Stronger penalties for access device fraud

"Access Device": Includes cards, codes, account numbers, electronic identifiers, or means used to obtain money or initiate fund transfers.
"Payment Card": Cards linked to deposit, prepaid, or loan accounts used to withdraw cash, purchase goods/services, or transfer funds.
"Counterfeit Access Device": A counterfeit, forged, altered, or fictitious access device or its component.
"Hacking": Unauthorized access/interference with computer or communication systems to corrupt, steal, or destroy data.
"Card Skimming": Fraud involving illegal copying of payment card magnetic stripe information.
"Application": Computer programs performing coordinated tasks for the user.
"Online Banking": Using the internet to manage bank accounts and conduct transactions.

Production, use, or trafficking of counterfeit access devices.
Skimming, copying, or counterfeiting any credit, payment, or debit card to access accounts, regardless of resulting monetary loss.
Possession or production of software or hardware tools used for committing access device fraud.
Unauthorized access to applications, online banking, credit card, ATM, or debit card accounts with fraudulent intent.
Hacking computer or communication systems to corrupt, alter, steal or destroy electronic data without consent.

12 to 20 years imprisonment and fines (minimum Php 500,000) for possession of 10 or more counterfeit/unauthorized devices linked to at least one accessed account.
6 to 12 years imprisonment and fines (minimum Php 300,000) for possession of 10 or more devices without proof of account access.
4 to 6 years imprisonment plus fines based on fraudulent credit value for credit card fraud.
6 to 10 years imprisonment and fines (Php 500,000 or twice the value obtained) for other specified offenses without prior conviction.
10 to 12 years imprisonment and fines (Php 500,000 or twice the value obtained) for specified offenses without prior conviction.
12 to 20 years imprisonment and higher fines (Php 800,000 or twice the value obtained) for offenses committed after prior convictions or attempts.
Life imprisonment and fines from Php 1,000,000 to Php 5,000,000 if offenses constitute economic sabotage, defined by hacking bank systems or affecting 50 or more accounts.

A cardholder who abandons employment, business or residence listed in credit card application without informing the credit issuer, and whose unpaid balance is past due over 90 days and exceeds Php 200,000, shall be presumed to have intended fraud.

Companies issuing access devices (banks, financing firms, and other financial institutions) and partner merchants must investigate reported frauds.
Must submit real-time detailed reports to NBI and Anti-Cybercrime Group of PNP containing narrative and perpetrator identification if feasible.
Reports serve as complaints to enable law enforcement investigation and prosecution.
Banks and financial institutions remain under supervision of Bangko Sentral ng Pilipinas while others under Securities and Exchange Commission.

If any provision of the Act is declared unconstitutional, remaining provisions remain effective.

Laws, decrees, orders, rules, and regulations inconsistent with the Act are repealed, amended, or modified accordingly.

The Act takes effect 15 days after publication in the Official Gazette or newspaper of general circulation.