Researched by: Ashwini Sahu, Credit Suisse
The banking industry in the Philippines has undergone significant transformation in recent years. There have been marked improvements in regulations alongside increased revenues for banks. The Filipino government has enacted multiple laws regulating the financial industry as well as protecting consumers. However, significant institutional overlap exists, which is not easy to unravel. Client protection appears to occupy a very important position in the banking and financial sector, at least with regards to microfinance. On paper, there is a great framework for protecting consumers from financial woes and providing them with fair treatment.
- The National Poverty Commission spearheads the promotion of client protection in microfinance and has developed a consumer protection guidebook, which serves as a compilation of the rules and regulations on consumer protection for financial services.
- The OECD, in partnership with the Filipino government is working on a financial literacy program, however, its results have not yet been released.
- The Microfinance Council of the Philippines has a very interesting code of ethics where they state that they will “consistently assess the impact of our services with the objective of exerting extra efforts to lift members and clients out of poverty in the shortest time possible.
Over time, the banking industry of the country has seen significant transformation guided by reforms carried out by the banking regulator and the government. There have been great improvements in the banking industry regulations among with increased revenues for banks. Moreover, the Philippine banking industry has been undergoing consolidation that will further strengthen its position as new entities will increase the competition level.
Despite the generally difficult regional conditions which prevailed as a result of the onset of the Asian financial crisis in 1997, the Philippines has emerged as among the most resilient economies in the region. The lesser impact on the Philippine economy of the financial turmoil which hit Asia owes much to the country’s sound macroeconomic fundamentals, as well as to the financial reform initiatives implemented by the Central Bank of the Philippines (BSP) even before the Asian crisis struck.
Financial consumer protection in the Philippines is pursued through many measures embodied in various laws and regulations, some specifically focusing on the provision of microfinance services. The protection of microfinance clients is a main concern for policy makers and financial regulators, with the aim to ensure transparency of transactions and fair practices, and to establish mechanisms to provide for redress and recourse. Bangko Sentral ng Pilipinas (BSP) implements the Truth in Lending Act No. 3765 and the Consumer Act No. 7394 of the Philippines. Within BSP, the Consumer Affairs Group specializes in consumer protection. The Securities and Exchange Commission (SEC) oversees compliance with consumer protection regulation by non-profit organizations. In 2007, the National Credit Council (NCC) and the National Anti-Poverty Commission (NAPC) published the Microfinance Consumer Protection Guidebook.
With regards to microfinance, the Consumer protection act states that the government shall “simplify, clarify and modernize the laws regarding credit transactions and encourage the development of fair and economically sound consumer credit practices.” To enhance consumer awareness on the true cost of financial services, the law requires the transparency or full disclosure of the true cost of credit transactions and determination of interest and finance charges. This provision of the act reiterates the intent of RA 3765 (the Truth in Lending Act) requiring creditors and providers of loans, as well as credit-granting NGOs, to furnish their borrowers with necessary information.
Who’s Who – Microfinance Sector in Philippines
The Philippines central bank, Bangko Sentral ng Pilipinas (BSP), defines microfinance as the provision of a broad range of financial services such as deposits, loans, payment services, money transfers and insurance products to the poor and low-income households and their microenterprises. The financial service most commonly provided is microcredit, which is typically issued in the form of a specific business loan for microenterprise purposes. A key defining characteristic of a microfinance loan is the ability to secure credit without collateral. In the Philippines, microfinance loans cannot exceed PHP 150,000 for normal loans and PHP 300,000 under the Microfinance Plus scheme launched recently.
Historically, the provision of retail microfinance services in the Philippines was achieved through rural and thrift banking organizations, as well as NGOs and finance cooperatives. Government financing programs also participated in the retail market. The BSP reported that government financing programs are transitioning away from direct retail business activities and toward providing wholesale funding for private microfinance institutions. Meanwhile, the private banking sector is playing an increasing role in the provision of microloans due to the initiatives of the BSP to allow private banks to participate in the microfinance sector. In the recent years, there have been some major mergers between private banks and retail microfinance institutions – e.g. Rizal Commercial Bank acquired JP Laurel Rural Bank and Asia United Bank acquisition of Rural Bank of Angeles. A snapshot of the banks exposure to microfinance is as follows (source BSP microfinance report, 2011)
Microfinance providers in the Philippines often employ a group lending approach, whereby each person within a small group is liable for any default by another group member. Other group lending-based methodologies being used in the Philippines include the ASA model, whereby each group member is responsible only for his or her own loan, and the Alliance of Philippine Partners in Enterprise Development (APPEND) Scale-Up Branch Model, which is based on the Trust Bank model.
