2026-01-22

Added

Financial Supervisory Commission Penalty Decision Against Sino Life Insurance Co., Ltd. (Ref: 112I040)

The Financial Supervisory Commission imposed a total fine of NT$3.95 million on Sino Life Insurance Co., Ltd. for violations of the Insurance Act and the Personal Data Protection Act identified during a general business inspection. The penalties stem from the company's failure to implement effective internal controls in real estate investment and management, as well as breaches of data privacy regarding excessive data retention and inadequate access controls for sales staff. The regulator mandated a one-month deadline for the company to rectify these deficiencies.

Financial Supervisory Commission Taiwan logo

Taiwan

Financial Supervisory Commission Taiwan

Click to view thumbnail

Regulatory Information

:::

Back to Homepage

Announcement Information

Penalty Cases

Penalty Cases

_

FACEBOOK

Line

Twitter

Printer-Friendly Version

Back to Previous Page

The missing items listed in the General Business Inspection Report (Reference No.: 112I040) of Sino Life Insurance Co., Ltd. constitute violations of relevant provisions of the Insurance Act and the Personal Data Protection Act. Pursuant to Article 171-1, Paragraph 4 of the Insurance Act, a fine of NT$3.6 million (hereinafter the same) is imposed, and pursuant to Article 47, Paragraph 2, and Article 48, Paragraph 2 of the Personal Data Protection Act, a fine of NT$350,000 is imposed, with a deadline of one month to make corrections.

2026-01-22

Financial Supervisory Commission

Penalty Decision

Addressee: As listed on the original and copy

Date of Issue: January 22, 2026 (Republic of China Year 115)

Document Number: Jin Guan Bao Shou Zi No. 11504903022

Penalized Party: Sino Life Insurance Co., Ltd.

Unified Business Number: Omitted

Address: Omitted

Legal Representative or Manager: Wei OO

Address: Omitted

Subject: This Commission's General Business Inspection Report (Reference No.: 112I040) identified missing items in your company's operations that constitute violations of relevant provisions of the Insurance Act and the Personal Data Protection Act. Pursuant to Article 171-1, Paragraph 4 of the Insurance Act, a fine of NT$3.6 million (hereinafter the same) is imposed, and pursuant to Article 47, Paragraph 2, and Article 48, Paragraph 2 of the Personal Data Protection Act, a fine of NT$350,000 is imposed, with a deadline of one month to make corrections.

Facts:

  1. Your company failed to properly implement its internal control system regarding the decision-making procedures for the acquisition, development, or subsequent modification of real estate, real estate management operations, and pre-investment assessment analysis, including:

(1) In operations involving the acquisition, development, or subsequent modification of real estate, proposals for real estate lease conditions were changed directly according to the opinion of the Chairman of the Real Estate Investment Management Committee after resolution by the committee, without re-discussion, before being submitted to the company's Audit Committee and Board of Directors for deliberation; and in the case of investment benefits for land use rights, a report was signed and submitted to the Chairman for approval before being submitted to the Board of Directors for deliberation, according to the resolution of the Real Estate Investment Management Committee. These decision-making processes did not comply with your company's prescribed internal control regulations.

(2) Your company entrusted OO Apartment Building Management and Maintenance Co., Ltd. (hereinafter referred to as OO Apartment) to manage its self-used real estate. It was found that OO Apartment used the managed real estate for无偿 (free) use by interested parties without your company's consent; however, your company's review of outsourced matters failed to detect this.

(3) In real estate investment business, your company did not strictly execute pre-investment assessment analysis operations, including failing to prudently evaluate factors such as supply and demand, vacancy risks, and development feasibility in the invested regions. This resulted in significant subsequent plan changes, abandonment of original designs, and the need to re-apply for changes to building permits, causing delays in real estate investment development and increasing additional development costs.

  1. Your company's service contract with OO Company retained data beyond the scope of customer consent for sharing, and failed to establish a control mechanism for business staff portal website account permissions.

Reasons and Legal Basis:

