Banking Regulation 2024 Comparisons

Principal Laws and Regulations

The principal laws and regulations governing the Taiwan banking sector include:

• the Banking Act;
• the Financial Holding Company Act;
• the Central Bank of the Republic of China (Taiwan) Act;
• the Regulations Governing Foreign Exchange Business of Banking Enterprises and the foreign exchange control-related laws and regulations;
• the Consumer Protection Act; 
• the Financial Consumer Protection Act; and 
• other related laws and regulations. 

Moreover, for banks concurrently conducting other business such as acting as a trust enterprise or electronic payment institutions, the relevant laws and regulations governing such business also apply.

The Banking Act and the Financial Holding Company Act

The Banking Act is the primary law governing the Taiwan banking industry and provides rules for conducting banking business, including: 

• the setting up and dissolution of banks;
• the scope of banking business;
• compliance requirements for banks’ business, finance, internal control and other matters;
• administration and supervision by the regulator, etc. 

For banks that are subsidiaries of financial holding companies, another major law is the Financial Holding Company Act, which governs the establishment, business, finance, administration and supervision of financial holding companies. 

The Central Bank of the Republic of China (Taiwan) Act, the Regulations Governing Foreign Exchange Business of Banking Enterprises and the foreign exchange control-related laws and regulations

This legislation governs foreign exchange-related activity, which is regulated by the Central Bank of the Republic of China (Taiwan) (CBC). Such laws and regulations also govern banks’ business operations involving foreign exchange. For example, the Regulations Governing Foreign Exchange Business of Banking Enterprises provide the scope of foreign exchange business, requirements for managing foreign exchange business, administration and supervision by the regulator, etc. 

The Consumer Protection Act and the Financial Consumer Protection Act

The Consumer Protection Act provides the general rules and requirements for the protection of the interests of all consumers, and the Financial Consumer Protection Act focuses on the protection of consumers who deal with banks and other financial institutions. Among other matters, the Financial Consumer Protection Act provides requirements on the advertising of financial products and services, contracts with consumers, and the procedures for financial consumer dispute resolution in order to reasonably and effectively handle financial consumer disputes.

Regulators – Financial Supervisory Commission (FSC) and CBC

The FSC and the CBC are the major regulatory authorities regulating banks in Taiwan.

The FSC is the primary competent authority regulating the financial markets and financial institutions in Taiwan. It determines financial policy, issues regulations and rules, conducts financial examinations and supervises financial institutions. The FSC has four bureaux: 

• the Banking Bureau;
• the Securities and Futures Bureau;
• the Insurance Bureau; and 
• the Financial Examination Bureau. 

While the FSC regulates financial markets and financial institutions generally, the Banking Bureau focuses on the banking sector, and the Financial Examination Bureau is in charge of financial examination of all financial institutions regulated by the FSC.

The CBC sets monetary policy to regulate the availability of money and credit. It also regulates foreign exchange activities and business, and conducts examinations of banks.

Types of Licences

According to the Banking Act, banks in Taiwan are categorised into three different types based on the main operations and purposes of the bank: 

• commercial banks;
• banks for a special business purpose; and
• investment and trust companies. 

Commercial banks are the major and most common type of bank in Taiwan, and their principal function is to accept deposits and extend loans. Banks for a special business purpose are established primarily to facilitate the extension of specialised credit, such as agricultural credits, export-import credits, credits for medium and small-sized enterprises and real estate credits. However, as such functions may also be performed by commercial banks, the establishment of banks for a special business purpose has been declining gradually, and most such banks have transformed into commercial banks. 

Investment and trust companies act as trustee to accept, operate, manage and employ trust funds and manage trust properties, or act as an investment broker to invest in funds and capital markets for specific purposes. There is currently no investment and trust company, as all such companies have transformed or merged into commercial banks. Therefore, the following discussion will focus on commercial banks.

In addition, in order to support and promote international financial activities, banks may apply to the FSC and CBC for a licence to establish offshore banking units, which can engage in foreign currency-denominated financing business in Taiwan without being subject to foreign exchange-related regulations.