A recent study by the Economist Intelligence Unit (EIU) assessing the microfinance environment within countries ranked the Philippines first in Asia and third overall on its microfinance index, after Peru and Bolivia. The EIU microfinance index categorized its indicators into three main groups: i) regulatory framework, ii) investment climate, and iii) institutional development. EIU awarded the Philippines a perfect score for its regulation of microfinance activities at financial institutions, adding that “the government has promoted a regulatory environment conducive to microfinance operations.”
Some details on the various players in the microfinance sector are as follows:
- Rural and cooperative Banks – Rural and cooperative banks are the more popular type of banks in the rural communities. Their role is to promote and expand the rural economy in an orderly and effective manner by providing the people in the rural communities with basic financial services. Rural and cooperative banks help farmers through the stages of production by providing access to basic financial services. Rural banks and cooperative banks are differentiated from each other by ownership. While rural banks are privately owned and managed, cooperative banks are organized/owned by cooperatives or federation of cooperatives. Every province or district usually has a rural bank of its own.
- Thrift banks – These banks can operate at a larger scale and have a more comprehensive suite of financial services like deposits, issuing mortgages, collection agent for government authorities and extending credit.
A list of rural, cooperative and thrift banks with microfinance functions is listed here on the BSP’s website (as of Dec 2011).
Regulators and Supervisors
The Bangko Sentral Ng Pilipinas (BSP), Philippines’ Central Bank serves as the main regulator and supervisor for the microfinance sector in Philippines. The BSP supervises the operations of banks, including those engaged in the provision of microfinance services, and exercises regulatory powers over the operations of financing companies and other non-bank financial institutions performing quasi-banking functions. Also, it issues the necessary rules and regulations for the safe and prudent operations of banks and supervises and conducts regular examination of banks to ensure that financial practices and regulations are effectively implemented. Within the BSP, there exists the Microfinance Group, which specializes in examining the operations of microfinance banks and also the Consumer Affairs Group which specializes in consumer protection.
The National Anti-Poverty Commission (NAPC) is a government agency of the Republic of the Philippines. It coordinates poverty reduction programs by national and local governments and ensures that marginalized sectors participate in government decision-making processes. NAPC was created by virtue of Republic Act (RA) 8425, otherwise known as the “Social Reform and Poverty Alleviation Act,” which took effect on 30 June 1998. RA 8425 institutionalizes the government’s Social Reform Agenda (SRA), which enjoins NAPC to strengthen and invigorate the partnerships between the national government and the basic sectors. Through a systematic package of social interventions, the state hopes to ensure that social reform is a continuous process that addresses the basic inequities in Philippine society, and that a policy environment conducive to social reform is actively pursued.
NAPC’s specific mandates are as follows:
- To act as the “coordinating and advisory body” that exercises oversight functions in implementing the SRA and ensure that it is incorporated into the formulation of national, regional, sub-regional and local development plans;
- To institutionalize basic sector and NGO participation in managing the SRA cycle;
- To develop microfinance by establishing the People’s Development Trust Fund (PDTF) and strengthening the People’s Credit and Finance Corporation as the forerunners for microfinance services; and
- To strengthen Local Government Units (LGUs) so they can incorporate the SRA in their local development efforts.
NAPC is spearheading the promotion of client protection in microfinance through its initiatives on financial literacy and on-line filing of complaints system. Industry advisories have also been issued to ensure observance of sound and sustainable microfinance practices. They have created a Consumer Protection Guidebook on the status of consumer affairs in the Philippines and the regulatory framework, containing conceptual definitions and sections outlining what consumer protection is, the policies on client protection focused on microfinance, and steps to file and handle consumer complaints and grievances.
