Frequently Asked Questions
Q. 1. From an institutional perspective, banks have been exerting best efforts to obtain and document the consent of all its customers, specifically the old account holders that have had accounts long before the existence of the Data Privacy Act of 2012 (DPA). We understand that “negative conforme” type of consent is not acceptable. Given the difficulty of obtaining a positive form of consent, aside from achieving a 100% success rate with regards to obtaining consent from the entire client population, is the ...
Will the compliance of banks with BSP requirements be considered compliance with the DPA and IRR? Some requirements overlap. Will NPC defer to the BSP on this matter? We understand that there is a possibility of a memorandum of agreement between NPC and BSP to align their requirements; is there any update on this?