By Genalyn Kabiling
The hacking of bank systems now constitutes economic sabotage punishable by life imprisonment and a fine of as much as P5 million based on a new law signed by President Duterte.
President Rodrigo Roa Duterte
(KING RODRIGUEZ / PRESIDENTIAL PHOTO / FILE PHOTO / MANILA BULLETIN)
Republic Act No. 11449 provides for additional prohibitions as well as increases the penalties for bank fraud, amending RA 8484 (Access Devices Regulation Act of 1998) in a bid to protect the rights and define liabilities of parties in commercial transactions.
Among the new prohibitions are skimming or counterfeiting credit and debit cards, hacking of a bank’s system, production or possession of any skimming devices, and accessing online bank accounts in a fraudulent manner.
"The State likewise acknowledges that the advances in information technology on access devices have been exploited by criminals and criminal syndicates in perpetrating fraudulent activities that ultimately undermine the trust of the public in the banking industry," the law read.
"Due to this deleterious effect on the economy, the State declares that the commission of a crime using access devices is a form of economic sabotage and a heinous crime and shall be punishable to the maximum level allowed by law," it added.
Under the law, the hacking of a bank's system as well as skimming of 50 or more online banking accounts, credit cards, payment cards and debit cards now constitutes economic sabotage. The penalties include life imprisonment and a fine ranging from P1 million to P5 million.
The law defines hacking as "the unauthorized access into or interference in a computer system/server or information and communication; or any access in order to corrupt, alter, steal or destroy using a computer or other similar information and communication devices, without the knowledge and consent of the owner of the computer or information and communication of computer viruses and the like, resulting in the corruption, destruction, alteration, theft or loss of electronic data messages or electronic documents."
Card skimming
Card skimming refers to a type of fraud which involves illegal copying information from the magnetic stripe of payment card to gain access to customer accounts.
The law also imposes a jail term of 12 to 20 years and a fine not less than P500,000 against any person in possession of 10 or more counterfeit access device card and was able to access at least one account.
If the offender is in possession of 10 or more counterfeit access devices and was not proven to have accessed any account, the penalty will be six to 12 years in prison and a fine of P300,000.
Any person engaged in the fraudulent use of a credit card shall be jailed from four to six years and fined twice the value of the fraudulently obtained credit.
The law also imposes imprisonment of 10 to 12 years and a fine of P500,000 for offenses involving the use of one or more counterfeit devices, possession of such device-making or altering equipment, and skimming or counterfeiting credit, payment or debit cards.
A jail term of six to 10 years and a fine of P500,000 will slapped against those in production or possession of skimming devices, accessing any application, online bank accounts and other accounts regardless of whether or not it will result in monetary loss to the account holder, among others.
A person who commits any offense under Section 9 of the law, which occurs after a conviction for another offense under the same section or an attempt to commit the same, will face imprisonment of 12 to 20 years and pay a fine of P800,000 or twice the value obtained by the offender.
When a cardholder uses credit card with intent to defraud, the outstanding and unpaid balance past due for at least 90 days will now be P200,000.
The law also mandates banks and other financial institutions to conduct an initial investigation on any reported access device fraud and submit real-time reports to National Bureau of Investigation (NBI) and the Anti-Cybercrime Group of the Philippine National Police (PNP). These agencies can pursue further investigation and prosecution of the fraud.
The law, signed by the President last August 28, takes place 15 days after publication in the Official Gazette or in a newspaper.