Dear PAO,
I was scammed by a caller posing as a bank employee. The caller tricked me into disclosing my personal information and one-time password (OTP), which allowed the scammer to transfer P 50,000 to his bank account. May I request the name of the account holder to whom the money was transferred, as well as any other relevant information? I need these details to file the appropriate case. Thank you.
Izi
Dear Izi,
The issue raised is governed by Republic Act (RA) 10175, otherwise known as the Cybercrime Prevention Act of 2012, and RA 1405, or the Law on the Secrecy of Bank Deposits.
RA 10175 recognizes the necessity of protecting and safeguarding the integrity of computer systems and databases, as well as the confidentiality, integrity, and availability of information and data stored therein, against all forms of misuse, abuse, and illegal access. The same law penalizes acts that compromise computer data and systems. On the other hand, RA 1405 makes it unlawful for any official or employee of a banking institution to disclose to any person any information concerning bank deposits, subject to specific exceptions provided by law.
In Eastwest Rural Bank v. Philippine National Police Anti-Cybercrime Group, Regional Anti-Cybercrime Unit 1 (G.R. No. 273720, July 29, 2025), the Supreme Court, through Associate Justice Ramon Paul L. Hernando, clarified the relationship between these two statutes. The Court held that while the Cybercrime Prevention Act underscores the protection of data confidentiality, it likewise acknowledges that certain legitimate circumstances necessitate the disclosure of information, viz.:
“Ultimately, the Court determines that while the Bank Secrecy Law mandates protection of the financial details of deposits, it does not prevent the disclosure of basic identifying information in accordance with the provisions of the Cybercrime Prevention Act. This interpretation allows for a balanced approach to privacy rights and the need for disclosures, as may be allowed by law, facilitating compliance with both statutes in a manner that upholds the intent behind the Bank Secrecy Law while allowing necessary transparency in cases governed by the Cybercrime Prevention Act, particularly in the prosecution of cyber-related offenses such as hacking, identity theft, cybersex, child pornography, and online libel”
In the same case, the High Court emphasized that the Cybercrime Prevention Act expressly allows the disclosure of information under defined and strictly regulated circumstances. Specifically, the following requisites must be satisfied to permit disclosure:
“(1) a court warrant issued upon a written application demonstrating reasonable grounds to believe that any of the crimes enumerated in the Act has been, is being, or is about to be committed, that the evidence to be obtained is essential to the conviction of any person for, or to the solution of, or to the prevention of, any such crimes, and that there are no other means readily available for obtaining such evidence;
"(2) the existence of a valid complaint officially docketed and assigned for investigation, where the disclosure is demonstrably necessary and relevant to the investigation; and
"(3) prior authorization by a court through a warrant to disclose computer data (WDCD), strictly limiting the disclosed information to that specifically permitted under the Cybercrime Prevention Act, namely subscriber information and relevant traffic data held by the service provider.”
Applying these principles to your case, you may file a complaint with the Philippine National Police Anti-Cybercrime Group (PNP-ACG). Upon evaluation, the PNP-ACG may apply for a Warrant to Disclose Computer Data for violations of the Cybercrime Prevention Act. If the warrant is granted by the court, the bank will be legally compelled to release the relevant information pertaining to the account to which your funds were transferred. Upon identification of the account holder, you may then file a criminal case against the person responsible.
We hope that we were able to answer your queries. This advice was based solely on the facts you have narrated and our appreciation of the same. Our opinion may vary when other facts are changed or elaborated.
Thank you for your continued trust and support.