The National Credit Council (NCC) was created in 1993 mainly to rationalize and optimize government credit and guarantee programs. It also aims to institutionalize consultation linkages and policy dialogues to encourage a higher level of private sector participation in credit delivery in rural areas. The NCC is an inter-agency body chaired by the Department of Finance (DOF), formulated and approved by the Regulatory Framework for Microfinance Institutions in July 2002. The framework specifically directed the NCC, in coordination with concerned stakeholders, to formulate a uniform set of performance standards that will cut across all types of institutions involved in microfinance. These standards will serve as the microfinance industry benchmarks to allow the comparison of performance among all institutions engaged in the delivery of microfinance services. These benchmarks will also guide regulators in the assessment of financial institutions under their supervision. The Performance Standards for All Types of Microfinance Institutions are based on international best practices, industry benchmarks, and ratios that are being used by different players in the microfinance industry.
The Rural Bankers Association of Philippines (RBAP) is the association of all rural banks operating in Philippines. The mission of the RBAP is to support the ability of its members to offer quality banking services to all their constituencies, comply with regulatory requirements, and to promote the welfare of the communities in which they operate. The operating principles of RBAP are:
- To establish and maintain an organization that supports the ability of members to operate as an aggressive force in the promotion of the civic welfare of the communities in which they operate,
- To maintain commitment to developing rural economies and to promoting community enterprise development through good service and sound practices,
- To develop a pledge of quality and extend this pledge to all rural bank customers, thus ensuring that rural banks remain responsive to their customer base,
- To develop mechanisms and capacities to serve the banking needs of the broadest range of customers from the smallest to the largest,
- To work in partnership with BSP and other regulatory bodies to set and maintain the highest standards of compliance,
- To assist members to learn from each other, to avoid unfair competition and practices and to work effectively in association rather than in competition,
- To develop a common code of standard banking practices and assist members to operate effectively and efficiently within such practices and standards,
- To develop and support public confidence in the rural banking system through mechanisms and means that support the ability of the Rural Banking System in providing for careful stewardship of bank resources, and
- To ensure that the entire system operates as a leader in the field of employee relations setting examples in the rural areas with regard to conditions of employment efficiency and customer service.
The Bankers Association of the Philippines (BAP) was the result of the Association of Manila Banks and the Manila Clearing House merger in March 1949. It is the Association’s moral objective to ensure that the stability, robustness and growth of the financial system is being promoted by maintaining its strong linkages with the legislative body, government institutions and other banking and bank-related associations. BAP works with its primary regulator, the BSP, framing banking rules and regulations for the purpose of increasing the efficiency and effectiveness of the banking system’s services to the community. Much like any other trade organization, the BAP provides a necessary avenue for member banks to raise and discuss issues that affect the commercial banking industry. Acquisition and dissemination of information vitally significant to the membership is a major responsibility of the Association, especially when an emerging market such as the Philippines aims to integrate with global financial markets. Perhaps unique to the BAP is its mandate to act as the unifying voice in dealing with the regulatory authorities in an environment where business interest and backgrounds of domestic vis-à-vis foreign banks are very profoundly diverse.
The Microfinance Council of the Philippines (MCPI) is a network of 45 institutions working towards the rapid development of the microfinance industry in the Philippines. The 45 institutions include 36 practitioners and 9 service providers. While membership among the practitioners is currently dominated by non-government organizations (NGOs), the roster of practitioners also includes microfinance-oriented rural banks and one thrift bank.
In year 2000, the BSP was mandated by the General Banking Law of 2000, through sections 40, 43 and 44, to recognize microfinance as a legitimate banking activity and to set the regulations for its practice within the banking sector. The BSP has since then institutionalized microfinance within the economy and taken significant initiatives to enable the development of sustainable microfinance. The law empowered the BSP to create measures recognizing microfinance providers as banking institutions and to provide regulatory guidelines specific to the microfinance portfolios for institutions falling under the BSP’s purview. Furthermore, banks engaging in microfinance activities were given certain allowances and relieved of certain restrictions; for example, they were granted exemption from a moratorium on branch licensing.
Section 40- Requirement for Grant of Loans or Other Credit Accommodations
In formulating rules and regulations under this Section, the Monetary Board shall recognize the peculiar characteristics of microfinancing, such as cash flow-based lending to the basic sectors that are not covered by traditional collateral.
Section 43- Authority to Prescribe Terms and Conditions of Loans and Other Credit Accommodations
The Monetary Board shall regulate the interest imposed on microfinance borrowers by lending investors and similar lenders, such as, but not limited to, the unconscionable rates of interest collected on salary loans and similar credit accommodations.