  1. According to Article 5, Paragraph 1, Item 4 of the "Implementation Measures for Internal Control and Audit Systems of Insurance Companies," promulgated under the authorization of Article 148-3, Paragraph 1 of the Insurance Act, insurance companies shall, according to business nature and scale, formulate various fund operation procedures including overall investment policies, acquisition, custody, disposal, and interested party transaction norms for various investment assets, based on the principle of internal check, and shall review and revise them in a timely manner. Regarding Fact 1 above, your company failed to properly implement its internal control system in real estate-related operations, including: failing to properly implement internal control decision-making procedures for the acquisition, development, or subsequent modification of real estate, which is unfavorable to the assessment and decision-making of the company's overall real estate development cases; failing to properly implement investment management and review controls for outsourced real estate management matters; and failing to strictly execute pre-investment assessment analysis for real estate investment, including failing to prudently evaluate factors such as supply and demand, vacancy risks, and development feasibility in the invested regions, resulting in the abandonment of original designs and the need to re-apply for changes to building permits, causing delays in real estate investment development and increasing additional development costs. This indicates that the internal control system established by your company did not function effectively, and the violation is serious. This is inconsistent with Article 5, Paragraph 1, Item 4 of the "Implementation Measures for Internal Control and Audit Systems of Insurance Companies" promulgated under the authorization of Article 148-3, Paragraph 1 of the Insurance Act. Pursuant to Article 171-1, Paragraph 4 of the Insurance Act, a fine of NT$3.6 million is imposed.

  2. According to Article 19, Paragraph 1 of the Personal Data Protection Act in effect at the time, non-governmental agencies collecting or processing personal data, except for the data specified in Article 6, Paragraph 1, must have a specific purpose and obtain the consent of the party concerned; Article 27, Paragraph 3 of the Personal Data Protection Act authorizes the "Financial Supervisory Commission Designated Non-Governmental Agency Personal Data File Security Maintenance Measures," Articles 9 and 12, which stipulate that non-governmental agencies must take data security management measures to maintain the security of personal data they possess, and appropriate measures to prevent data leakage should be taken for the use of various equipment; non-governmental agencies must, to maintain the security of all personal data, set permissions for relevant personnel to access personal data according to the necessity of executing business, control their access, and agree on confidentiality obligations with their personnel. Regarding Fact 2 above, your company's service contract with OO Company and related operational processes exceeded the scope of data sharing consented to by the party concerned. The violation is clear, and this is inconsistent with Article 19, Paragraph 1 of the "Personal Data Protection Act." Pursuant to Article 47, Paragraph 2 of the "Personal Data Protection Act," a fine of NT$250,000 is imposed, with a deadline of one month to make corrections. Additionally, your company's business staff portal website failed to properly implement personnel account permission control mechanisms. The violation is clear, and this is inconsistent with Articles 9 and 12 of the "Financial Supervisory Commission Designated Non-Governmental Agency Personal Data File Security Maintenance Measures" promulgated under the authorization of Article 27, Paragraph 3 of the "Personal Data Protection Act." Pursuant to Article 48, Paragraph 2 of the "Personal Data Protection Act," a fine of NT$100,000 is imposed, with a deadline of one month to make corrections.

Payment Method:

  1. Payment Deadline: Payment must be made within 10 days from the day following the service of this decision.
  2. Please follow the payment instructions attached to the payment slip by the Insurance Bureau of this Commission.

Notes:

  1. If the penalized party disagrees with this decision, they must, within 30 days from the day following the service of this decision, prepare an appeal petition pursuant to Article 58, Paragraph 1 of the Administrative Remedy Act and submit it to the Administrative Yuan via this Commission (18th Floor, No. 7, Section 2, Xianmin Avenue, Banqiao District, New Taipei City). However, pursuant to Article 93, Paragraph 1 of the Administrative Remedy Act, unless otherwise provided by law, filing an appeal does not suspend the execution of this decision, and the penalized party must still pay the fine.
  2. If the penalized party fails to pay the fine within the payment deadline specified in this decision, the case will be transferred to the various sub-bureaus of the Administrative Enforcement Agency of the Ministry of Justice for administrative enforcement, pursuant to the proviso of Article 4, Paragraph 1 of the Administrative Enforcement Act.

Original: Sino Life Insurance Co., Ltd. (Representative: Mr. Wei OO)

Copy: This Commission's Inspection Bureau, Insurance Bureau

Page Views: 12421

Last Updated: 2026-01-22

:::

Privacy Policy Declaration |

Information Security Policy Declaration |

This Commission's Website Data Openness Declaration |

Subscribe to Newsletter |

Latest Newsletter

Financial Supervisory Commission Copyright 220232 18th Floor, No. 7, Section 2, Xianmin Avenue, Banqiao District, New Taipei City

FSC Electronic Map

Phone: (02) 8968-0899

Fax: (02) 8969-1215

This Commission's Representative Office in New York: 1 E. 42 Street, 13F, New York, NY 10017, U.S.A. Contact Phone: (1-212) 317-7326

This Commission's Representative Office in London: 46-48 Grosvenor Gardens, London SW1W 0EB, UK Contact Phone: (44-20) 7628-1501

If you have specific suggestions for improving this Commission's global information network, please email us. Thank you.

Last Updated: 2026-07-09

Visitor Count: 61478092

Back to Top