Also, apart from traditional banks with physical branches, the FSC has agreed to the establishment of three online-only banks, which commenced business in 2022.

Services and Restrictions on Licensed Banks’ Activities

According to Article 71 of the Banking Act, the main business activities of a commercial bank include accepting deposits, issuing bank debentures, investing in securities, handling domestic and foreign remittances, offering loans and credit, providing guarantees, and acting as the agency bank in related banking business.

Besides the normal scope of services set forth in the Banking Act, a bank may also concurrently conduct other business upon the approval of the FSC. For instance, a bank may concurrently operate trust enterprise business, insurance agent or insurance broker business, financial advisory services and electronic payment business.

Statutory and Other Conditions for Authorisation

The statutory restrictions on and implications of authorisation can be found in three major aspects: 

• the paid-in capital;
• responsible persons of the bank; and 
• the ownership.

The minimum paid-in capital requirement for establishing a commercial bank is NTD10 billion (approximately USD307 million), and the contribution must be made in cash only.

According to the Regulations Governing Qualification Requirements and Concurrent Serving Restrictions and Matters for Compliance by the Responsible Persons of Banks, the general restrictions and requirements for the responsible persons of a bank include that the person must not have been sentenced to imprisonment for certain financial crimes or in violation of financial regulations, must not concurrently hold positions that may incur a conflict of interest, and must have adequate knowledge, capability and experience in banking business.

A person must obtain the FSC’s approval before they acquire more than 10%, 25% or 50% of the issued voting shares of a bank. There is no restriction on foreign ownership and the FSC is generally receptive to foreign investors. However, PRC investors are subject to the PRC ownership restriction and a different approval process. 

Applying for Authorisation – Timelines, Costs and Engagement with the Regulators

According to the Standards Governing the Establishment of Commercial Banks, the major steps and regulatory approvals generally required for the establishment of a bank are as follows.

• Firstly, the founders of the bank shall subscribe up to 80% of the total paid-in capital of the bank at the time of initiation. 
• Secondly, the founders are required to submit an application for the FSC’s approval; the application documents shall include a business plan, the founder's qualification declaration, the source of funds, the articles of association, and the paid-in capital and equity instruments of the bank. 
• After the establishment is approved by the FSC and within three months of completing the incorporation registration with the Ministry of Economic Affairs, the bank shall apply to the FSC for its business licence. The licence fee is one-four thousandth of the total capital specified in the articles of association of the bank.

During the establishment process of the bank, the FSC or another competent authority may designate its personnel to examine the matters relevant to the bank establishment, and may order the applicant to provide certain supporting documents or make explanations at any time. Also, the FSC may decide not to issue the business licence to the bank if the bank’s shareholders, directors, supervisors or managers do not meet the requirement, if the bank fails to complete preparation before the start of business, or if any condition the FSC deems might lead to unsound and inefficient business operations of the bank occurs.

Change in Control, Shareholding Thresholds and Other Restrictions

An investor in a bank would be subject to reporting requirements and/or the FSC’s prior approval if its stake reaches a certain level. 

If an investor and their spouse and children under 20 years of age (if any) in aggregate hold 1% or more of the voting shares in a bank, such investor shall notify the bank of this. 

A report to the FSC will be required if an investor (together with their related parties provided under the Banking Act) acquires or holds more than 5% of the voting shares of a bank. Any subsequent change in the shareholding by more than 1% is also required to be reported to the FSC. 

A person (together with their related parties) must obtain the FSC’s approval before their acquisition of 10%, 25% or 50% of the issued voting shares of a bank. 

In addition, the shares held by a third party for or on behalf of the investor or their related parties in trust, by mandate or through other types of contract, agreement or authorisation should be aggregated with the shareholdings held by such investor or the related parties. 

Regulatory Filings and Related Obligations

The application documents sent to the FSC for the acquisition of 10% or more of the issued voting shares of a bank should include documents and information regarding: 

• the investor’s existing shareholding;
• the proposed acquisition;
• the source of funds; and 
• other documents and information that may be required by the FSC on a case-by-case basis. 

Additional documents and information would be required in an application for the acquisition of 25% or 50% of the issued voting shares of a bank, including documents and information regarding the following. 

