Let me start by citing Section 2 and 3 of Republic Act #1405 also known as the Bank Secrecy Law of the Philippines:
SECTION 2. All deposits of whatever nature with banks or banking institutions in the Philippines including investments in bonds issued by the Government of the Philippines, its political subdivisions and its instrumentalities, are hereby considered as of an absolutely confidential nature and may not be examined, inquired or looked into by any person, government official, bureau or office, except upon written permission of the depositor, or in cases of impeachment, or upon order of a competent court in cases of bribery or dereliction of duty of public officials, or in cases where the money deposited or invested is the subject matter of the litigation.
SECTION 3. It shall be unlawful for any official or employee of a banking institution to disclose to any person other than those mentioned in Section two hereof any information concerning said deposits.
The ongoing impeachment trial of Chief Justice Renato Corona raised some concerns with regards to the Bank Secrecy Law since the accounts of the Chief Justice was brought to the attention of the public. According to PSBank Katipunan Branch manager Annabelle Tiongson and PSBank president Pascual Garcia, the said documents or forms attached by the prosecution to their complain were falsified or faked.
Now I am not a lawyer nor a bank person, but I know my technology. It is not important for me if the documents or forms were faked or falsified – my concern is, how did those accounts reached or were written into those forms? Where did those information (accounts) came from? Who filled it up? Fake or not, the account numbers exist – both the peso accounts and the dollar accounts of the Chief Justice.
Can these accounts be seen only by officials or employees who are working in the Katipunan branch or the main branch of PSBank? To the best of my knowledge, the accounts can be seen by all branches of the same bank and can be accessed by all officials and employees who are given authority to access the bank system. Why? Because most, if not all, bank computers are interconnected.
You don’t have to be an expert to know this. The mere fact that one can withdraw his or her money from any branch of the same bank proves my point. If I were a depositor of one bank in Pasig, I can go to a branch in Makati (of the same bank) and do transactions there, which means that the officials and employees of the bank in the Makati branch can and have access to my accounts.
But security features are put in place so as to prevent unnecessary leakage. If my main bank is in Pasig, all other branches of the same bank (except the main branch) can view my bank account number, only my bank account number – not my balance or my transactions. And in this impeachment trial, the account numbers are sufficient.
Now, if you were an oridinary person who would go to a bank and ask if a particular account exist or if you simply what to know the accounts of a particular depositor, I don’t think you would have any success in getting those information because of the law I stated above. But what if you have a friend or a relative who works for a particular bank? What harm can a simple inquiry do? Can a bank guarantee (100%) that their bank employees or officials will not give in to a request of a friend or a relative? Will these employees and officials follow Section 2 to the dot?
Senator Allan Peter Cayetano raised this concern – to get hold of those information, will it be possible for the bank employee to hit the “Print Screen” button? Very possible Mr. Senator, and banks should disable the ‘Print Screen’ button to prevent that concern addressed by Senator Cayetano from happening. But what will prevent a bank employee from accessing the accounts and use his or her phone (that comes with a camera) and take a picture of the accounts? Or what will prevent a bank employee to write down the information in a piece of paper and give it to whoever is requesting it?
My point is, I think our banks should check their security procedures to make sure that bank information will be kept as a secret and private. So how do you prevent this? I always say security is a procedure and not a product. Like in this case, one should only look at the transaction logfile of the bank and you will know who accessed a particular account – all transactions including inquiry. The question is – do banks record these transactions? Even a simple inquiry should be recorded, If not, then determining how the accounts were brought out of the bank will remain a question forever. And if I may add, bank employees should not be allowed to bring in any device that has recording capability.
Banks should ensure that their employees follow Section 2 of the Bank Secrecy Law. It is their duty and reponsibility to do this. If not, our banking industry would face a serious problem. Trust is of utmost concern here.
I am logging off. Stay cool and God Bless us all!
(Article written by Jerry Liao)