Organizations and individuals with different positions, roles, functions and powers carry out together, aiming to transform the will of the State and the people into legal regulations based on certain principles and expressed in certain legal forms, mainly legal documents. 197 It is a collective decision-making process with the participation and involvement of many related subjects, including those who summarize practices, those who draft, comment, and evaluate, those who are directly affected by the document and those who have the right to vote. Through legal documents 198 , law enforcement is the process of implementing promulgated legal regulations into practical life through the legal acts of subjects in social life and it is also a very complex system of problems because law enforcement is not only the responsibility of state agencies but also the responsibility of the whole society. Law enforcement depends on many factors such as the level of perfection of the legal system; the position and role of tools and measures to support the law enforcement process of state administrative agencies, courts, and people's procuracies; the effectiveness and deterrence level of applying sanctions to violations of the law as well as the legal awareness of law enforcement subjects...
Law enforcement is most generally understood as the activity of implementing and enforcing the law. In a narrow sense, law enforcement is only the activity of state management agencies in applying and enforcing the law. But that understanding is one-sided and incomplete because the law is a common standard and everyone in society must comply with it. Therefore, law enforcement must be the activity of implementing and obeying the law by everyone. 199
In essence, law enforcement is always the legal acts of subjects - objects affected by legal documents and competent state agencies to support subjects in understanding and applying legal regulations to their circumstances and situations. Law enforcement is considered as the entire systematic and purposeful acts of subjects to implement legal regulations into practice.
Maybe you are interested!
-
Practice of Determining the Crime of Resisting a Law Enforcement Officer According to the CU Increases the Aggravated Penalty -
Implementing the Law on Emulation and Rewards Contributes to Ensuring an Effective and Substantial Environment for Emulation and Rewards -
Law Enforcement Practices on the Organization and Operation of Private Hospitals -
Improving the Quality of Law Enforcement in Investigation, Prosecution, and Trial of Crimes of Violating State Secrets -
Control of Law Enforcement Activities of State Agencies
197 Nguyen Minh Doan (2011), Building and perfecting the Vietnamese legal system in the context of housing construction
Socialist rule of law state, National Political Publishing House, Hanoi, p.13
198 Nguyen Van Cuong, Tlđd
199 Trinh Anh Tuan, Solutions to improve the effectiveness of competition law enforcement in Vietnam, PhD thesis in Economics, Institute of Trade Research - Ministry of Industry and Trade, Hanoi, 2015, p.27 .
life through compliance with the law, enforcement of the law, use of the law, application of the law (ADPL). In other words, in the method of performing legal acts, law enforcement is understood as synonymous with law implementation. However, the connotation of the concept of law enforcement, in addition to the method of performing acts as mentioned above, the concept of law enforcement also includes the contents of subjects and measures to ensure law enforcement.
Thus, the enforcement of the law on customer information confidentiality in banking activities is the sum of the legal and purposeful acts of the subjects related to customer information confidentiality activities in banking activities to concretize the legal provisions on the obligation to secure customer information into the practice of banking activities to protect the rights of customers, enhance the responsibility of the subjects directly holding the confidentiality of customer information; create a mechanism to monitor the enforcement of the law on the obligation to secure customer information of the related subjects according to the law in ensuring the confidentiality of customer information.
4.1.2. Contents of law enforcement on ensuring confidentiality of customer information in banking activities
4.1.2.1. Subjects and methods of law enforcement on information security of
client
One is the state management agency of currency and banking activities.
The purpose of enforcing the law on customer information security in banking activities of the State management agency on currency and banking activities is to establish a legal framework for customer information security in banking activities, and at the same time apply measures to enhance the effective enforcement of the law on customer information security in banking activities, in order to contribute to ensuring the safe development of banking activities and the system of credit institutions. Therefore, the method of enforcing the law on customer information security in banking activities of this agency is carried out through the main activities: promulgating legal documents, documents applying the law and direct intervention measures when performing its functions and tasks.
Second, enforce the law on customer information security for direct subjects.
continue to keep customer information confidential
When customers conduct transactions with credit institutions, employees, managers, operators of credit institutions, foreign bank branches - entities that have direct relationships with
Customers will possess a lot of important information about customers. Therefore, the enforcement of the law on customer information security by this subject is also reflected in the enforcement /compliance with, and compliance with banking law regulations on customer information security. This means that while enforcing the law on customer information security, these subjects must restrain themselves, not act or make illegal agreements; not perform or commit to things that are strictly prohibited by law; the implementation must always be voluntary, restraining from performing acts that violate the law on security.
In addition, credit institutions must actively implement regulations on customer information security by specifying or prescribing additional internal documents such as credit handbooks or credit manuals; prescribing this confidentiality obligation in contracts or commitments to customers in model contracts in accordance with legal regulations to enforce the law on customer information security.
