Computer-Related Fraud Under RA 10175: Elements, Penalties, and Examples

Computer-related fraud under Republic Act No. 10175 is more specific than an ordinary online scam. It generally involves the unauthorized manipulation of computer data, software, or a computer system to cause damage with fraudulent intent. This distinction matters because a fake online seller, phishing message, unauthorized bank transfer, hacked payroll system, and altered electronic record may involve different crimes—or several crimes at the same time.

What Is Computer-Related Fraud Under RA 10175?

Section 4(b)(2) of the Cybercrime Prevention Act of 2012, or Republic Act No. 10175, defines computer-related fraud as:

The unauthorized input, alteration, or deletion of computer data or a computer program, or interference in the functioning of a computer system, causing damage with fraudulent intent.

The law also provides a lower penalty when no damage has yet been caused. The complete statutory text is available in the official Supreme Court E-Library copy of RA 10175. (Supreme Court E-Library)

The law uses “computer” broadly. It includes not only desktops and laptops but also mobile phones, smartphones, servers, networks, data-storage devices, and other equipment capable of processing or storing data. “Computer data” includes electronic documents, database entries, application records, transaction information, and information stored locally or online. (Supreme Court E-Library)

A person does not necessarily need advanced hacking skills to commit the offense. An employee who has legitimate access to a company system may still act without right when the employee exceeds the limits of that authority—for example, by changing a supplier’s bank details to divert payments.

Elements of Computer-Related Fraud

Based on the wording of Section 4(b)(2), the prosecution must establish the following essential elements beyond reasonable doubt.

1. There Was an Input, Alteration, Deletion, or System Interference

The prohibited act may involve any of the following:

  • Entering unauthorized information into a computer system
  • Changing existing computer data or software
  • Deleting data or a computer program
  • Interfering with the normal operation of a computer system

“Alteration” means changing existing computer data or a program in form or substance. The offense may therefore cover changing amounts, account numbers, payment statuses, beneficiary details, inventory records, customer information, or system instructions. (Supreme Court E-Library)

The prosecution should identify the particular electronic act involved. A general accusation that someone “used a computer to commit fraud” may not be enough. Investigators will normally look for the exact data changed, the account used, the time of access, the affected system, and the resulting transaction or loss.

2. The Act Was Unauthorized or Without Right

The act must have been done without proper authority or beyond the authority granted to the accused.

RA 10175 defines conduct “without right” as conduct:

  • Undertaken without authority;
  • Undertaken in excess of authority; or
  • Not covered by a legal defense, justification, court order, excuse, or recognized legal principle. (Supreme Court E-Library)

This element is important in workplace and business disputes. A database administrator, accountant, cashier, programmer, or bank employee may be authorized to access a system but not authorized to alter records for personal gain.

Evidence relevant to authority may include:

  • Employment contracts
  • Job descriptions
  • Written company policies
  • User-access permissions
  • Approval workflows
  • Emails or instructions from supervisors
  • System logs showing the user’s assigned role
  • Evidence that credentials were borrowed, stolen, or shared

A mere mistake by an authorized employee is not automatically computer-related fraud. The prosecution must still prove fraudulent intent.

3. The Unauthorized Act Caused Damage

For the full offense and ordinary penalty to apply, the unauthorized act must cause damage.

Damage may appear in several forms, depending on the system involved:

  • Money transferred to an unauthorized account
  • Salary, commission, or benefits diverted from the lawful recipient
  • Electronic wallet or bank funds lost
  • Business records corrupted or made unreliable
  • Customer or supplier accounts improperly credited or debited
  • Operations interrupted
  • Costs incurred to restore data or investigate the intrusion
  • Property or services obtained because of manipulated electronic records

There must be a causal link between the unauthorized computer activity and the damage. It is not enough to show that the accused accessed a system and that the victim later suffered a loss. The evidence should connect the input, alteration, deletion, or interference to the particular damage claimed.

