2025-02-20

Added

Taiwan Life Insurance Co., Ltd. Fined for Violations of Insurance Act Internal Control Regulations

The Financial Supervisory Commission fined Taiwan Life Insurance Co., Ltd. a total of NT$7.2 million for severe deficiencies in its internal control and audit systems. The penalties were imposed due to the company's failure to implement proper segregation of duties in claims processing, lack of verification in payment operations, and failure to report a major fraud incident as required by law. The fine was calculated based on specific violations of the Implementation Measures for Internal Control and Audit Systems of Insurance Companies.

Financial Supervisory Commission Taiwan logo

Taiwan

Financial Supervisory Commission Taiwan

Click to view thumbnail

Regulatory Information

Back to Homepage

Announcement Information

Penalty Cases

Penalty Cases

FACEBOOK Line Twitter Print-friendly Back to Previous Page

Taiwan Life Insurance Co., Ltd. was found to have violated relevant provisions of the Insurance Act in its insurance business operations. Pursuant to Paragraph 4, Article 171-1 of the Insurance Act, a fine of NT$7,200,000 is imposed.

2025-02-20

  1. Date of Penalty: February 20, 2025 (Year 114)
  2. Penalized Party: Taiwan Life Insurance Co., Ltd.
  3. Unified Business Number: Omitted
  4. Address: Omitted
  5. Name of Representative or Manager: Xu ○○
  6. Address: Omitted
  7. Subject: Your company was found to have violated relevant provisions of the Insurance Act in its insurance business operations. Pursuant to Paragraph 4, Article 171-1 of the Insurance Act, a fine of NT$7,200,000 (hereinafter referred to as "NT$") is imposed.
  8. Facts: (1) For your company's counter-claim cases, claims personnel were allowed to independently accept, register, input into the system, and review claims, without designing relevant control mechanisms. This resulted in violations of the principle of segregation of duties in the design and execution of internal controls, including:
  9. Although the Claims Department maintained a logbook for counter-claim cases, registration was only performed for cases sent to the Operations Center for document scanning. Cases accepted and reviewed directly by claims personnel (i.e., post-scanning cases) were not registered or controlled. This allowed false claim applications to be accepted and input into the system by claims personnel. Furthermore, the company's internal regulations did not design a comparison mechanism between counter cases and system-accepted cases to verify the completeness of claim cases.
  10. Post-scanning cases could be registered in the core system by claims personnel without cross-unit segregation of duties, posing a high risk of fictitious claims. Your company's internal regulations did not specify restrictions on post-scanning cases, allowing claims personnel to arbitrarily input business sources such as on-site, mail, and association alliance cases, all of which could be processed using the post-scanning review method.
  11. Claims acceptance personnel and claims review personnel involved in system registration shared passwords. However, your company did not establish a verification mechanism, rendering the review process ineffective.
  12. Claims personnel could independently input remittance account numbers, contact addresses, and notes to not send SMS notifications into the core system. Consequently, claims personnel exploited the fact that remittance banks only verify account names and numbers, and the system did not verify whether the input contact address matched the data retained in the policyholder core system. They created fictitious claims, remitting claim payments to the account of a high school classmate with the same name as the policyholder. They noted in the system not to send SMS notifications to the policyholder and input incomplete contact addresses. This resulted in the failure to send acceptance/closure SMS notifications to customers as required by internal regulations, and the failure to mail the "Payment Notice" to the policyholder. (2) Your company did not handle the closure and filing of post-scanning cases in accordance with scanning time limit regulations, nor did it have further handling mechanisms. Although tracking and urging were conducted according to internal regulations, claims personnel did not submit closed cases to the authorized scanning personnel, and relevant supervisors did not attach importance to this or propose effective control methods. (3) Your company's payment request operation lacked a mechanism to confirm whether the documents for claim closure were complete. The content of claim payments was automatically generated based on the system registration data of claims personnel. The payment request handler only needed to verify the number of items and amounts to print the payment request form and submit it to the cashier for payment. The accounting department did not review relevant vouchers but directly recorded the entries based solely on the system-approved amounts. (4) Your company experienced a major incidental incident involving claims personnel fraudulently claiming insurance benefits. However, it failed to immediately report to senior management and notify this Commission of the major incidental incident on the day it occurred, as required by laws and internal regulations.