• In an application for a 25% acquisition:
1. the investor’s business and finance conditions by which the investor may improve the soundness of the operation of the bank and its management strategy;
2. the investment structure;
3. an evaluation of the effect on the bank’s business and finance condition within three fiscal years after the acquisition; and
4. the CPA-audited financial statements of the investor (including their related parties) or alternative financial information for the last three fiscal years.
• In an application for a 50% acquisition, in addition to the aforementioned application documents required for a 25% acquisition:

1. a business plan;
2. the proposed management team; and 
3. protection of the bank's employees’ interests.

Relevant Statutory and Regulatory Requirements

In addition to the board of directors, a bank must set up an audit committee comprised of its independent directors to review important matters and transactions (including related parties transactions). Also, according to the Banking Act and the Implementation Rules of Internal Audit and Internal Control System of Financial Holding Companies and Banking Industries, a bank shall establish an internal audit system and internal control system comprising three main elements: 

• a self-inspection system; 
• a legal compliance system; and 
• a risk management mechanism to ensure effective corporate governance. 

The internal control system of a bank should be approved by its board of directors. It shall cover all banking business activities and incorporate five major components. The first element and the basis for the implementation of an internal control system is the “control environment”, which encompasses: 

• the integrity and ethical values of the bank;
• the supervision responsibilities of the directors and supervisors;
• the organisational structure;
• the assignment of authority and responsibility;
• human resources policies;
• performance measurements;
• awards and discipline; and 
• the code of conduct for all directors and employees. 

Secondly, the internal control system shall adopt a “risk assessment” procedure, the results of which can assist the bank in designing, correcting and implementing the necessary controls in a timely manner. Thirdly, the internal control system shall include various “control operations”, namely to implement proper policies and procedures at all levels, business processes, and subsidiaries of the bank based on the risk assessment results to control risks. Fourthly, the internal control system shall ensure an effective internal and external “information sharing and communication” mechanism. Last but not least, the bank shall constantly “monitor” all operations. Any findings of deficiencies by the internal control system shall be reported to the appropriate management levels.

To implement the internal control system, a bank shall establish an internal audit unit and have sufficient and competent personnel as full-time internal auditors performing internal control duties independently and impartially. The internal audit unit is directly under the board of directors and is required to report its audit matters to the board of directors and audit committee at least every six months. In addition, a bank should appoint a chief auditor to manage all audit matters. The chief auditor is not allowed to take a job that will cause conflicts or limitations to the audit work. The employment, dismissal or transfer of the chief auditor should be approved by the consent of the majority of audit committee members as well as the consent of more than two-thirds of the board of directors, and should be reported to the FSC for ratification.

According to the Banking Act, a bank that fails to establish or diligently implement the internal control and audit systems should be subject to an administrative fine of between NTD2 million and NTD50 million.

Voluntary Codes and Industry Initiatives

The Bankers Association of Taiwan (BA) may issue various discipline rules based on the authorisation of the applicable laws and regulations. Such rules should be submitted to the FSC for ratification. A bank that fails to meet the requirements under the discipline rules would be deemed by the FSC as failing to establish or diligently implement the internal control and audit systems, and should be subject to the administrative fine as mentioned above.

Directors’ and Senior Managers’ Designation and the Regulatory Approval of Appointments

The Banking Act and the Regulations Governing Qualification Requirements and Concurrent Serving Restrictions govern the designation of the responsible persons of a bank (including board members and senior managers). Generally, the responsible persons of a bank shall have good moral character and full competence serving in their positions, and must not have been sentenced to imprisonment for certain crimes. 

Chairperson of Board of Directors and Directors

Directors of the bank are elected by shareholders. Although it is not required to obtain prior approval from the FSC to be nominated or elected as the director of the bank, the FSC has stipulated relevant requirements to ensure the chairperson of the board and the directors are capable of managing and operating a bank. 

