Chapter 3 Inspection of Internal Control System |
Section 4 Regulatory Compliance System |
Article 31 |
A specialized electronic payment institution shall assign a management unit directly under the president to take charge of the planning, management and implementation of regulatory compliance system, and appoint a high-level manager to act as the chief compliance officer who oversees the compliance matters and report to the board of directors, supervisors, or audit committee at least semiannually. If any major violation of regulations is discovered, the chief compliance officer shall immediately report to the directors and supervisors, and report the compliance related matters to the board of directors.
The chief compliance officer and personnel of the compliance unit shall attend at least fifteen hours of training a year offered by competent authority-designated professional training institutions or their employer. The training courses shall cover at least the latest regulatory amendments.
A specialized electronic payment institution shall file the list of chief compliance officer and personnel of compliance unit and their training records to the competent authority via a web-based information system. |
Article 32 |
A specialized electronic payment institution shall establish advisory and communication channels for compliance related matters to keep employees informed of relevant rules and regulations, swiftly clarify any questions its employees may have on compliance matters, and ensure regulatory compliance.
The compliance unit of a specialized electronic payment institution shall analyze the causes of significant deficiency or fraud in compliance related matters within respective unit, and propose suggestions for improvement. The report produced thereof shall be signed off by the president and then submitted to the board of directors for approval. |
Article 33 |
The compliance unit of a specialized electronic payment institution shall conduct the following tasks:
1. Establishing a system for clear and adequate conveyance, consultation, coordination and communication of compliance matters.
2. Keeping operating and management rules and procedures updated in line with relevant regulations to make sure all business activities comply with regulatory requirements.
3. Before a specialized electronic payment institution introduces a new product or service, or applies to the competent authority for approval to offer a new business, the chief compliance officer shall issue and sign an opinion statement undertaking that the new product, service or business complies with applicable regulations and internal rules.
4. Drafting the details of evaluation and procedures for evaluating regulatory compliance, overseeing the periodic self-evaluation conducted by respective units, and assessing the compliance self-evaluation conducted by respective units and producing a report thereon, which, after being signed off by the president, will be used as reference in the performance evaluation of the unit.
5. Providing pertinent appropriate regulatory training to personnel at various units.
The internal audit unit may draft the details of evaluation and procedures for evaluating compliance by its subordinate units and perform self-evaluation of the compliance status of its subordinate units, to which the provisions in Subparagraph 4 of the preceding paragraph do not apply.
A specialized electronic payment institution shall perform self-evaluation of compliance at least semiannually. The results shall be sent to the compliance unit for future reference. The head of a unit shall designate a dedicated person to carry out the unit's self-evaluation.
The working papers and information on the self-evaluation work under the preceding paragraph shall be retained for at least five years. |