If the fraudulent manipulation was discovered before any damage occurred, Section 4(b)(2) still provides criminal liability but imposes a penalty one degree lower. (Supreme Court E-Library)

4. The Accused Acted With Fraudulent Intent

Fraudulent intent means the act was performed as part of a dishonest design, usually to obtain an unlawful benefit or cause another person a wrongful loss.

Because intent exists in the mind, it is often proved through surrounding circumstances rather than a direct admission. Investigators may consider:

  • Whether the accused benefited from the altered data
  • Whether funds went to an account connected to the accused
  • Efforts to hide or delete logs
  • Use of another person’s credentials
  • Repeated unauthorized transactions
  • False explanations or fabricated approvals
  • Changes made outside normal working hours
  • Attempts to conceal the beneficiary’s identity
  • Communications showing planning or coordination

Carelessness, poor system administration, or an accidental encoding error may cause damage, but these do not automatically establish fraudulent intent.

Examples of Computer-Related Fraud

Altering Payroll Information

A payroll employee changes an employee’s bank-account number in the payroll database so that the salary is deposited into an account controlled by the payroll employee.

This may constitute computer-related fraud because electronic data was altered without authority, the alteration caused financial damage, and the change was made with fraudulent intent.

Manipulating an Online Store’s Payment Status

A person gains access to an e-commerce system and changes an unpaid order from “pending” to “paid,” causing goods to be released without actual payment.

The altered payment record directly causes the seller to release property and suffer loss.

Changing Supplier Bank Details

An employee modifies a supplier’s payment instructions in the company’s accounting system. The company then transfers several million pesos to the substituted account.

The case may involve computer-related fraud, qualified theft or estafa depending on the relationship and acts involved, falsification-related offenses, money laundering, or other special laws.

Manipulating Loan or Credit Records

A bank or lending-company employee changes a borrower’s electronic account so that a nonexistent payment appears to have been made or an unauthorized credit limit is approved.

The manipulation may constitute computer-related fraud even when the employee originally had legitimate access to the system.

Altering an Electronic Wallet’s Transaction Data

A person exploits a vulnerability to create a false wallet balance, reverse a valid debit, or make the system recognize a nonexistent deposit.

This is closer to computer-related fraud than a scam in which the victim voluntarily sends money after receiving a deceptive message.

Failed Manipulation Before Money Is Released

A person changes a company’s beneficiary information, but the accounting department detects the change before approving the transfer.

No financial loss may have occurred, but the no-damage provision and the law on attempted cybercrime may still become relevant. The exact charge depends on the acts completed and the prosecution’s theory.

Not Every Online Scam Is Computer-Related Fraud

The fact that Facebook, Messenger, email, an online marketplace, or an electronic wallet was used does not automatically make an offense computer-related fraud.

Situation More likely legal issue
A fake seller persuades a buyer to send payment, then disappears Estafa under Article 315 of the Revised Penal Code, potentially with Section 6 of RA 10175
A person merely enters another person’s account without authority Illegal access under Section 4(a)(1) of RA 10175
A hacker deletes or damages files without a fraudulent scheme Data interference under Section 4(a)(3)
Malware prevents a business system from operating System interference under Section 4(a)(4), possibly with other offenses
A person steals and uses another person’s identifying information Computer-related identity theft under Section 4(b)(3)
Electronic data is falsified so it will be treated as authentic Computer-related forgery under Section 4(b)(1)
A person obtains passwords or financial credentials through deceptive messages Social engineering under RA 12010, potentially with identity theft, illegal access, or estafa
An authorized user changes system data to divert money Computer-related fraud under Section 4(b)(2)

Section 6 of RA 10175 also covers crimes under the Revised Penal Code and special laws committed through information and communications technology, generally imposing a penalty one degree higher. Thus, an online scam may be prosecuted as estafa committed through ICT even when the facts do not satisfy the separate elements of computer-related fraud. (Supreme Court E-Library)