Third is to enforce the law on customer information security for third parties.
related
During the banking operation process, not only credit institutions hold confidential information of customers but also many entities for different reasons such as: being permitted by law to request information or with the consent of customers, 200 being authorized by customers; due to professional activities... also obtain customer information. These entities can be state auditors, state auditors; individuals authorized by account owners to request information within the scope of authorization; General Director of the deposit insurance organization when this organization exercises its rights and obligations; State agencies have the right to request information to perform their duties during the investigation, prosecution, trial and execution of judgments, ... and other entities mentioned in the limited content of the obligation to ensure confidentiality of customer information in the Banking Law - this third group of entities must also fulfill the obligation to protect customer information by complying with the obligation to protect information that they know in their professional activities, and performing tasks authorized by the information owner.
Fourth, enforce the law on customer information security.
200 Clause 3 Article 14 Law on Credit Institutions 2010
The enforcement of the law on information security of this subject is demonstrated through the use of the right to publish or share its confidential information or agree on information that needs to be kept confidential; in addition, this subject can also use the right to complain and sue when the subjects holding confidential information violate their right to information security; at the same time, customers must also fulfill their obligations and agreements in keeping their own information confidential. This content also has an impact on the effectiveness of the enforcement of the law on customer information security, because when transacting with credit institutions, customers themselves must also fulfill the obligation to keep information related to their deposits and transactions confidential, and at the same time, customers must be careful in using their rights related to providing confidential information to the subjects authorized to conduct transactions with credit institutions; customers must be proactive in keeping their own information confidential.
Thus, it can be seen that the enforcement of the law on customer information security does not stop at the provisions on the enforcement of the law on customer information security of the entities directly providing banking products and services to customers and customers, but it must also be the obligation of the third party involved in keeping customer information confidential during its operations and of the state management agency on banking activities. The entities must normally simultaneously implement legal regulations in many different forms with different nature, scope, and level of implementation of each form.
4.1.2.2. Measures to ensure law enforcement on customer information security
Measures to enforce the law on customer information security are the methods and procedures that relevant entities must implement to ensure effective enforcement of the law on customer information security in banking activities in practice. Measures to enforce the law on customer information security may include the following specific measures:
Firstly, measures to encourage the subjects directly holding customer information to fulfill their obligations. In addition to the guiding regulations in the enforcement of the law on customer information security, lawmakers, state management agencies on currency and banking activities have also stipulated measures to encourage credit institutions to prescribe additional or specific legal regulations, equip and apply modern technical means to ensure the enforcement of the law on information security.
customer information
Second, preventive measures. Through regular, ad hoc or thematic inspections, checks and supervisions, the State Bank has reviewed and evaluated the implementation of laws on customer information security by credit institutions, discovered limitations and shortcomings in management mechanisms, policies and laws to propose remedial measures. This measure contributes to preventing, detecting and promptly handling violations of confidentiality obligations, ensuring that credit institutions strictly comply with legal regulations on customer information security.
Third, apply sanctions to handle violations of the law on customer information security. In the process of enforcing the law on customer information security, credit institutions may intentionally or unintentionally violate the law on customer information security. Therefore, these acts need to be handled and strict sanctions applied to deter violators. Applying these measures will contribute to preventing and limiting violations of information security obligations, causing harm to the rights and legitimate interests of customers, the national credit system and the effectiveness of state management.
4.1.3 Factors affecting the enforcement of information security laws
customers in banking
One is the political and legal environment.
The political and legal environment ensures the enforcement of laws on customer information security, including political orientations related to customer information security in the correlation between customer information security requirements and the provision of customer information in some legal cases in accordance with the interests of the subjects participating in this relationship.
The legal framework on customer information security must contain rules of conduct for entities to exercise their rights and obligations. The level of clarity, specificity and feasibility of the law on customer information security determines the implementation of the law on customer information security in banking activities.
Second, awareness of the right to information security and institutions to ensure customers' rights to information security
Customers are the most important people in the economy and every business is only successful when customers are satisfied. This is the reason why businesses always consider customers as
God. As a God, the customer has many rights, of which the important rights related to customer information include the following rights:
(i) Right to be informed. The credit institution shall provide full information related to the products and services it provides in a transparent, simplified and honest manner. The credit institution shall explain to the customer all terms related to information confidentiality before executing any agreement or entering into any contract.
(ii) The right to be guaranteed safety when participating in transactions and using products and services. Credit institutions must strictly comply with current legal regulations and internal regulations to ensure a safe and favorable environment, without threats to the safety of assets, deposits and benefits of customers when participating in transactions and using products and services of credit institutions.
(iii) Right to information confidentiality. 201 Credit institution employees and credit institutions must keep customer information confidential and must not disclose customer account information, deposits and other transactions to third parties except for certain limitations prescribed by law; credit institutions must also protect customer information from unauthorized access by third parties.
(iv) The right to request compensation for damages, make complaints, denunciations, file lawsuits or request social organizations to file lawsuits to protect their rights according to the provisions of this Law and other relevant legal provisions. 202
Customers need to be clearly aware of their rights when participating in banking activities and use their rights in case of violations by credit institutions.
A country's legal system should provide and enforce mechanisms for consumers to lodge complaints or petitions with the courts when there are reasonable grounds to believe that their rights have been violated.
Third, the sense of responsibility of credit institutions and their employees in keeping customer information confidential.