  13. Reasons and Legal Basis: (1) According to Article 5, Paragraph 1, Item 3 of the "Implementation Measures for Internal Control and Audit Systems of Insurance Companies," promulgated under the authorization of Paragraph 1, Article 148-3 of the Insurance Act, insurance companies shall, based on business nature and scale and in accordance with the principle of internal segregation of duties, establish handling procedures for at least the following control operations, and review and revise them in a timely manner: 3. Insurance product claim operations: including accident investigation, review, and payment operations. Regarding Facts 1 and 2 above, your company allowed claims personnel to independently accept, register, system-register, and review claims, lacking internal segregation of duties. It also failed to establish an account login IP verification mechanism, causing the review mechanism to fail to function effectively. This indicates that your company did not establish an effective internal control system for claim operations in accordance with the principle of internal segregation of duties, and failed to implement the internal control operation procedures for the closure, filing, and scanning of claim cases. The facts of the violation are clear, and the circumstances are serious. This is inconsistent with Article 5, Paragraph 1, Item 3 of the "Implementation Measures for Internal Control and Audit Systems of Insurance Companies." Considering that the deficiencies were discovered through your company's self-inspection, the fine was reduced, and pursuant to Paragraph 4, Article 171-1 of the Insurance Act, a fine of NT$4,200,000 is imposed. (2) According to Article 5, Paragraph 1, Item 8 of the "Implementation Measures for Internal Control and Audit Systems of Insurance Companies," promulgated under the authorization of Paragraph 1, Article 148-3 of the Insurance Act, insurance companies shall, based on business nature and scale and in accordance with the principle of internal segregation of duties, establish handling procedures for at least the following control operations, and review and revise them in a timely manner: 8. Control operations regarding accounting, general affairs, resources, personnel management, and other various businesses. Regarding Fact 3 above, your company's payment request and accounting operations did not confirm the existence of external vouchers such as claim documents before directly requesting payment and recording entries. This indicates that your company failed to implement the internal control operation procedures for payment requests and accounting. The facts of the violation are clear. This is inconsistent with Article 5, Paragraph 1, Item 8 of the "Implementation Measures for Internal Control and Audit Systems of Insurance Companies." Pursuant to Paragraph 4, Article 171-1 of the Insurance Act, a fine of NT$1,800,000 is imposed. (3) According to Article 5, Paragraph 1, Item 12 of the "Implementation Measures for Internal Control and Audit Systems of Insurance Companies," promulgated under the authorization of Paragraph 1, Article 148-3 of the Insurance Act, insurance companies shall, based on business nature and scale and in accordance with the principle of internal segregation of duties, establish handling procedures for at least the following control operations, and review and revise them in a timely manner: 12. Handling mechanisms for major incidental incidents. Regarding Fact 4 above, your company failed to immediately report to senior management and notify this Commission of the major incidental incident on the day it occurred, as required by laws and internal regulations. This indicates that your company failed to implement the internal control operation procedures for major incidental incidents. The facts of the violation are clear. This is inconsistent with Article 5, Paragraph 1, Item 12 of the "Implementation Measures for Internal Control and Audit Systems of Insurance Companies." Pursuant to Paragraph 4, Article 171-1 of the Insurance Act, a fine of NT$1,200,000 is imposed.
  14. Payment Method: (1) Payment Deadline: Payment must be made within 10 days from the day following the service of this decision. (2) Please follow the instructions on the payment slip attached by this Commission for payment.
  15. Important Notes: (1) If the penalized party disagrees with this decision, they must, within 30 days from the day following the service of this decision, prepare an appeal petition in accordance with Paragraph 1, Article 58 of the Administrative Appeal Act and submit it to the Administrative Yuan via this Commission (18th Floor, No. 7, Section 2, Xianmin Avenue, Banqiao District, New Taipei City). However, pursuant to Paragraph 1, Article 93 of the Administrative Appeal Act, unless otherwise provided by law, filing an appeal does not suspend the execution of this decision. The penalized party must still pay the fine. (2) If the penalized party fails to pay the fine within the payment deadline specified in this decision, the case will be transferred to the various branches of the Administrative Enforcement Agency of the Ministry of Justice for administrative enforcement, pursuant to the proviso of Paragraph 1, Article 4 of the Administrative Enforcement Act.

Number of Views: 32,807

Last Updated: 2025-02-20

:::

Privacy Policy Statement │ Information Security Policy Statement │ Website Data Openness Declaration │ Subscribe to Newsletter │ Latest Newsletter

Financial Supervisory Commission. All Rights Reserved. 220232 No. 7, Section 2, Xianmin Avenue, Banqiao District, New Taipei City

FSC Electronic Map

Telephone: (02) 8968-0899 Fax: (02) 8969-1215

FSC New York Representative Office: 1 E. 42 Street, 13F, New York, NY 10017, U.S.A. Contact Telephone: (1-212) 317-7326

FSC London Representative Office: 46-48 Grosvenor Gardens, London SW1W 0EB, UK. Contact Telephone: (44-20) 7628-1501

If you have specific suggestions for improving this Commission's global information network, please email us. Thank you.

Last Updated: 2026-07-09

Visitor Count: 61,478,092

Back to Top