September 2024
Series Articles on Taiwan's New Anti-Fraud Laws and Regulations (1) – Corporate Cooperation Obligations and Preventive Measures under the Fraud Crime Prevention Act
September 2024
Aaron Chen, Pei-Ching Ji, Doris Hsu, Chuck Liu
In response to the growing sophistication of fraud schemes, Taiwan's Legislative Yuan recently passed a series of measures aimed at strengthening fraud prevention. In July, four new anti-fraud laws were enacted or amended: 1) the Fraud Crime Prevention Act; 2) amendments to the Code of Criminal Procedure; 3) amendments to the Communication Security and Surveillance Act; and 4) amendments to the Money Laundering Control Act. This newsletter provides an overview of the Fraud Crime Prevention Act (hereinafter referred to as "the Act") focusing on the following key aspects:
1. Which businesses are now subject to its regulations;
2. What anti-fraud cooperation obligations are required from regulated entities;
3. The safe harbor provisions are available to help companies safeguard themselves.
The Act adopts a "source-based fraud prevention mechanism," requiring relevant industries to cooperate in anti-fraud efforts while simultaneously employing "trace-back enforcement" to identify the origins of fraud crimes, incorporating whistleblower provisions. Specifically, the source-based fraud prevention mechanism mandates the implementation of anti-fraud measures by upstream sectors, such as financial institutions, telecommunications, and online platforms, to block fraud at its source. The key provisions of the Act include:
1. Regulated Industries
The Act covers a wide range of industries, including "financial institutions" and "virtual asset service providers" under the Money Laundering Control Act, telecommunications enterprises regulated by the Telecommunications Management Act, as well as large-scale online advertising platforms, third-party payment providers, e-commerce businesses, and online gaming service providers (see Article 2 of the Act).
2. Enhanced Anti-Fraud Obligations for Businesses
Under the Act, businesses are required to adopt reasonable measures to prevent their services from being used for fraudulent activities. Additionally, they must promote fraud prevention information, verify the identities of customers or users, and cooperate with law enforcement in fraud investigations. For businesses found to be in violation of these obligations, fines can reach up to NT$100 million, depending on the severity and nature of the breach (see Article 39 of the Act).
3. Safe Harbor Provisions to Protect Businesses from Overstepping in Anti-Fraud Measures
To alleviate concerns businesses may have about breaching confidentiality obligations while cooperating in anti-fraud efforts—particularly when engaging in joint reporting—the Act includes safe harbor provisions. These provisions ensure that businesses can cooperate with the government in fraud prevention measures without the fear of legal repercussions and exempt businesses from liability for damages to users or third parties when acting in accordance with the anti-fraud measures prescribed by the Act or when cooperating with relevant authorities (see Articles 12, 14, and 38 of the Act).
Following the implementation of the Act, businesses should pay close attention to the following points:
1. Depending on their sector, businesses must observe certain obligations, such as:
2. To effectively prevent or stop fraud-related activities, businesses can implement varying levels of control measures on customers or users suspected of fraud, such as restricting their access to certain services or even suspending or refusing to provide services altogether.
3. Some provisions of the Act authorize the relevant regulatory authorities to issue subordinate regulations. Therefore, businesses should closely monitor the release of such regulations to adjust their internal procedures and compliance measures accordingly.
Related Articles
The contents of all materials (Content) available on the website belong to and remain with Lee, Tsai & Partners. All rights are reserved by Lee, Tsai & Partners, and the Content may not be reproduced, downloaded, disseminated, published, or transferred in any form or by any means, except with the prior permission of Lee, Tsai & Partners.
The Content is for informational purposes only and is not offered as legal or professional advice on any particular issue or case. The Content may not reflect the most current legal and regulatory developments. Lee, Tsai & Partners and the editors do not guarantee the accuracy of the Content and expressly disclaim any and all liability to any person in respect of the consequences of anything done or permitted to be done or omitted to be done wholly or partly in reliance upon the whole or any part of the Content. The contributing authors' opinions do not represent the position of Lee, Tsai & Partners. If the reader has any suggestions or questions, please do not hesitate to contact Lee, Tsai & Partners.
