News
FSC Releases "Consultation Paper Regarding Data Governance for Data Sharing by Financial Institutions," Seeking Public Feedback
2024-05-16
The Financial Supervisory Commission (FSC) released the "Consultation Paper Regarding Data Governance for Data Sharing by Financial Institutions" today. This document covers a range of crucial topics, including data sharing, privacy protection, technology application, data classification, and data governance. It specifically seeks feedback on 24 specific questions from financial institutions, FinTech companies, relevant government agencies, experts, scholars, and the general public.
The FSC noted that the rapid development of artificial intelligence in recent years has enabled the financial industry to use data to train models and analyze customer behavior, thereby enhancing the customer experience and developing innovative services. Concurrently, public concern over the use of personal data and privacy protection has been increasing. In response, the FSC issued the "Guidelines for Data Sharing between Financial Institutions" in 2021 and has now proposed this consultation paper to address practical operations of cross-institutional data sharing by financial institutions. The consultation paper consolidates international principles of customer data governance and relevant national regulations on customer data protection. It also explores global trends in traditional de-identification techniques and emerging privacy enhancing technologies (PETs), and proposes a direction for the classification and governance principles for sharing of customer data by financial institutions in Taiwan. Specific consultation questions are listed in relevant sections for ease of reference and feedback.
The consultation paper classifies customer data of financial institutions into four levels, and proposes corresponding governance methods for data sharing at each level. The FSC has outlined the following classifications and governance requirements:
1. Level 1 (Unprocessed Customer Data): Requires high protection, including compliance with personal data protection regulations and obtaining individual customer consent. Data sharing is primarily restricted to financial institutions.
2. Level 2 (Data processed for privacy protection but still easily re-identifiable): Requires high protection, including compliance with personal data protection regulations and obtaining individual customer consent. Data sharing is primarily restricted to financial institutions but may include non-financial institutions with data governance and privacy protection standards equivalent to those of financial institutions.
3. Level 3 (Data processed for privacy protection and less easily re-identifiable): Requires moderate protection, including compliance with personal data protection regulations and simplified customer consent processes. Data sharing can involve both financial institutions and non-financial institutions with appropriate data governance and privacy protection capabilities.
4. Level 4 (Data not related to individual customers, such as statistical data): Requires low protection, with no need to apply personal data protection regulations. Data can be reused by both financial and non-financial institutions.
The release of this consultation paper underscores the FSC's dual commitment to promoting financial innovation and protecting consumer rights. The FSC emphasized that effective data governance is increasingly important in today's rapidly developing FinTech landscape. It not only improves the quality and efficiency of financial services but also is crucial for protecting customer privacy and financial security. The purpose of this consultation paper is to engage in dialogue with various sectors of society to discuss how to encourage financial institutions to adopt a risk-based data governance framework for data sharing while complying with personal data protection and financial regulations. This ensures secure and innovative use of data, maximizing its value.
The consultation period will last for 60 days. Detailed content of the consultation paper and response methods are available on the FSC website and the "Join" Public Policy Online Participation Network Platform. The FSC invites interested parties to participate in the discussion and provide feedback. The results of this consultation will be an important reference for the FSC in formulating the "Data Governance Guidelines for Data Sharing by Financial Institutions," aiming to enhance the transparency and efficiency of data sharing and utilization, promote the digital development of the overall financial market, and improve the financial service experience for customers.
Contact: Financial Technology Development and Innovation Center
Tel: (02) 8968-0086
If you have any questions, please send an email to: https://fscmail.fsc.gov.tw
The FSC noted that the rapid development of artificial intelligence in recent years has enabled the financial industry to use data to train models and analyze customer behavior, thereby enhancing the customer experience and developing innovative services. Concurrently, public concern over the use of personal data and privacy protection has been increasing. In response, the FSC issued the "Guidelines for Data Sharing between Financial Institutions" in 2021 and has now proposed this consultation paper to address practical operations of cross-institutional data sharing by financial institutions. The consultation paper consolidates international principles of customer data governance and relevant national regulations on customer data protection. It also explores global trends in traditional de-identification techniques and emerging privacy enhancing technologies (PETs), and proposes a direction for the classification and governance principles for sharing of customer data by financial institutions in Taiwan. Specific consultation questions are listed in relevant sections for ease of reference and feedback.
The consultation paper classifies customer data of financial institutions into four levels, and proposes corresponding governance methods for data sharing at each level. The FSC has outlined the following classifications and governance requirements:
1. Level 1 (Unprocessed Customer Data): Requires high protection, including compliance with personal data protection regulations and obtaining individual customer consent. Data sharing is primarily restricted to financial institutions.
2. Level 2 (Data processed for privacy protection but still easily re-identifiable): Requires high protection, including compliance with personal data protection regulations and obtaining individual customer consent. Data sharing is primarily restricted to financial institutions but may include non-financial institutions with data governance and privacy protection standards equivalent to those of financial institutions.
3. Level 3 (Data processed for privacy protection and less easily re-identifiable): Requires moderate protection, including compliance with personal data protection regulations and simplified customer consent processes. Data sharing can involve both financial institutions and non-financial institutions with appropriate data governance and privacy protection capabilities.
4. Level 4 (Data not related to individual customers, such as statistical data): Requires low protection, with no need to apply personal data protection regulations. Data can be reused by both financial and non-financial institutions.
The release of this consultation paper underscores the FSC's dual commitment to promoting financial innovation and protecting consumer rights. The FSC emphasized that effective data governance is increasingly important in today's rapidly developing FinTech landscape. It not only improves the quality and efficiency of financial services but also is crucial for protecting customer privacy and financial security. The purpose of this consultation paper is to engage in dialogue with various sectors of society to discuss how to encourage financial institutions to adopt a risk-based data governance framework for data sharing while complying with personal data protection and financial regulations. This ensures secure and innovative use of data, maximizing its value.
The consultation period will last for 60 days. Detailed content of the consultation paper and response methods are available on the FSC website and the "Join" Public Policy Online Participation Network Platform. The FSC invites interested parties to participate in the discussion and provide feedback. The results of this consultation will be an important reference for the FSC in formulating the "Data Governance Guidelines for Data Sharing by Financial Institutions," aiming to enhance the transparency and efficiency of data sharing and utilization, promote the digital development of the overall financial market, and improve the financial service experience for customers.
Contact: Financial Technology Development and Innovation Center
Tel: (02) 8968-0086
If you have any questions, please send an email to: https://fscmail.fsc.gov.tw
- Visitor: 300
- Update: 2025-07-29