One of the FSC’s main focuses in the supervision of chairpersons and directors is the restriction on holding concurrent positions. The chairperson may not concurrently act as the general manager of the same bank, nor act as the chairperson of another financial institution (bank, financial holding company, insurance company, securities firm, etc), nor act as the chairperson, general manager or equivalent role of a non-financial institution, unless otherwise approved by the FSC. If the chairperson is allowed to hold concurrent positions in other companies, they must ensure that all positions are managed effectively, without any conflict of interest. 

In addition, except for the banks that are 100% owned by the government or a single corporate shareholder, at least two of the directors of the bank shall meet any of the following qualifications: 

• having at least five years’ banking experience and having served as a vice manager or higher or equivalent position of the bank's head office;
• having three years’ banking experience and having served as a manager or higher or equivalent position of the bank's head office; or 
• having five years’ experience of working in financial administration or management and having held the position of civil service recommended appointment grade eight or higher or equivalent, with a good performance record. 

The minimum number of directors required to meet said qualifications would increase according to the total number of directors and the total assets held by the bank.

Senior Managers

The general manager of the bank shall meet any of the following qualifications: 

• having a bachelor degree or an equivalent degree with at least nine years’ banking experience, and having served at least three years in a management position; or 
• having at least five years’ banking experience and having served as a vice general manager or higher or equivalent position for at least three years, with a good performance record. 

The relevant qualification documents shall be submitted to the FSC for approval before the appointment of the general manager of a bank. 

Other senior managers, such as a vice general manager, assistant vice general manager or manager, are subject to other applicable qualification requirements regarding experience and expertise.

Directors’ and Senior Managers’ Roles and Accountability Requirements

The board of directors shall be responsible for the bank’s overall business strategies and major policies, supervising the senior managers, and shall be accountable to all shareholders. The board of directors is also responsible for the implementation and supervision of the bank's internal control system. 

Senior managers are appointed by and under the supervision of the board of directors. The general manager is responsible for handling the general operation of a bank. Other senior managers are delegated certain authority to assist the general manager in managing and operating the bank. 

Individuals Subject to Remuneration Requirements

According to the Corporate Governance Best-Practice Principles for Banks issued by the BA and ratified by the FSC, banks in Taiwan are advised to establish a remuneration committee led by and consisting of independent directors. In practice, all banks in Taiwan have independent directors serving on the board of directors, and most banks have set up a remuneration committee, whose primary responsibility is to establish performance appraisal standards and remuneration standards for managers as well as sales persons, and the remuneration structure and system for directors.

Relevant Remuneration Principles

The remuneration standard and payment shall be based on performance, adjusted considering future risks and the long-term profitability challenges facing the banking industry and shareholders’ interests to avoid inappropriate loss to the bank. Moreover, a significant proportion of a remuneration reward should be paid in deferred or equity-related payment. Also, when assessing the contribution of individual directors, managers and employees, an overall assessment of the banking industry should be carried out to clarify that such profits are not due to advantages such as the lower capital cost of the banking industry. 

The remuneration system should not incentivise directors, managers and employees to engage in acts that exceed the risk appetite of the banking industry in order to pursue remuneration. Last but not least, the remuneration system and performance should be reviewed regularly.

Regulators’ Supervisory Approach

A bank is required to disclose the remuneration of directors, supervisors, general managers, vice general managers, chairpersons of the board and general managers rehired as consultants by disclosing the aggregate remuneration information, with the name(s) indicated for each remuneration bracket, or to disclose the name of each individual and the corresponding remuneration amount (as applicable) in its annual report.

Consequences of Breaching the Requirements

A bank that fails to comply with the disclosure requirement for the annual report should be subject to an administrative fine of between NTD500,000 and NTD10 million.

Principal Laws and Regulations

In Taiwan, the primary regulators for AML and CTF are the Investigation Bureau under the Ministry of Justice (IBMOJ) and the FSC. The FSC has promulgated specific regulations governing AML and CFT in the banking sector, including the Regulations Governing Anti-Money Laundering of Financial Institutions, and the Regulations Governing Internal Audit and Internal Control System of Anti-Money Laundering and Countering Terrorism Financing of Banking Business and Other Financial Institutions.

