Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide


  1. 1. ORDER MINISTRY OF FINANCE From : Ministry of Finance Date : June 3, 2003 Ref. No. : Tai-Tsai-Rong-5-Zi-0925000300 Attachment : Outsourcing Guidelines for Financial Institutions Explanation: Amended "Outsourcing Guidelines for Financial Institutions" ("Guidelines") as per Exhibit and following directive: 1. With respect to the outsourced matters stipulated in Point VI of the Guidelines, commencing from September 1, 2003, financial institutions shall submit a report by inputting the outsourced matters and the outsourcing scope on the Bureau of Monetary Affairs Financial WEB Service System. The method for submitting such a report and the content of such a report will be separately announced. Financial institutions shall continue submit a report to this Ministry for checking and record if internal outsourcing rules are promulgated or amended prior to the above commencement day. However, it is not necessary to attach the outsourcing contract containing the amended items and the business license of the appointed institution to such a report. 2. If current outsourcing operations do not © Russin & Vecchi, 2003 - 1 -
  2. 2. conform to the amended Guidelines, such operations shall be adjusted to conform to the Guidelines within six months from the date of the amendment of the Guidelines. The contents of the outsourcing contracts which do not conform to the amended Guidelines shall be revised in accordance with Point IX of the Guidelines when such outsourcing contracts expire or the parties enter into new contracts. © Russin & Vecchi, 2003 - 2 -
  3. 3. ATTACHMENT TO MOF ORDER, DATED JUNE 3, 2003 OUTSOURCING GUIDELINES FOR FINANCIAL INSTITUTIONS ("Guidelines") Promulgated by the Ministry of Finance ("MOF") As last amended on June 3, 2003 I. When outsourcing services to third parties, financial institutions shall enter into an agreement with the relevant third party and comply with these Guidelines. "Financial institutions" as used herein shall include domestic banks, foreign banks branches in the ROC, investment and trust companies, bills finance companies, credit associations, credit departments of farmers' and fishermen's associations, institutions engaged in the credit card business. II. When outsourcing services to third parties, financial institutions may not violate any mandatory or prohibitive provision [of the law], public order or good morals, and the subject [outsourcing] shall not adversely affect the financial institutions' business operations, management or audit procedures or the interests of the financial institutions' customers. Financial institutions shall ensure that the Banking Law, the Anti-Money Laundering Law, the Computer Processed Personal Data Protection Law and other applicable [laws and] regulations are complied with. © Russin & Vecchi, 2003 - 3 -
  4. 4. Financial institutions shall designate a dedicated department to tightly control and supervise matters outsourced by such financial institution, and conduct regular and irregular audits on such matters and maintain a record thereof. III.When outsourcing services to third parties, financial institutions shall assure that the Ministry of Finance ("MOF"), the Central Bank of China ("CBC") and the Central Deposit Insurance Company will be able to obtain relevant information or reports and may conduct financial audits. IV. When outsourcing services to third parties, financial institutions shall carefully select the institution to handle the outsourced matters and confirm that such outsourced matters fall within the permitted scope of business of such institution. When outsourcing services to third parties, financial institutions shall establish emergency measures to avoid the banks' business operations or the customers' interests from being affected because of reduced quality of service by the service provider, the service provider's termination of the service agreement, or the service provider's cessation of business. When outsourcing services to third parties, financial institutions shall be responsible to customers whose rights are impaired due to the negligence of the institutions appointed to handle the outsourced matters or such institutions' employees. When outsourcing services to third parties, financial institutions shall implement a consumer dispute resolution procedure and timetable for handling such dispute and establish a department for coordination and conciliation to receive and handle customers' complaints. © Russin & Vecchi, 2003 - 4 -
  5. 5. V. Financial institutions may outsource the following matters related to the conduct of the financial institutions' registered business or involving customer information: (1) data processing including input, processing and output of data in the relevant computer system and improvement, control and maintenance of such computer system, and logistical support for data processing in connection with the financial institutions' business. (2) The marketing of credit cards, data input of information about customers, printing of relevant materials and forms and statements, matters regarding packaging and sealing, matters regarding sorting and mailing, matters regarding computer or manual [credit] card activation, reporting of lost cards, cash advances and emergency services. (3) Transporting securities, checks, forms and statements and cash, and conducting ATM's cash supply. (4) Appointing a law firm or landscribe to handle relevant legal matters, and approach other institutions to handle matters related to taking over title to collateral. (5) Automobile location services if repayment on a car loan is overdue and automobile auction sale services (excluding the determination on the floor price for such auction). (6) Appraisal of real estate. (7) Warehousing of relevant documents such as forms and statements and certificates. (8) Collection of debts. © Russin & Vecchi, 2003 - 5 -
