Establishes Credit Information System Act

Defines critical terms such as "Accessing Entity," "Basic Credit Data," "Borrower," "Credit Facility," "Credit Report," "Negative/Positive Credit Information," "Submitting Entity," and various government and private entities involved.
Excludes confidential banking information from basic credit data without borrower waiver.
Includes both natural and juridical persons, including LGUs and their affiliates, as borrowers.

Banks, quasi-banks, insurance companies, credit card firms, and other credit providers must regularly submit borrower credit data to the Corporation.
The Corporation collects, consolidates, and updates credit data at intervals between 15 to 30 working days, at least quarterly.
The system includes access to government data sources to verify borrower information.
Borrowers must be notified of data submission and have the right to access and dispute their credit information.
Negative credit information remains for up to three years unless corrected earlier.
Special Accessing Entities are accredited private corporations providing credit reports and ratings, subject to strict confidentiality and consent requirements.
Outsource Entities process credit data but cannot release it beyond the Corporation.
Accessing Entities must maintain strict confidentiality of credit information.

The Corporation is established as the central registry for credit data, with authority to manage corporate affairs, contracts, and liabilities.
Capital stock is Php 500 million, with 60% owned by the National Government and 40% by qualified private investors (banks, associations, consumers).
Ownership caps and equity transfer rules are designed to ensure balanced private and public participation.
The Board comprises 15 members appointed by the President, including government and industry representatives subject to a "fit and proper" rule.
Directors must be Filipino citizens, at least 30, with integrity and competence in relevant fields.
Officers and employees are appointed under civil service rules; compensation is exempt from the Salary Standardization Law.
The Corporation must use advanced technology and implement borrower identification for accurate data handling.
Exempt from customs duties and taxes for importing necessary equipment.

Credit information handled by the Corporation and all related entities is confidential and used solely to assess borrower creditworthiness.
Outsourcing entities are strictly prohibited from unauthorized data disclosure.
Violations of confidentiality result in suspension, revocation of accreditation, and possible penalties.
Credit reports are disclosed only to authorized entities and borrowers or by court order.

Borrowers have the right to know why credit applications are denied based on credit data.
They may access their credit information promptly upon payment of reasonable fees.
Borrowers can dispute incorrect, incomplete, or misleading credit information and the Corporation must resolve or delete faulty data within 5 working days.
Denial of these rights without justification entitles borrowers to indemnity.

The Corporation must carry out continuous nationwide campaigns to educate consumers on the credit information system, their rights, and dispute procedures.

The Securities and Exchange Commission (SEC), with government coordination, issues implementing rules to ensure balance between credit information reliability and consumer protection.
Rules confine credit data to objective information excluding opinions.
Set standards for the Corporation's establishment, accreditation of entities, administration of sanctions, and regulation of fees.
Administrative fines can reach Php 30,000 per violation daily, and violations may lead to suspension or cancellation of access rights.

A Congressional Oversight Committee with members from both houses monitors implementation and reviews rules.
The Committee becomes functus officio after approving regulations but may be reinstated for major revisions.

The Corporation and its officials are indemnified by data-submitting and accessing entities except in cases of willful violation, bad faith, malice, or gross negligence.

Willful violations of the Act or its rules are punishable by fines from Php 50,000 to Php 1,000,000, or imprisonment from 1 to 5 years, or both.

The Act upholds existing laws protecting the secrecy of bank deposits, client funds, and investments, ensuring no impairment of confidentiality.

The SEC is the lead agency for implementation and enforcement, required to submit annual reports to Congress on the Act's status.
SEC coordinates with relevant agencies for rule adoption and policy enforcement.

Contains a separability clause ensuring validity of unaffected provisions if any part is invalidated.
Repeals Presidential Decree No. 1941 and other inconsistent laws.
The Act takes effect 15 days post-publication in official or widely-circulated newspapers.