KYC Requirements

First, a bank shall conduct due diligence on both new and existing customers taking a risk-based approach. The bank shall properly identify and verify the identity of the customer as well as its beneficial owner, and shall keep records on all relevant information. In particular, when the customer is a juristic person, the bank shall understand the business nature, equity structure and controlling person of the customer. 

Under a higher risk circumstance, the bank shall conduct enhanced customer due diligence. For ongoing customer due diligence, the bank shall regularly update all information at least once a year to ensure that the business relationship with the customer is consistent with the bank’s risk profile. The bank shall also understand the source of funds of the customer when necessary. 

In addition, the bank shall verify the identity of the customer and keep relevant records of large cash transactions and report such transactions to the IBMOJ, with certain exceptions for government department and fund arrangements between financial institutions. 

Suspicious Activity and Transaction Reporting

The bank shall report all suspicious transactions to the IBMOJ, including attempted transactions. When reporting to the IBMOJ, the bank shall use the Suspicious Activity Report (SAR) form prescribed by the IBMOJ, covering the following information: 

• the transaction details (eg, the type, currency and amount of the transaction); 
• a statement of the reason for suspicion, including who, what, when and where; and 
• the warning signs of money laundering activities. 

If a transaction triggers the red flags (see below), it shall be reviewed under the risk-based assessment to decide whether it is a SAR transaction. If the financial institution holds the view that such red-flagged transaction has nothing to do with any AML and CTF activity based on the relevant facts and its assessment, it is not required to report the transaction to the IBMOJ. However, it must retain records of the determination and assessment on such transaction.

The BA has implemented the red flags list for suspicious money laundering and terrorism financing transactions, but such items are not exhaustive in their coverage. A bank should select or create suitable red flags based on its assets scale, geographic areas, business profile, customer-base profile, characteristics of transactions, and internal money laundering/terrorism financing risk assessment or information on daily transactions, to identify red flag transactions of potential money laundering/terrorism financing.

Administrator of the Depositor Protection Scheme

The Deposit Insurance Act mainly governs the depositor protection regime in Taiwan. The Central Deposit Insurance Corporation (CDIC) was established on 27 September 1985 and is responsible for the management of the deposit insurance system. 

Classes of Deposits Covered by the Depositor Protection Scheme

Currently, the following deposits are covered by deposit insurance:

• checking accounts; 
• demand deposits; 
• time deposits; 
• deposits required by law to be deposited in certain financial institutions; and
• any other deposits approved by the FSC.

Limits on the Amount of the Depositor Protection Scheme

If an insured institution is ordered to cease its business operations or is unable to pay off its deposits, CDIC compensates each depositor up to NTD3 million, including principal and interest. 

Funding of the Depositor Protection Scheme

The share capital of CDIC shall be subscribed by the Ministry of Finance, CBC and the insured financial institutions. The total capital subscribed by the Ministry of Finance and CBC shall exceed 50%. Financial institutions duly authorised to take deposits must take part in deposit insurance provided by CDIC and pay premiums for deposit insurance. 

The Banking Act

The Banking Act requires banks in Taiwan to keep the information regarding their customers and the relevant transactions (eg, deposit, loan or remittance) in strict confidence, unless the disclosure is otherwise permitted by applicable laws or the FSC, or unless the customers default on the repayment of debt. Violators will be subject to an administrative fine ranging from NTD2 million to NTD50 million.

The Personal Data Protection Act

When collecting, processing and using personal data, Taiwanese banks also need to follow the requirements under the Personal Data Protection Act (PDPA). “Personal data” means any information that is sufficient to directly or indirectly identify an individual, such as name, date of birth, ID card number, passport number, financial conditions and data concerning a person’s social activities. 

The collection, processing (including storage), use and cross-border transmission of personal data by banks are subject to the PDPA, which includes obligations relating to consent securing, limitations on use and notification requirements. Disclosure is permitted if personal data has become public due to disclosure by the data subject or in a legitimate manner.

Banks must comply with the PDPA and establish security measures to protect personal data and dispose of it once the business relationship or need for the information ends. Failure to comply with the PDPA will result in a fine ranging from NTD50,000 to NTD500,000.