Aaron Chen, Pei-Ching Ji, Doris Hsu, Chuck Liu
In response to the growing sophistication of fraud schemes, Taiwan's Legislative Yuan recently passed a series of measures aimed at strengthening fraud prevention. In July, four new anti-fraud laws were enacted or amended: 1) the Fraud Crime Prevention Act; 2) amendments to the Code of Criminal Procedure; 3) amendments to the Communication Security and Surveillance Act; and 4) amendments to the Money Laundering Control Act. This newsletter provides an overview of the Fraud Crime Prevention Act (hereinafter referred to as "the Act") focusing on the following key aspects:
1. Which businesses are now subject to its regulations;
2. What anti-fraud cooperation obligations are required from regulated entities;
3. The safe harbor provisions are available to help companies safeguard themselves.
The Act adopts a "source-based fraud prevention mechanism," requiring relevant industries to cooperate in anti-fraud efforts while simultaneously employing "trace-back enforcement" to identify the origins of fraud crimes, incorporating whistleblower provisions. Specifically, the source-based fraud prevention mechanism mandates the implementation of anti-fraud measures by upstream sectors, such as financial institutions, telecommunications, and online platforms, to block fraud at its source. The key provisions of the Act include:
1. Regulated Industries
The Act covers a wide range of industries, including "financial institutions" and "virtual asset service providers" under the Money Laundering Control Act, telecommunications enterprises regulated by the Telecommunications Management Act, as well as large-scale online advertising platforms, third-party payment providers, e-commerce businesses, and online gaming service providers (see Article 2 of the Act).
2. Enhanced Anti-Fraud Obligations for Businesses
Under the Act, businesses are required to adopt reasonable measures to prevent their services from being used for fraudulent activities. Additionally, they must promote fraud prevention information, verify the identities of customers or users, and cooperate with law enforcement in fraud investigations. For businesses found to be in violation of these obligations, fines can reach up to NT$100 million, depending on the severity and nature of the breach (see Article 39 of the Act).
3. Safe Harbor Provisions to Protect Businesses from Overstepping in Anti-Fraud Measures
To alleviate concerns businesses may have about breaching confidentiality obligations while cooperating in anti-fraud efforts—particularly when engaging in joint reporting—the Act includes safe harbor provisions. These provisions ensure that businesses can cooperate with the government in fraud prevention measures without the fear of legal repercussions and exempt businesses from liability for damages to users or third parties when acting in accordance with the anti-fraud measures prescribed by the Act or when cooperating with relevant authorities (see Articles 12, 14, and 38 of the Act).
Following the implementation of the Act, businesses should pay close attention to the following points:
1. Depending on their sector, businesses must observe certain obligations, such as:
- Financial institutions and virtual asset service providers may consult with their counterparts when conducting control measures on customers suspected of involvement in fraud. The recipient of such a consultation is required to provide relevant information (see Article 8 of the Act).
- Telecommunications enterprises must verify the entry records of individuals before providing high-risk international roaming services provided by foreign telecom companies. If no entry record is found, international roaming services cannot be provided (see Article 20 of the Act).
- Large-scale online advertising platforms are required to appoint a legal representative, establish a fraud prevention plan, and publish an annual transparency report on fraud prevention (see Article 30 of the Act).
2. To effectively prevent or stop fraud-related activities, businesses can implement varying levels of control measures on customers or users suspected of fraud, such as restricting their access to certain services or even suspending or refusing to provide services altogether.
3. Some provisions of the Act authorize the relevant regulatory authorities to issue subordinate regulations. Therefore, businesses should closely monitor the release of such regulations to adjust their internal procedures and compliance measures accordingly.
Related Articles
The contents of all materials (Content) available on the website belong to and remain with Lee, Tsai & Partners. All rights are reserved by Lee, Tsai & Partners, and the Content may not be reproduced, downloaded, disseminated, published, or transferred in any form or by any means, except with the prior permission of Lee, Tsai & Partners.
The Content is for informational purposes only and is not offered as legal or professional advice on any particular issue or case. The Content may not reflect the most current legal and regulatory developments. Lee, Tsai & Partners and the editors do not guarantee the accuracy of the Content and expressly disclaim any and all liability to any person in respect of the consequences of anything done or permitted to be done or omitted to be done wholly or partly in reliance upon the whole or any part of the Content. The contributing authors' opinions do not represent the position of Lee, Tsai & Partners. If the reader has any suggestions or questions, please do not hesitate to contact Lee, Tsai & Partners.