Section 44- Amortization on Loans and Other Credit Accommodations
The amortization schedule of bank loans and other credit accommodations shall be adapted to the nature of the operations to be financed. In case of loans and other credit accommodations with maturities of more than five (5) years, provisions must be made for periodic amortization payments, but such payments must be made at least annually: Provided, however, That when the borrowed funds are to be used for purposes which do not initially produce revenues adequate for regular amortization payments therefrom, the bank may permit the initial amortization payment to be deferred until such time as said revenues are sufficient for such purpose, but in no case shall the initial amortization date be later than five (5) years from the date on which the loan or other credit accommodation is granted.
In case of loans and other credit accommodations to microfinance sectors, the schedule of loan amortization shall take into consideration the projected cash flow of the borrower and adopt this into the terms and conditions formulated by banks.
In addition to the General Banking Act, the BSP has added on several additions to the Act in form of circulars and amendments, to improve governance and supervision of microfinance nationally.
Client protection Laws
The Philippine government adopted RA 7394 (Consumer Act of the Philippines of 1991) as the legal basis for consumer protection in the country. The law embodies the state policy on the protection of consumers and establishes standards of conduct for business and industry in the country.
The Act aims to protect the “interest of the consumer, promote his general welfare and establish standards of conduct for business and industry” by adopting the following measures:
- protection against hazards to health and safety;
- protection against deceptive, unfair and unconscionable acts and practices;
- provision of information and education to facilitate sound choice and the proper exercise of rights by the consumer;
- provision of adequate rights and means of redress; and
- involvement of consumer representatives in the formulation of social and economic policies.
Directly related to microfinance is Title IV of the Act that states that the government shall “simplify, clarify and modernize the laws regarding credit transactions and encourage the development of fair and economically sound consumer credit practices.” To enhance consumer awareness on the true cost of financial services, the law requires the transparency or full disclosure of the true cost of credit transactions and determination of interest and finance charges. This provision of the act reiterates the intent of RA 3765 (the Truth in Lending Act) requiring creditors and providers of loans, as well as credit-granting NGOs, to furnish their borrowers with information. Prior to the consummation of any transaction, they must provide a clear written statement disclosing the amount, interest and other finance charges related to their loan.
Data Protection and Privacy Laws
Privacy of Client Data – Principle (As in CFI Client Protection Principles)
The privacy of individual client data will be respected in accordance with the laws and regulations of individual jurisdictions. Such data will only be used for the purposes specified at the time the information is collected or as permitted by law, unless otherwise agreed with the client.
In the area of client data protection and privacy, many of the well-known laws like – RA 8791 (General Banking Law of 2000), RA 7906 (Thrift Banks Act of 1995), RA 7353 (Rural Banks act of 1992), have already laid the foundations of confidentiality of client data and privacy policies for client information. With the recent advent of IT enabled services and increased use of IT in banking and financial services, the Central Bank of Philippines (BSP) has also taken proactive measures to incorporate data protection laws within the banking framework.
Data Privacy Act, 2011
On March 20, 2012, the Senate of the Philippines unanimously approved the omnibus Data Privacy Act of 2011, also known as “An Act Protecting Individual Personal Information in Information and Communications Systems in the Government and the Private Sector, Creating for This Purpose a National Data Protection Commission, and for Other Purposes”. Once signed into law, the legislation will impose a privacy regime modeled on the EU Data Protection Directive. It features significant notice, consent and data breach notification requirements, and it imposes direct obligations on both data controllers and data processors.
Chapter I – General Provisions
Personal Information: Refers to any information whether recorded in a material form or not, from which the identity of an individual is apparent or can be reasonably ascertained by the entity holding the information, or when put together with other information would identify the individual.
Personal information controller: Refers to a person or organization who controls the collection, holding, processing or use of personal information, including a person or organization who instructs another person or organization to collect, hold, process, use, transfer or disclose personal information on his or her behalf.
Personal information processor: Refers to any operation or any set of operations performed upon personal information including, but not limited to, the collection, recording, organization, storage, updating or modification, retrieval, consultation, use, consolidation, blocking, erasure or destruction of data.
Sensitive personal information: Refers to information
- About an individual race, ethnic origin, color and religious, philosophical or political affiliations;
- About an individual’s health, genetic or sexual life of a person, or to any judicial proceeding for any offense committed or alleged to have been committed by such person, the disposal of such proceedings, or the sentence of any court in such proceedings;
- Issued by Philippine government agencies peculiar to an individual which includes, but not limited to, Social Security numbers, previous or current health records, licenses or its denials, suspension or revocation, and tax returns; and
- Specifically established by an executive order or an act of Congress to be kept classified.