Adherence to Basel III Standards

The principal rule regarding the capital adequacy of a bank is contained in the Regulations Governing the Capital Adequacy and Capital Category of Banks, which adopted a number of elements of the Basel III framework. 

Risk Management Rules

A bank is required to self-assess its capital adequacy and establish its strategy to maintain its capital adequacy. Based on a bank’s self-assessment, the FSC may request a bank to improve its risk management. If the bank fails to comply with such request, the FSC may order the bank to adjust its regulatory capital and risk-weighted assets, or to submit a capital restructuring plan within a certain period.

Capital Requirements

The minimum paid-in capital for establishing a commercial bank in Taiwan is NTD10 billion. The promoters of the bank shall subscribe up to 80% of the total paid-in capital of the bank and the remaining shares shall be publicly offered; the capital contribution shall be made in cash. 

Subject to certain exceptions, a branch of a foreign bank in Taiwan must allocate a minimum operating capital of NTD250 million if the Taiwan branch plans to conduct retail deposit business.

Capital Adequacy Requirement

The current capital adequacy requirements are generally in line with the standards under the Basel III framework, including:

• Common Equity Tier 1 Ratio (ie, net Common Equity Tier 1 divided by total risk-weighted assets): 7%;
• Tier 1 Capital Ratio (ie, net Tier 1 Capital divided by total risk-weighted assets): 8.5%; and
• Total Capital Adequacy Ratio (ie, aggregate amount of net Tier 1 Capital and net Tier 2 Capital divided by total risk-weighted assets): 10.5%.

Countercyclical Capital Buffers

To enhance the risk-bearing capacity and international competitiveness of domestic banks, the FSC has authorised the implementation of countercyclical capital buffers. The FSC will consult with the CBC and other relevant authorities, when necessary, to impose on banks an additional provision of a countercyclical capital buffer of up to 2.5%.

Liquidity Requirements

To enhance banks’ short-term liquidity recovery ability, the FSC implemented the liquidity coverage ratio (LCR) framework in 2015. The LCR is calculated by dividing a bank's high-quality liquid assets by its total net cash flows over a 30-day period. Since 1 January 2019, banks incorporated under the laws of Taiwan must maintain an LCR of at least 100%. 

The LCR requirement is not applicable to a branch office of a foreign bank in Taiwan. However, a foreign bank applying to establish a branch office in Taiwan must specify the liquidity risk management framework adopted by the head office and the liquidity risk management measures applicable to the Taiwan branch.

Additional Requirements for Systemically Important Banks

In 2019, the FSC announced the supervisory measures for systemically important banks in Taiwan, which are required to meet 4% additional capital buffer requirements with their Common Equity Tier 1 capital in the four years after designation. The 4% additional capital buffer includes a 2% additional regulatory capital buffer and a 2% bank’s internal capital buffer.

Systemically important banks in Taiwan are required every year to submit their contingency action plans for dealing with situations where the capital is not sufficient. They are also required to conduct and report two-year stress test results to the FSC.

Six banks are currently designated as systemically important banks: 

• CTBC Bank;
• Cathay United Bank;
• Taipei Fubon Commercial Bank;
• Mega International Commercial Bank;
• Taiwan Cooperative Bank; and 
• First Commercial Bank.

Principal Means of Resolving a Failing Bank

The FSC may take over a bank if:

• there is a concern that a bank might not be able to pay its debts when due or there might be a detriment to the depositors’ interests due to obvious deterioration in the bank’s business or financial condition; 
• a bank’s capital is graded as being seriously inadequate and 90 days have lapsed since the date the bank was so graded (however, if a bank is ordered by the FSC to undertake capital restructuring or a merger within a prescribed period and fails to do so, the 90 days should be calculated from the day subsequent to the prescribed period); or
• the losses of a bank exceed one third of the bank’s capital and the bank fails to make up such deficit within three months. 

If the FSC places a bank in receivership, the duties and powers of the bank’s shareholders’ meeting, board of directors, directors, supervisors and audit committee shall be suspended. The receiver appointed by the FSC has the power to manage the bank’s business and dispose of the bank’s properties. 