The Supreme Court in Disini Jr. v. Secretary of Justice upheld the application of aiding, abetting, and attempt provisions to computer-related fraud. The Court also recognized that questions involving prosecution under RA 10175 together with other criminal laws may depend on the particular offenses and facts involved. (Supreme Court E-Library)

Penalty for Computer-Related Fraud

When Damage Has Been Caused

Under Section 8 of RA 10175, computer-related fraud is punishable by:

  • Prisión mayor, or
  • A fine of at least ₱200,000, up to an amount commensurate with the damage incurred, or
  • Both imprisonment and a fine.

Under Article 27 of the Revised Penal Code, prisión mayor runs from six years and one day to twelve years. (Supreme Court E-Library)

The precise sentence may be affected by the applicable rules on penalties, modifying circumstances, participation, plea bargaining where legally available, and the evidence presented during trial.

When No Damage Has Yet Been Caused

Section 4(b)(2) states that the penalty is one degree lower when no damage has yet occurred.

For imprisonment, the penalty one degree below prisión mayor generally points to prisión correccional, which runs from six months and one day to six years. The court must still apply the relevant rules on graduation and imposition of penalties to the charge proved. (Lawphil)

Attempting or Aiding Computer-Related Fraud

A person who willfully attempts, aids, or abets computer-related fraud may be prosecuted under Section 5 of RA 10175. Section 8 provides a penalty one degree lower than the penalty prescribed for the principal offense, a fine of ₱100,000 to ₱500,000, or both. The Supreme Court upheld these provisions as applied to computer-related fraud in Disini. (Supreme Court E-Library)

Liability of a Corporation or Other Juridical Person

A company, partnership, association, or other juridical person may face substantial fines when an offense is knowingly committed for its benefit by a person in a leading position. RA 10175 provides maximum corporate fines of up to ₱10 million in certain circumstances and up to ₱5 million when lack of supervision or control made the offense possible.

Corporate liability does not remove the personal criminal liability of the individual who committed the offense. (Supreme Court E-Library)

Computer-Related Fraud and the Anti-Financial Account Scamming Act

Republic Act No. 12010, the Anti-Financial Account Scamming Act of 2024, now specifically penalizes money-muling activities and social-engineering schemes involving bank accounts, credit cards, e-wallets, and other financial accounts.

Social engineering under RA 12010 includes obtaining sensitive financial information through deception or electronic communications, resulting in unauthorized access and control over a financial account. The law also allows covered financial institutions to temporarily hold funds involved in disputed transactions, subject to Bangko Sentral ng Pilipinas rules. (Lawphil)

A single incident may involve both laws. For example, a fraudster may:

  1. Obtain a victim’s password through phishing;
  2. Access the victim’s account;
  3. Change account or transaction data;
  4. Transfer funds to a money mule; and
  5. Withdraw or layer the proceeds.

Depending on the evidence, these acts may involve RA 12010, computer-related fraud, illegal access, identity theft, estafa, the Access Devices Regulation Act, and anti-money laundering laws. The prosecution must determine which offenses have distinct elements and factual bases.

What to Do After Discovering Possible Computer-Related Fraud

1. Stop Further Loss Immediately

For financial transactions:

  • Contact the bank, e-wallet provider, credit-card issuer, or payment platform immediately.
  • Ask for the account to be secured.
  • Report each disputed transaction.
  • Request the preservation of transaction records.
  • Ask whether funds can be temporarily held or recalled under applicable fraud procedures and RA 12010.
  • Obtain a complaint reference number.

Do not wait for a police report before contacting the financial institution. Funds can move through several accounts within minutes.

2. Preserve the Original Evidence

Keep the original phone, computer, storage device, email, or account in substantially the same condition.