Customer information confidentiality is a legal obligation that credit institutions and their employees must comply with. 203 In order to fulfill their obligations well, managers and employees of credit institutions must be clearly aware of their obligations and respect their commitments to customers.
201 This right is stipulated in Article 14 of the Law on Credit Institutions 2010 - Information Confidentiality and Article 6 of the Law on Consumer Protection 2010 - Protection of Consumer Information.
202 Clause 6, 7 Article 8 Law on Consumer Rights Protection 2010
203 Article 14 Law on Credit Institutions 2010
The violations of these entities, the lack of awareness and responsibility of these entities will greatly affect the trust of customers, thereby affecting banking activities, the safety of the national credit system and the effectiveness of state management. Therefore, training and raising the awareness of managers and employees of credit institutions is necessary to ensure the safety of credit institutions' operations and will create a competitive advantage over other competitors in the current globalization trend.
Fourth, inspection, supervision and handling of violations of the law on customer information confidentiality obligations in banking activities.
Inspection, 204 banking supervision, 205 handling of violations of the law on currency and banking according to the provisions of law 206 are the tasks and powers prescribed by the Law on the State Bank of Vietnam for the SBV to perform in the process of performing its functions. This is completely consistent with the purpose of banking inspection and supervision, which is to contribute to ensuring the safe and healthy development of the system of credit institutions and the financial system; protect the legitimate rights and interests of depositors and customers of credit institutions; maintain and enhance public confidence in the system of credit institutions; ensure compliance with policies and laws on currency and banking; contribute to improving the efficiency and effectiveness of state management in the field of currency and banking. 207 Violations in the field of organization, administration and management of credit institutions are also subject to sanctions. 208
In summary, the enforcement of the law on customer information security in banking activities is the process of transforming from “law on paper” to “law in action” of the relevant entities in the banking process. This is a complex process that depends on many entities and many different conditions. The above theoretical issues are the basis for analyzing and evaluating the current status of law enforcement on customer information security, thereby recommending the improvement of related legal regulations and proposing solutions to ensure the enforcement of the law on customer information security in banking activities in Vietnam.
204 Banking inspection is the inspection activity of the State Bank of Vietnam towards the subjects of banking inspection in compliance with the law on currency and banking (Clause 11, Article 6, Law on the State Bank of Vietnam 2010)
205 Banking supervision is the activity of the State Bank in collecting, synthesizing, and analyzing information on banking supervision subjects through information and reporting systems to prevent, detect, stop, and promptly handle risks that cause unsafe banking operations, violations of regulations on safety of banking operations, and other relevant legal provisions. (Clause 12, Article 6 of the Law on the State Bank of Vietnam 2010)
206 Clause 11 Article 4 Law on State Bank of Vietnam 2010
207 Article 50 Law on State Bank of Vietnam 2010
208 Article 6, Article 7, Article 8 of Decree 88/2019/ND-CP dated November 14, 2019 of the Government stipulating administrative sanctions for violations in the monetary and banking sector.
4.2. Current status of law enforcement on customer information security in banking activities
4.2.1. Enforcement of laws on ensuring confidentiality of agency customer information
State management of currency and banking activities
Enforcement of the law on customer information security in the banking sector by the state management agency of currency and banking activities is reflected in the following specific activities:
4.2.2.1. Institutionalize legal regulations on ensuring customer information confidentiality.
goods in banking activities
With the position, function of performing the tasks and powers of the government in economic management and development; 209 performing the function of state management of currency, banking activities and foreign exchange; performing the function of the Central Bank on issuing money, banking of credit institutions and providing monetary services to the Government, state management of public services under the management of the State Bank; 210 and performing the function of the leader of the Government, leader of the State Bank; The Government, the State Bank of Vietnam, the Governor of the State Bank of Vietnam have issued many documents to specify management activities in the banking sector.
Right from the first years of operation of the commercial banking system, based on the provisions of the Law on Credit Institutions 1997, specifically in Article 17 on “ensuring the confidentiality of customers’ deposit balances” 211 and Article 104 on “ refusing requests from organizations and individuals to provide information related to customers’ deposits and assets…” .212 The Government passed Decree No. 70/2000/ND-CP to provide more detailed regulations and affirm that credit institutions have the “obligation” to refuse to provide customer information and the content of information that needs to be kept confidential is also expanded from customers’ deposit balances to all information related to customers’ deposits and assets. At the same time, to put this regulation into practice, the State Bank issued Circular No. 02/2001/TT-NHNN dated April 4, 2001, Decision No. 1004/2001/QD-NHNN dated August 8, 2001 on amending Section a, Point 2.2, Section II of Circular 02 and consolidated document No. 08/VBHN dated May 21, 2014 to guide
209 Article 8 Law on Organization of Government 2015
210 Article 1 Decree No. 156/2013/ND-CP dated November 11, 2013 of the Government on the functions, tasks, powers and organizational structure of the State Bank of Vietnam
211 Clause 3 Article 17 Law on Credit Institutions 1997
212 Clause 2 Article 104 Law on Credit Institutions 1997