The FSC has the power to resolve failing banks in an orderly manner. In local practice, seven banks were placed under receivership from 2006 to 2008. The FSC divided their assets into non-performing assets and other assets, and sold them separately. The non-performing assets were sold to asset management companies while the other assets were sold to other banks, with a certain amount of compensation agreed to be paid by the FSC. The depositors, employees and non-deposit creditors suffered little hurt.

FSB Key Attributes of Effective Resolution Regimes

Following the crisis management guidance under the FSB Key Attributes of Effective Resolution Regimes, systemically important banks in Taiwan are required every year to submit their contingency action plans for dealing with situations where the capital is not sufficient. They are also required to conduct and report two-year stress test results to the FSC. However, there is no special resolution regime for systemically important banks in Taiwan. 

Insolvency Preference Rules Applicable to Deposits

If the failing bank is ordered by the FSC to cease its business operations, deposit debts shall precede non-deposit debts.

FinTech

Taiwan banks are embracing fintech developments. In the latest regulatory policy release in August 2023, the FSC announced a three-year blueprint, aiming to create an inclusive, fair, sustainable and international fintech ecosystem.

Four-Way Approach

The FSC adopts a four-way approach for fintech developments:

• Approach I: optimising fintech-related laws and policies;
• Approach II: promoting fintech training;
• Approach III: encouraging fintech application; and
• Approach IV: improving financial inclusion and digital finance.

Approach I: optimising fintech-related laws and policies

FinTech innovations are primarily regulated under the Financial Technology Development and Innovative Experimentation Act in Taiwan. The FSC announced that it welcomes public opinion and will prepare draft amendments to the Act. Further, a platform for public comments and policy proposals will be established in late 2023.

In October 2023, the FSC published the Core Principles for AI Application in the Financial Industry. The six core principles are:

• governance and accountability mechanism;
• fairness and human-centred AI design;
• privacy and client data protection;
• system stability and security;
• transparency and explainability in AI; and
• sustainable development.

It is expected that the FSC will release more guidance in the future.

The BA also published its Self-Regulation on AI Applications. The Self-Regulation is a risk-based framework, requiring the establishment of an appropriate mechanism for risk management and regular review. The AI applications shall be supervised by the chief information security officers, chief compliance officers, and chief risk officers of financial institutions. The BA Self-Regulation regulates AI applications:

• when AI interacts with clients directly and is used to provide financial product recommendations;
• when the AI-powered services would affect the clients’ rights in the financial transactions; and
• when the AI-powered services have a material impact on the operation of the financial institution.

Approach II: increasing fintech resources and training

In 2018, the FSC established the Fintech Space, a co-working space for FinTech start-ups. To further assist the start-ups, the FSC plans to hold investor meetings, provide regulatory assistance, and co-ordinate university–industry co-operation. It will also launch a fintech ability certificate programme to promote fintech skills training.

Approach III: encouraging fintech application

According to the three-year plan, the FSC will facilitate a FIDO V2 Plan to expand the use of Financial Fast Identity Online (FIDO) in financial services, and to promote the FIDO application in non-financial institutions that require name-based identity check. The FSC has proposed to continue promoting open data and sustainable fintech.

Approach IV: improving financial inclusion and digital finance

The FSC will continue implementing regulatory technologies, including alerting and reporting mechanism for bank liquidity, credit risk analysis system for banks, and the use of AI in financial data collection. The FSC also plans to release guidance and host educational training to the financial industry to promote financial inclusion.

Information Disclosure

To enhance ESG information disclosure, the annual report of a bank shall specify how it supports sustainable development. If the bank is listed on the Taiwan Stock Exchange or the Taipei Exchange, the annual report shall also disclose any deviation from compliance with the Sustainable Development Best Practice Principles for TWSE/TPEx Listed Companies. Under those Principles, listed companies are encouraged to report their carbon footprint, waste management practices, gender diversity, etc, to improve the availability of domestic ESG data for investors. 

The FSC has also promulgated the Guideline on Financial Disclosure of Climate Risks for Local Banks, under which banks shall disclose financial information on climate-related risks from 2023.