Avoid:

  • Factory-resetting the device
  • Deleting messages or applications
  • Editing screenshots
  • Cropping out account names, URLs, dates, or timestamps
  • Continuing to use a compromised administrator account
  • Installing “cleaner” or recovery software that may overwrite evidence

Take clear screenshots, but also preserve the original electronic material. Screenshots alone may not establish who controlled an account or whether the displayed information was altered.

3. Record the Complete Transaction Trail

Prepare a chronological list containing:

  • Date and exact time of each event
  • Amount involved
  • Bank or e-wallet reference numbers
  • Source and destination account details
  • Usernames, phone numbers, email addresses, and profile links
  • IP addresses or access logs, when available
  • Names of witnesses
  • Communications with the bank or platform
  • Dates when access permissions or electronic records changed

For a company incident, immediately preserve audit logs, server logs, access-control records, backups, employee permissions, approval records, CCTV footage, and internal emails.

4. File a Complaint With the NBI or PNP

RA 10175 assigns cybercrime enforcement responsibilities to the National Bureau of Investigation and the Philippine National Police. Complaints may be brought to the NBI Cybercrime Division, an NBI Regional Cybercrime Center, or the PNP Anti-Cybercrime Group or its appropriate regional unit. (Supreme Court E-Library)

The NBI Citizen’s Charter describes the initial process as involving:

  1. Completion of a complaint sheet;
  2. A preliminary interview;
  3. Execution of sworn statements or submission of prepared affidavits;
  4. Submission and possible examination of relevant devices and supporting records; and
  5. Approval of an authority to investigate.

The Citizen’s Charter lists no official fee for this initial service and gives an estimated front-end processing time of approximately one hour and ten minutes. That estimate covers intake steps, not the full investigation. (National Bureau of Investigation)

5. Execute a Detailed Complaint-Affidavit

A complaint-affidavit should clearly explain:

  • Who committed the alleged acts, if known
  • What data or program was entered, changed, deleted, or interfered with
  • Why the act was unauthorized
  • What damage occurred
  • Why the circumstances indicate fraudulent intent
  • How the accused is connected to the account, device, beneficiary, or transaction
  • What documents and digital evidence support each allegation

Affidavits are ordinarily sworn before a prosecutor, authorized investigator, or notary public, depending on where and how they are filed.

6. Allow Investigators to Seek Cybercrime Warrants

Digital evidence held by banks, telecommunications companies, online platforms, email providers, and other service providers often cannot be obtained through a private request alone.

Depending on the evidence needed, law enforcement may apply for:

  • A Warrant to Disclose Computer Data
  • A Warrant to Intercept Computer Data
  • A Warrant to Search, Seize, and Examine Computer Data
  • A Warrant to Examine Computer Data

The Rule on Cybercrime Warrants governs the preservation, disclosure, interception, search, seizure, and forensic examination of computer data. Even when investigators lawfully possess a device, judicial authority may still be required before examining its contents. (Supreme Court E-Library)

RA 10175 requires service providers to preserve traffic data and subscriber information for at least six months from the transaction. Content data must generally be preserved for six months after receipt of a law-enforcement preservation order, subject to a possible extension. After a proper disclosure warrant and order, covered information must be submitted within 72 hours from receipt of the order. (Supreme Court E-Library)

These periods are a major reason to report promptly.

7. Preliminary Investigation by the Prosecutor

After sufficient evidence is gathered, a complaint may be filed with the appropriate city, provincial, or DOJ prosecutor’s office for preliminary investigation.

The prosecutor determines whether there is sufficient ground to believe that a crime was committed and that the respondent is probably guilty and should stand trial. The respondent is ordinarily given an opportunity to submit a counter-affidavit and supporting evidence under the applicable National Prosecution Service rules.

Investigations involving anonymous accounts, foreign platforms, cryptocurrency, multiple money-mule accounts, or overseas suspects commonly take longer because investigators may need court warrants, forensic examinations, bank coordination, or international legal assistance.

