BSP Now Has the Power to Investigate Financial Accounts — What You Need to Know

The Bangko Sentral ng Pilipinas (BSP) has been granted expanded authority to access and share financial account information without violating bank secrecy or data privacy laws. This move is part of the Anti-Financial Account Scamming Act (AFASA), aimed at combating financial scams like phishing, money muling, and social engineering schemes.

What Does This Mean for You?

Under BSP Circular No. 1214, the Consumer Account Protection Office (CAPO) can now:

Investigate financial accounts: CAPO can inquire into bank, e-wallet, or other financial accounts suspected of being used in scams.
Access account information: The provisions of the Secrecy of Bank Deposits Law and the Data Privacy Act no longer apply to accounts under BSP investigation.
Initiate inquiries: CAPO can start investigations based on formal requests from competent authorities, such as law enforcement agencies, supported by affidavits and transaction records.

How Will Your Data Be Protected?

To ensure secure handling of information:

Information-sharing agreements: Both the requesting agency and the BSP must have agreements in place, including strict confidentiality protocols, encryption, and audit trails.
Secure communication channels: Financial institutions must register up to three official email accounts for CAPO-related correspondence.
Presumed receipt: Emails sent by CAPO to registered accounts are presumed received, placing the responsibility on institutions to monitor and secure their communication channels.

What Happens If You Disclose Information Improperly?

Unauthorized disclosure of information obtained during investigations is subject to criminal and administrative penalties. Institutions and individuals are protected from liability when complying with BSP orders for account inquiries.

When Does This Take Effect?

The provisions of Circular No. 1214 will take effect 15 days after its publication on May 30, 2025 requiring prompt compliance from all concerned parties.

What Should You Do Next?

For Financial Institutions:
- Review and update internal protocols to align with the new requirements.
- Designate and register official email accounts for CAPO-related communications.
- Ensure robust cybersecurity measures are in place to protect shared information.
For Consumers:
- Be vigilant against phishing and other fraudulent activities.
- Report suspicious transactions to your financial institution and relevant authorities promptly.

For detailed information and guidance, refer to the full text of Circular No. 1214 and the AFASA.

This initiative underscores the BSP’s commitment to enhancing financial security and combating cybercrimes in the Philippines.

DISCLAIMER: This article is developed by subject matter experts at Babylon2k. This is for general information only and does not constitute expert advice. It is based on current regulations and may not account for all related topics. Any tax or compliance guidance provided cannot be used to avoid penalties or promote specific actions. Laws and interpretations may change over time, which could affect the accuracy of this report. We are not obligated to update this advisory if new regulations arise.