2026-01-22
Added
The Financial Supervisory Commission imposed a total fine of NT$3.95 million on Sino Life Insurance Co., Ltd. for violations of the Insurance Act and the Personal Data Protection Act identified during a general business inspection. The penalties stem from the company's failure to implement effective internal controls in real estate investment and management, as well as breaches of data privacy regarding excessive data retention and inadequate access controls for sales staff. The regulator mandated a one-month deadline for the company to rectify these deficiencies.
Regulatory Information
:::
Back to Homepage
Announcement Information
Penalty Cases
Penalty Cases
_
Line
Printer-Friendly Version
Back to Previous Page
The missing items listed in the General Business Inspection Report (Reference No.: 112I040) of Sino Life Insurance Co., Ltd. constitute violations of relevant provisions of the Insurance Act and the Personal Data Protection Act. Pursuant to Article 171-1, Paragraph 4 of the Insurance Act, a fine of NT$3.6 million (hereinafter the same) is imposed, and pursuant to Article 47, Paragraph 2, and Article 48, Paragraph 2 of the Personal Data Protection Act, a fine of NT$350,000 is imposed, with a deadline of one month to make corrections.
2026-01-22
Financial Supervisory Commission
Penalty Decision
Addressee: As listed on the original and copy
Date of Issue: January 22, 2026 (Republic of China Year 115)
Document Number: Jin Guan Bao Shou Zi No. 11504903022
Penalized Party: Sino Life Insurance Co., Ltd.
Unified Business Number: Omitted
Address: Omitted
Legal Representative or Manager: Wei OO
Address: Omitted
Subject: This Commission's General Business Inspection Report (Reference No.: 112I040) identified missing items in your company's operations that constitute violations of relevant provisions of the Insurance Act and the Personal Data Protection Act. Pursuant to Article 171-1, Paragraph 4 of the Insurance Act, a fine of NT$3.6 million (hereinafter the same) is imposed, and pursuant to Article 47, Paragraph 2, and Article 48, Paragraph 2 of the Personal Data Protection Act, a fine of NT$350,000 is imposed, with a deadline of one month to make corrections.
Facts:
(1) In operations involving the acquisition, development, or subsequent modification of real estate, proposals for real estate lease conditions were changed directly according to the opinion of the Chairman of the Real Estate Investment Management Committee after resolution by the committee, without re-discussion, before being submitted to the company's Audit Committee and Board of Directors for deliberation; and in the case of investment benefits for land use rights, a report was signed and submitted to the Chairman for approval before being submitted to the Board of Directors for deliberation, according to the resolution of the Real Estate Investment Management Committee. These decision-making processes did not comply with your company's prescribed internal control regulations.
(2) Your company entrusted OO Apartment Building Management and Maintenance Co., Ltd. (hereinafter referred to as OO Apartment) to manage its self-used real estate. It was found that OO Apartment used the managed real estate for无偿 (free) use by interested parties without your company's consent; however, your company's review of outsourced matters failed to detect this.
(3) In real estate investment business, your company did not strictly execute pre-investment assessment analysis operations, including failing to prudently evaluate factors such as supply and demand, vacancy risks, and development feasibility in the invested regions. This resulted in significant subsequent plan changes, abandonment of original designs, and the need to re-apply for changes to building permits, causing delays in real estate investment development and increasing additional development costs.
Reasons and Legal Basis:
According to Article 5, Paragraph 1, Item 4 of the "Implementation Measures for Internal Control and Audit Systems of Insurance Companies," promulgated under the authorization of Article 148-3, Paragraph 1 of the Insurance Act, insurance companies shall, according to business nature and scale, formulate various fund operation procedures including overall investment policies, acquisition, custody, disposal, and interested party transaction norms for various investment assets, based on the principle of internal check, and shall review and revise them in a timely manner. Regarding Fact 1 above, your company failed to properly implement its internal control system in real estate-related operations, including: failing to properly implement internal control decision-making procedures for the acquisition, development, or subsequent modification of real estate, which is unfavorable to the assessment and decision-making of the company's overall real estate development cases; failing to properly implement investment management and review controls for outsourced real estate management matters; and failing to strictly execute pre-investment assessment analysis for real estate investment, including failing to prudently evaluate factors such as supply and demand, vacancy risks, and development feasibility in the invested regions, resulting in the abandonment of original designs and the need to re-apply for changes to building permits, causing delays in real estate investment development and increasing additional development costs. This indicates that the internal control system established by your company did not function effectively, and the violation is serious. This is inconsistent with Article 5, Paragraph 1, Item 4 of the "Implementation Measures for Internal Control and Audit Systems of Insurance Companies" promulgated under the authorization of Article 148-3, Paragraph 1 of the Insurance Act. Pursuant to Article 171-1, Paragraph 4 of the Insurance Act, a fine of NT$3.6 million is imposed.
According to Article 19, Paragraph 1 of the Personal Data Protection Act in effect at the time, non-governmental agencies collecting or processing personal data, except for the data specified in Article 6, Paragraph 1, must have a specific purpose and obtain the consent of the party concerned; Article 27, Paragraph 3 of the Personal Data Protection Act authorizes the "Financial Supervisory Commission Designated Non-Governmental Agency Personal Data File Security Maintenance Measures," Articles 9 and 12, which stipulate that non-governmental agencies must take data security management measures to maintain the security of personal data they possess, and appropriate measures to prevent data leakage should be taken for the use of various equipment; non-governmental agencies must, to maintain the security of all personal data, set permissions for relevant personnel to access personal data according to the necessity of executing business, control their access, and agree on confidentiality obligations with their personnel. Regarding Fact 2 above, your company's service contract with OO Company and related operational processes exceeded the scope of data sharing consented to by the party concerned. The violation is clear, and this is inconsistent with Article 19, Paragraph 1 of the "Personal Data Protection Act." Pursuant to Article 47, Paragraph 2 of the "Personal Data Protection Act," a fine of NT$250,000 is imposed, with a deadline of one month to make corrections. Additionally, your company's business staff portal website failed to properly implement personnel account permission control mechanisms. The violation is clear, and this is inconsistent with Articles 9 and 12 of the "Financial Supervisory Commission Designated Non-Governmental Agency Personal Data File Security Maintenance Measures" promulgated under the authorization of Article 27, Paragraph 3 of the "Personal Data Protection Act." Pursuant to Article 48, Paragraph 2 of the "Personal Data Protection Act," a fine of NT$100,000 is imposed, with a deadline of one month to make corrections.
Payment Method:
Notes:
Original: Sino Life Insurance Co., Ltd. (Representative: Mr. Wei OO)
Copy: This Commission's Inspection Bureau, Insurance Bureau
Page Views: 12421
Last Updated: 2026-01-22
:::
Privacy Policy Declaration |
Information Security Policy Declaration |
This Commission's Website Data Openness Declaration |
Subscribe to Newsletter |
Latest Newsletter
Financial Supervisory Commission Copyright 220232 18th Floor, No. 7, Section 2, Xianmin Avenue, Banqiao District, New Taipei City
FSC Electronic Map
Phone: (02) 8968-0899
Fax: (02) 8969-1215
This Commission's Representative Office in New York: 1 E. 42 Street, 13F, New York, NY 10017, U.S.A. Contact Phone: (1-212) 317-7326
This Commission's Representative Office in London: 46-48 Grosvenor Gardens, London SW1W 0EB, UK Contact Phone: (44-20) 7628-1501
If you have specific suggestions for improving this Commission's global information network, please email us. Thank you.
Last Updated: 2026-07-09
Visitor Count: 61478092
Back to Top