This Act applies to the processing of all types of personal information and to any natural and juridical person involved in personal information processing including those personal information controllers and processors who, although not found or established in the Philippines, use equipment that are located in the Philippines, or those who maintain an office, branch or agency in the Philippines.
Chapter II – The National Privacy Commission
To administer and implement the provisions of this Act, and to monitor and ensure compliance of the country with international standards set for data protection, it includes a declaration to create an independent body to be known as the National Privacy Commission (referred to as the Commission), which shall have the following functions:
- Ensure compliance of personal information controllers with the provisions of this Act;
- Receive complaints, institute investigations, facilitate or enable settlement of complaints through the use of alternative dispute resolution processes, adjudicate, award indemnity on matters affecting any personal information
- Issue cease and desist orders, impose a temporary or permanent ban on the processing of personal information, upon finding that the processing will be detrimental to national security and public interest
- Monitor the compliance of other government agencies or instrumentalities on their security and technical measures and recommend the necessary action in order to meet minimum standards for protection of personal information pursuant to this Act
- Coordinate with other government agencies and the private sector on efforts to formulate and implements plans and policies to strengthen the protection of personal information in the country
- Recommend to the Department of Justice, the prosecution and imposition of penalties
- Ensure proper and effective coordination with data privacy regulators in other countries and private accountability agents, and participate in international and regional initiatives for data privacy protection
- Review, approve, reject or require modification of privacy codes voluntarily adhered to by personal information controllers, provided that the privacy codes shall adhere to the underlying data privacy principles embodied in this Act, and provided further that such privacy codes may include private dispute resolution mechanisms for complaints against any participating personal information controller.
Chapter III – Processing of Personal Information
General Data Privacy principles
Personal information must be:
- Collected for specified and legitimate purposes determined and declared before, or as soon as reasonably practicable, and later processed in a way compatible with such declared, specified and legitimate purposes only;
- Processed lawfully;
- Accurate, relevant, and, where necessary, or purposes for which it is to be used the processing of personal information, kept up to date; inaccurate or incomplete data must be rectified, supplemented, destroyed or their further processing restricted;
- Adequate and not excessive in relation to the purposes for which they are collected and processed;
- Retained only for as long as necessary for the fulfillment of the purposes for which the data was obtained or for the establishment, exercise or defense of legal claims, or for legitimate business purposes, or as provided by law;
- Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data were collected and processed: Provided, further, that adequate safeguards are guaranteed by said laws authorizing their processing.
Criteria for lawful processing of personal information
The processing of personal information shall be permitted only if not otherwise prohibited by law, and when at least one of the following conditions exists:
- The data subject has given his or her express or implied consent;
- The processing of personal information is necessary and is related to the fulfillment of a contract with the data subject or in order to take steps at the request of the data subject prior to entering into a contract;
- The processing is necessary for compliance with a legal obligation to which the personal information controller is subject;
- The processing is necessary to protect vitally important interests of the data subject, including life and health; or
- The processing is necessary in order to respond to national emergency, to comply with the requirements of public order and safety, or to fulfill functions of public authority which necessarily includes the processing of personal data for the fulfillment of its mandate.
- The processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party or parties to whom the data is disclosed, except where such interests are overridden by fundamental rights and freedoms of the data subject which require protection under the Philippine Constitution.
Sensitive Personal information and privileged information: The processing of sensitive personal information is prohibited unless there is consent from the data subject, the processing of such information is required by law, the processing of such information is necessary to protect the life and health of the data subject, the processing is necessary to achieve the lawful and noncommercial objectives of public organizations and their associations provided confidentiality of information is maintained, processing is necessary for purpose of medical treatment and finally when processing is necessary for protection of lawful rights and interests of persons in court proceedings or legal claims.
Storage of data: Personal information shall be stored and used only for as long as it is necessary to achieve the purpose for which it was processed and all related purposes, after which the personal information shall be deleted or blocked from a personal information base, unless otherwise provided by law.
