Abstract
The newly added requirement in Taiwan’s Money Laundering Control Act to fully authenticate customers’ identity by regulated entities, particularly to reveal substantial beneficial owners, entails greater disclosure of customers’ private information. How to strike the balance between such disclosure and information privacy protection has not been mentioned yet in Taiwan. The goal of this research paper is to identify support measures, consisting of criteria, sub-criteria, and alternatives, for information privacy protection for future change. A questionnaire was developed through applying the modified Delphi method. This study also applied the analytic hierarchy process to the questionnaire to prioritize the importance of different criteria and sub-criteria and find the optimal alternative. The search results indicated that the criteria were (in order of importance) internal control in financial institutions, prior surveillance mechanisms, informed consent, and safe-harbor immunity. Further examination of the details for the sub-criteria indicated that the establishment of an external independent supervising mechanism and the adoption of a personal information impact assessment are increasingly prioritized for implementation. Moreover, Alternative 2 (“Public and private entities should implement criteria and sub-criteria simultaneously”) weighed 0.62 more in terms of importance compared with Alternative 1 (“Public entities should implement criteria and sub-criteria first”), which weighed 0.38.
Highlights
According to Wang [1], Taiwan’s modified Money Laundering Control Act, passed at the end of 2016, was a crucial legislative adjustment before it received a third-round evaluation by theAsia/Pacific Group on Money Laundering
The greatest concern lies in the anti-money laundering law requiring designated entities to perform the KYC procedure, called customer due diligence (CDD), which constitutes a potential invasion of information privacy
To justify unprecedented personal information collection and avoid potential endowed-power abuse, support measures for information privacy protection are needed in Taiwan
Summary
According to Wang [1], Taiwan’s modified Money Laundering Control Act, passed at the end of 2016, was a crucial legislative adjustment before it received a third-round evaluation by theAsia/Pacific Group on Money Laundering. The newly modified Act raises serious concerns about the adequacy of information privacy protection, especially considering the increasing attention paid to money laundering. The greatest concern lies in the anti-money laundering law requiring designated entities to perform the KYC (know your customer) procedure, called CDD (customer due diligence), which constitutes a potential invasion of information privacy. Under the KYC or CDD procedural requirements, obligated entities must authenticate a customer’s identity to reveal the substantial beneficial owner and financial source; analyze the customer’s transactional model and identify violations; and report any suspicious behavior to government authorities. Behaviors and surveil risks for illegality [2] To fulfill their legal requirement, obligated entities ought to acquire much customer information to vindicate the legality of transactions [3]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
