech companies, including those offering digital financial services and blockchain-related technologies.

Combatting Cybercrime

To combat cybercrime, the Philippine government has introduced several pieces of legislation, including:

  • Senate Bill 1663 or the Fintech Crime Prevention Act of 2023, which aims to protect the public from cybercriminals targeting bank accounts and e-wallets.
  • Senate Bill 1710 or the Expanded Banking Services Act, promotes innovation by allowing banks to expand their services through cash agents and serve a broader range of clients in low-income areas.

Regulation of Cryptocurrencies

The Bangko Sentral ng Pilipinas (BSP) regulates virtual assets, including cryptocurrencies that allow conversions to fiat currency. The BSP also oversees activities involving payment instruments and remittance of funds. However, the regulation of cryptoassets falls under the Philippine Securities Law framework, with the long-awaited DAX/DAO Rules of the Securities and Exchange Commission (SEC) expected to broaden regulated activities.

Regulatory Receptivity

Philippine regulators have been receptive to fintech innovation and technology-driven new entrants to regulated financial services markets. The BSP has implemented measures to promote a more favorable business environment, including:

  • Establishment of a fintech regulatory sandbox
  • Increased monitoring and surveillance on unregistered companies claiming to operate on a reverse solicitation basis

Data Privacy Laws

The Philippines regulates the collection, use, and transmission of personal data through the National Privacy Commission (NPC). Fintech businesses operating in the Philippines must comply with the Data Privacy Act of 2012 and its Implementing Rules and Regulations. This includes:

  • Designating a data protection officer
  • Registering with the NPC
  • Complying with advisories and circulars regarding data processing activities

The applicability of Philippine data privacy laws extends extraterritorially to organizations established outside the country if they involve the collection or processing of personal data related to Filipino citizens or residents.

Sanctions for Non-Compliance

Failure to comply with these regulations may result in fines and/or imprisonment. The Data Privacy Act and its Implementing Rules and Regulations provide for separate penalties for various violations, including:

  • Unauthorized processing of personal information
  • Accessing personal information without authority