Chapter IV – Rights of the data subject
The data subject is entitled to
- Be informed whether personal information pertaining to him or her shall be, are being or have been processed;
- Be furnished the information indicated hereunder before the entry of his or her personal information into the processing system of the personal information controller, or at the next practical opportunity;
- Description of the personal information to be entered into the system;
- Purposes for which they are being or are to be processed;
- Scope and method of the personal information processing;
- The recipients or classes of recipients to whom they are or may be disclosed; and
- Methods utilized for automated access, if the same is allowed by the data subject, and the extent to which such access is authorized.
Chapter V – Security of personal information
This chapter focuses on the various security measures to be adopted by personal information controllers and processors. Some of the key measures would include
- Implementation of reasonable and appropriate organizational, physical and technical measures for protection of personal information against unlawful access or destruction, misuse or accidental loss or destruction
- Determination of appropriate level of security should be determined based on nature of personal information to be protected, risks of processing, size of organization, current privacy best practices and cost of implementation.
- Strict confidentiality clause for all personal information controllers and third parties processing personal information
- Immediate notification of potential security breaches to the Commission and to all affected data subjects based on evaluation of the Commission
Chapter VII – Penalties
There are various penalties in place for the unauthorized access, processing, malicious disclosure and intentional breach of privacy of personal information (including sensitive personal information) or a series of such acts, ranging from monetary fines, legal proceedings and imprisonment. Penalties are as follows:
- Fines ranging from Five hundred thousand Pesos (PHP 500,000) to Five million Pesos (PHP 5,000,000)
- Imprisonment ranging from one (1) year to six (6) years
- Legal proceedings
Personal Data protection Act, 2007
Section 4 – Prohibition against Misappropriation of databases. – It shall be unlawful for any person to knowingly make available in commerce to others sensitive personal information in a database generated, gathered or maintained about a person if such act resulted in:
- the damage, disruption and ineffectiveness of the information generated, gathered or maintained in the database, or
- the prejudice of the person with whom the personal information pertains, in the absence of a prior written permission.
Manual of Regulation for Banks, Bank Sentral Ng Pilipinas (Central Bank of Philippines)
Sec X304.12 – Confidentiality of Information, Depository services – Highlights the confidentiality rules that banks are required to comply regarding client data and information unless disclosure is required by law, court orders, credit rating agencies or to third parties like insurance companies solely for the purpose of administration of the bank’s lending business.
Sec X320.9 – Confidentiality of Information, Credit Card operations – Highlights the confidentiality rules that banks are required to comply regarding credit card client information unless disclosure is required by law, court orders, credit rating agencies or to third parties like insurance companies solely for the purpose of administration of the bank’s credit card business or to protect the bank from cardholder default and clients from unauthorized charges.
Circular #542, issued 2006 – Bank Sentral Ng Pilipinas (BSP)
Consumer Protection for e-Banking: Section 4 (Disclosure and business availability)
Banks are required to provide their customers with a level of comfort regarding information disclosures or transparencies, protection of customer data and business availability that they can expect when using traditional banking services.
Department of Trade & Industry – Administrative Order #08
In 2006, the Government of Philippines recognized the significance of data protection laws in their profitable and growing BPO industry and issued ‘Administrative Order 8’ that contains the Guidelines for the Protection of Personal Data in Information and communication systems in the private sector (“Guideline 8”). The objectives of Guideline 8 are to encourage and provide support to private entities to adopt personal data protection policies, and provide rules for data protection certifiers in Philippines.
With the introduction of the Data Privacy Act of 2011, Philippines has adopted a strong framework for data protection and privacy rights for organizations operating within the country. Companies are bound to follow all criteria for data protection and ensure safety and security of data to the highest standards, failing which they are liable to severe penalties and legal action.
With the banking and business process outsourcing (BPO) industry booming in Philippines, these laws on data privacy will be very vital in promoting a safe environment for these industries to advance in the country. Lawful access to information, confidentiality obligation and data security are some of the strong reasons which will help to promote growth in the service sector as well as e-governance sectors in Philippines.
- Center of Financial Inclusion – Summary of Client Protection in the Philippines
- “Global Microscope on the Microfinance Business Environment”, Economist Intelligence Unit, 2009
- Data Privacy Act, 2011 – Senate of Philippines
- Personal Data protection Act, 2007
- Manual of Regulation for Banks, Central Bank of Philippines (BSP)
- Circular 542, Series of 2006 – Senate of Philippines