  6. 6. (9) Matters related to marketing, management, (other than the granting or denial of loan applications) [customer] service and consulting for auto loans; (10)Internal audits (provided that such audits may not be conducted by the certified public accountant who audits such financial institution's finances); (11)Matters related to drawing negotiable instruments (e.g., checks and drafts) for customers; (12)Back office functions for trade financing activities (e.g., the issuance and negotiation of letters of credit and import and export collections); (13)Verification of the identity and signature of consumer loan applicants; (14)Marketing of housing loans; (15)Electronic customer services (including services through automated telephone voice systems, telemarketing, management of and response to customer e-mail, inquiries about, and assistance for, electronic banking and electronic commerce customers and specialized electronic banking customer services); (16)Marketing and signature verification of consumer loans; (17)Evaluation, classification, combination and sale of non performing loans; provided, that, such outsourcing agreements shall provide that the institutions appointed to handle such matters and their employees shall not engage in any work or provide any consulting or advisory services which © Russin & Vecchi, 2003 - 6 -
  7. 7. give rise to a conflict of interest with the outsourced services; (18)Customs clearance, deposit, transportation and delivery of precious metals such as gold bars, silver bars and white gold bars; (19)Compiling and editing credit analysis reports on customers who transact with the financial institution and to whom credit has been extended; (20)Other matters as approved by the MOF. VI. Under the premise that outsourcing will affect neither the operations of a financial institution nor the rights of such financial institution's customers, a financial institution may outsource the matters listed in Item V, above, in accordance with internal outsourcing rules approved by their board of directors (or, as regards the Taiwan branch of a foreign bank, by the relevant officer authorized by the head office) of such financial institution. The above internal outsourcing rules shall clearly specify the below listed matters:: (1) The matters to be handled and scope of services to be performed by the third party; (2) The procedures by which customer rights will be protected; (3) The risk management procedures; and (4) The internal control procedures. Compliance with internal outsourcing rules shall be included as an item to be reviewed in internal audits. © Russin & Vecchi, 2003 - 7 -
  8. 8. The results of such auditing and the status of handling consumer complaints within the latest one year shall be disclosed in the internal audit reports. VII.If a financial institution proposes to outsource matters other than those listed in Item 5 of these Guidelines, which matters involve the conduct of the financial institution's licensed business, or customers' rights, the financial institution shall submit to the MOF for review a copy of the resolution of the board of directors meeting (or, if such institution is the Taiwan branch of a foreign bank, an authorization letter issued by the relevant officer at the head office) authorizing such outsourcing and the relevant outsourcing plan. Such outsourcing plan shall, at a minimum, include: (1) The matters to be handled and scope of services to be performed by the third party; (2) Operations and risk management procedures; (3) Evaluation of the impact of such outsourcing on the financial institution's business operations; (4) An explanation of the actions being taken to protect customer rights; and (5) An analysis of legal and regulatory compliance issues. VIII.With respect to outsourcing matters that involve customer information, the outsourcing agreement executed by a financial institution and a third party shall include a provision that requires the financial institution to inform its customers [of the outsourcing]. If the outsourcing agreement does not include such a provision, the financial institution shall notify its customers in writing of the outsourcing matter, specifying that the customer will be deemed to have consented to such outsourcing unless the © Russin & Vecchi, 2003 - 8 -
  9. 9. customer objects thereto in writing within a reasonable period of time. Financial institutions shall ensure that the third par- ties described in the preceding paragraph establish strict control measures so as to prevent those with ac- cess to customer information from disclosing such infor- mation or otherwise using such customer information for any inappropriate purposes. Such third parties shall es- tablish internal controls and conduct periodic internal audits [with regard to the safekeeping of customer infor- mation]. IX. A financial institution's outsourcing agreements (including sub-outsourcing agreements) shall, at the minimum, specify the following matters, in order to maintain the quality of the outsourced services: (1) The specific outsourced items and the scope thereof. (2) The laws and regulations (including the Banking Law, Anti-Money Laundering Law, the Computer Processed Personal Data Protection Law, and other laws and regulations) applicable to financial institutions with which the institutions appointed to handle the outsourced services must comply. (3) A requirement that the institution appointed to handle outsourced services establish an internal control system and conduct regular and irregular internal audits and immediately notify the appointing financial institution if the outsourced services cannot be duly discharged, or there is difficulty, or a threat of encountering difficulty, in performing such services. (4) The right of the financial institution when necessary (including where a competent authorities orders termination or cancellation of the outsourcing © Russin & Vecchi, 2003 - 9 -
  10. 10. agreements), to terminate the outsourcing agreement by notice to the appointed institution. (5) Agreement of the appointed institution that competent authorities may, in accordance with Article 45 of the Banking Law, check and audit the outsourced matters within the outsourced scope. (6) Agreement that the appointed institution shall not use the name of the appointing financial institution when dealing with the public in the course of handling the outsourced matters. © Russin & Vecchi, 2003 - 10 -