8. Filing in the Regional Trial Court

The Regional Trial Court has jurisdiction over violations of RA 10175. Cybercrime cases are assigned to designated special cybercrime courts.

Under the Rule on Cybercrime Warrants, the criminal case may generally be filed in the designated cybercrime court of the province or city where:

  • The offense or any element occurred;
  • Any part of the computer system used is situated; or
  • Any resulting damage occurred.

The court where the criminal action is first properly filed acquires jurisdiction to the exclusion of other possible venues. (Supreme Court E-Library)

Barangay conciliation is generally not a prerequisite for a computer-related fraud complaint because the offense carries a maximum imprisonment exceeding one year and a fine exceeding ₱5,000. Such offenses fall outside the mandatory barangay-conciliation coverage under Section 408 of the Local Government Code. (Lawphil)

Evidence Checklist

Evidence Why it matters
Original phone, computer, or storage device Allows lawful forensic examination and recovery of metadata
Full, uncropped screenshots Shows usernames, URLs, dates, time, balances, and context
Exported chats or emails Preserves the complete conversation rather than selected images
Email headers May show routing, sending servers, and technical identifiers
Bank or e-wallet statements Establishes the amount, destination, and transaction reference
Account-access and audit logs Identifies when and how data was changed
Before-and-after system records Shows the exact alteration or deletion
Company access policies Helps prove that the accused exceeded authority
Employment and job records Establishes the accused’s role and authorized access
Beneficiary-account records Connects the fraud to the person who received the proceeds
Incident-response reports Documents discovery, containment, and resulting damage
Witness affidavits Explains approvals, system controls, and ordinary procedures
Repair, restoration, and investigation invoices Supports the amount of financial damage

Common Problems That Weaken a Complaint

Reporting Too Late

Subscriber information, traffic records, logs, CCTV footage, and platform data may be deleted under routine retention policies. Delay also allows funds to be withdrawn, converted, or transferred through additional accounts.

Relying Only on Screenshots

Screenshots can be edited and usually do not prove who controlled the account. Stronger cases combine screenshots with provider records, device evidence, audit logs, bank records, and witness testimony.

Naming the Account Holder as the Offender Without More Evidence

The registered owner of a bank account, SIM card, social-media account, or electronic wallet is not always the person who operated it. Accounts may be stolen, rented, sold, or used by another person.

Investigators should establish control through logins, devices, withdrawals, communications, CCTV footage, KYC records, and the flow of proceeds.

Confusing Deception With Data Manipulation

A fraudster who merely persuades a victim to transfer money may have committed estafa or social engineering. Computer-related fraud ordinarily requires unauthorized input, alteration, deletion, or interference involving data, software, or a computer system.

Trying to Hack the Suspect’s Account

A victim should not break into another person’s account to retrieve evidence. Unauthorized access may itself violate RA 10175, and illegally obtained evidence may be excluded.

Altering or “Cleaning Up” the Compromised System

Immediate security measures may be necessary, but changes should be documented. Companies should preserve forensic images, logs, and backups before rebuilding systems whenever reasonably possible.

Cases Involving Foreigners or Overseas Evidence

Philippine jurisdiction may exist when:

  • The accused is a Filipino, regardless of where the offense was committed;
  • Any element occurred in the Philippines;
  • A computer system used was wholly or partly situated in the Philippines; or
  • The offense caused damage to a person or company that was in the Philippines when it occurred. (Supreme Court E-Library)

A foreign victim does not need to be a Filipino to file a complaint. However, an overseas complainant may need a Philippine representative, a properly executed special power of attorney, or arrangements for remote or consular execution of affidavits, depending on the investigating office and prosecutor.

Affidavits and public documents executed abroad may need:

  • Notarization in the country of execution;
  • An apostille when issued in a country that is a party to the Apostille Convention; or
  • Consular authentication or legalization when the country is not covered by the Apostille Convention.

