The Philippine Competition Commission ("PCC"), through Commission Resolution No. 18-2022, has adjusted the compulsory notification threshold for mergers and acquisitions as follows: (i) from PhP 6 billion in 2020 to PhP 6.1 billion for the Size of Party ("SoP"), and (ii) from PhP 2.4 billion in 2020 to PhP 2.5 billion for the Size of the Transaction ("SoT").
The SoP refers to the aggregate value of assets or revenues in the Philippines of the ultimate parent entity of one of the parties to a transaction, while the SoT refers to the value of assets or revenues of the acquired entity and the entities it controls.
Previously, all mergers and acquisitions with SOP or SoT below PhP 50 billion were exempt from compulsory notification and review by PCC under Republic Act No. 11494, otherwise known as the Bayanihan to Recover as One Act, were subject to compulsory notification and review by PCC. With the lapse of the period set under the Bayanihan to Recover as One Act on 15 September 2022, the new threshold set by PCC is now effective beginning 16 September 2022.
PCC calculated the new thresholds to be provisionally set by updating the 2020 thresholds based on the country’s nominal gross domestic product growth in the past two years, reflecting the contraction of the economy by 8.09% in 2020 and subsequent growth of 8.13% in 2021. The set thresholds will remain effective until PCC en banc approves a new set of thresholds for compulsory notification.
On 1 September 2022, the Bangko Sentral ng Pilipinas ("BSP") launched the Advanced Supervisory Technology ("SupTech") Engine for Risk-based Compliance, otherwise known as ASTERisC, for deployment among selected BSP-supervised Financial Institutions ("BSFIs"). The primary purpose of ASTERisC is to strengthen and enhance the cyber resilience of banks nationwide and to protect consumers, especially considering the present wide use of digital payments.
According to BSP, ASTERisC is a unified regulatory technology ("RegTech") and SupTech solution that streamlines and automates regulatory supervision, reporting, and compliance assessment of BSFIs' cybersecurity management. BSP's RegTech and SupTech solution is the next generation digital supervision tools and techniques aimed at enhancing the timeliness and quality of risk-based decision making.
BSP is also expected to issue the Financial Services Cyber Resilience Plan soon, which will serve as the primary framework for policies and strategies to strengthen cyber defence in the financial services industry. According to BSP, the pandemic has pushed the share of digital payments in the total volume of retail transactions from 20.1% in 2020 to 30.3% in 2021. Furthermore, the value of payments facilitated by online payment platforms also rose from a 26.8% share in 2020 to 44.1% of the total retail transactions in 2021. BSP envisions further growth in the use of digital payments, necessitating greater cyber protection. In fact, BSP itself would like digital payments to make up 50% of all transactions both in terms of volume and value by year 2023.
BSP will continue to develop the ASTERisC with the goal of improving cyber security. BSP is committed to further consult and engage the participation of BSFIs, government agencies, and industry associations for a cohesive and industry-wide approach to addressing cyber security issues, and to enhance cyber incident response.
In Memorandum No. M-2022-035, the Bangko Sentral ng Pilipinas ("BSP") introduced a modified approach in granting new Virtual Asset Service Provider ("VASP") licences, as approved by the Monetary Board. BSP recognised that while VASPs offer opportunities to promote greater access to financial services at reduced costs, they also pose varied risks which could undermine financial stability. In view thereof, BSP seeks to strike a balance between promoting innovation in the financial sector and ensuring that associated risks remain within manageable levels.
Under the modified approach, the regular application window for new VASP licenses shall be closed for a period of three years starting 1 September 2022, while only existing BSP supervised financial institutions ("BSFIs") may be granted new VASP licences. BSP further noted that the said closure is subject to re-assessment based on market developments.
BSP may entertain new applications of existing BSFIs who wish to expand operations by offering VASP services. In evaluating these applications, due consideration will also be given to the BSFIs' risk management system, including appropriate client suitability assessment and customer onboarding practices, and intensified financial consumer education and awareness programs. Additionally, existing BSFI applicants must be rated as "stable" in its Supervisory Assessment Framework.
Previously, the BSP imposed a three-stage application process for the issuance of a license to register as a VASP. The stages are as follows: Stage 1 refers to the BSP’s assessment of the applicant’s eligibility; Stage 2 refers to the application for the issuance of a Letter of No Objection for the VASP to register its Articles of Incorporation and By-laws with the Securities and Exchange Commission; and Stage 3 refers to the application for grant of a Licence to operate as VASP and to offer advanced electronic payment and financial services.
Following the modified approach, applications that have been completed or which have passed Stage 2 of the licensing process on or before 31 August 2022, will still be processed and assessed for completeness and sufficiency of documentation or information submitted, as well as compliance with the licensing criteria to operate as a VASP based on Stage 3 requirements. Those applications with incomplete requirements as of 31 August 2022 will no longer be processed, and will be returned and tagged as "closed". Beginning 1 September 2022, BSP will no longer entertain nor accept new applications from non-BSFIs.
The National Privacy Commission ("NPC") has issued NPC Circular No. 2022-01 dated 8 August 2022 regarding the Guidelines on Administrative Fines for data privacy infractions committed by personal information controllers ("PICs") and personal information processors ("PIPs"). NPC Circular No. 2022-01 encourages PICs and PIPs to promote organisational accountability by initiating measures to enhance their compliance with the Data Privacy Act of 2012 ("DPA") to protect the rights of their data subjects.
Any PIC or PIP who violates the provisions of the DPA, its implementing rules and regulations, and relevant issuances of NPC shall be liable for an administrative fine for each infraction. The amount of fine for each infraction shall fall within the ranges from 0.5% to 3% and 0.25% to 2%, respectively, of the annual gross income of the PIC or PIP that committed the infraction. The fine shall be determined by the total number of affected data subjects and the frequency of the commission of the infraction.
The PIC or PIP shall be subject to an administrative fine of not less than PhP 50,000 but not exceeding PhP 200,000 for either of the following: (i) failure to register the true identity or contact details of the PIC, the data processing system, or information on automated decision making; or (ii) failure to provide updated information as to the identity or contact details of the PIC, the data processing system, or information on automated decision making.
PICs or PIPs who refuse to pay the administrative fine under the circular may be subject to a Cease and Desist Order, or other processes or reliefs as NPC may be authorised to initiate pursuant to Section 7 of the DPA, and appropriate contempt proceedings under the Rules of Court.
Republic Act 11904 ("RA 11904") or the Philippine Creative Industries Development Act lapsed into law on 27 July 2022. Primarily, RA 11904 mandates the promotion and development of domestic creative industries by protecting and strengthening the rights and capacities of creative firms, artists, artisans, creators, workers, indigenous cultural communities, content providers and other stakeholders.
Creative industries refer to "trades involving persons, whether natural or juridical, that produce cultural, artistic, and innovative goods and services originating in human creativity, skill, and talent, and having a potential to create wealth and livelihood through the generation and utilisation of intellectual property".
RA 11904 also provides for the formation of the Philippine Creative Industries Development Council ("Council"), which shall be under the guidance of the Department of Trade and Industry. The Council is mandated to implement a long-term plan for the development and promotion of the Philippine creative industries, with programs aimed at creating opportunities and employment, nurturing human resources, ensuring financial-enabling mechanisms, and providing incentives to encourage and sustain Filipino excellence in the creative industries.
With the enactment of RA 11904, the Council, in coordination with national government agencies, is set to formulate the Philippine Creative Industries Development Plan. The plan shall set forth the objectives, targets, strategies, and activities on the development and promotion of creative industries.