Documents bearing a valid apostille generally have legal effect in the Philippines without further Philippine Embassy authentication. Foreign-language documents may also require a certified English or Filipino translation. (Philippine Embassy in New Delhi)

When evidence is held by a foreign technology company or the suspect is overseas, the DOJ Office of Cybercrime acts as the Philippine central authority for international cooperation, mutual legal assistance, and cybercrime-related extradition matters. (Cybercrime Division)

Frequently Asked Questions

Is a Facebook or online-selling scam automatically computer-related fraud?

No. A scam involving deceptive messages and voluntary payment is more commonly investigated as estafa, possibly committed through ICT, or as an offense under RA 12010. Computer-related fraud usually requires unauthorized manipulation of data, software, or system operations.

Is unauthorized bank-account access computer-related fraud?

Unauthorized access may constitute illegal access. If the offender also changes transaction data, beneficiary information, balances, or system instructions and causes damage with fraudulent intent, computer-related fraud may also apply.

Can an employee commit computer-related fraud using an authorized company account?

Yes. Authority to access a system is not necessarily authority to make every type of change. RA 10175 covers conduct performed in excess of authority.

Is actual financial loss required?

Actual damage is required for the ordinary penalty under Section 4(b)(2). If no damage has yet occurred, the law provides a penalty one degree lower. Damage may involve money, property, corrupted records, system disruption, or other provable loss connected to the manipulation.

What is the maximum imprisonment?

The ordinary imprisonment is prisión mayor, which ranges from six years and one day to twelve years. The court may impose imprisonment, a fine, or both under Section 8 of RA 10175.

Can the victim recover the stolen money through the criminal case?

A criminal conviction may include civil liability such as restitution or damages. Recovery still depends on proof, available assets, the movement of funds, and whether accounts or property can be traced and preserved.

Does repayment end the criminal case?

Not automatically. Repayment may satisfy or reduce the civil loss and may affect the parties’ positions, but the criminal offense is prosecuted in the name of the People of the Philippines. The legal effect of repayment depends on the offense, stage of the case, and applicable rules.

Where should the complaint be filed?

The incident may first be reported to the NBI Cybercrime Division, an NBI Regional Cybercrime Center, or the PNP Anti-Cybercrime Group. A formal prosecutorial complaint is filed with the prosecutor’s office having proper territorial authority. Any resulting criminal case is heard by the appropriate designated cybercrime Regional Trial Court.

Do I need the suspect’s real name before filing?

No. A complaint may begin with usernames, account numbers, mobile numbers, email addresses, profile links, transaction references, and other identifiers. Law enforcement may seek warrants and provider records to identify the person behind an account.

Can I file from outside the Philippines?

Yes, but practical requirements vary. An overseas complainant may execute an apostilled or consularized affidavit, appoint a Philippine representative through a special power of attorney, and coordinate with the investigating agency regarding the original evidence and possible testimony.

Key Takeaways

  • Computer-related fraud requires unauthorized input, alteration, deletion, or system interference that causes damage and is performed with fraudulent intent.
  • A simple online deception is not automatically computer-related fraud; it may instead be estafa, social engineering, identity theft, or another cybercrime.
  • The ordinary penalty is prisión mayor—six years and one day to twelve years—or a fine of at least ₱200,000 up to an amount commensurate with the damage, or both.
  • A lower penalty applies when no damage has yet occurred.
  • Employees and insiders may be liable when they exceed their authorized system access.
  • Original devices, audit logs, complete transaction records, provider information, and proof of authority are often more valuable than screenshots alone.
  • Victims should contact the financial institution and report to the NBI or PNP immediately because funds and electronic evidence can disappear quickly.
  • RA 12010 may also apply to phishing, social engineering, money mules, and fraudulent financial-account transactions.
  • Cybercrime cases are handled by the Regional Trial Court, including designated special cybercrime courts.
  • Philippine authorities may investigate cross-border offenses when the law’s jurisdictional requirements are satisfied.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.