In the Philippines, the legal framework governing credit card fraud and other unauthorized uses of payment instruments is primarily defined by Republic Act No. 8484, known as the Access Devices Regulation Act of 1998. This landmark legislation was significantly strengthened in 2019 by Republic Act No. 11449, which reclassified certain acts as "economic sabotage" and drastically increased the penalties to reflect the growing threat of cyber-enabled financial crimes.

Scope of the Law: What is an "Access Device"?

The law defines an access device broadly. It is not limited to physical credit cards but includes any card, plate, code, account number, electronic serial number, personal identification number (PIN), or other telecommunications service, equipment, or instrument identifier that can be used to obtain money, goods, or services.

Prohibited Acts Under R.A. 8484

The law criminalizes a wide array of fraudulent activities, including but not limited to:

• Producing or Using Counterfeit Access Devices: Creating fake cards or using them for transactions.
• Possession of "Skimming" Devices: Having tools designed to steal information from the magnetic strips of cards.
• Fraudulent Application: Providing false information to a bank to obtain a credit card.
• Theft or Robbery of Access Devices: Stealing a physical card or the digital data associated with it.
• Trafficking: Selling or distributing stolen or counterfeit access devices.
• Illegal Use: Using an access device that has been revoked, cancelled, or is known to be lost or stolen.

The Penalties: R.A. 11449 Amendments

The 2019 amendments introduced tiered penalties based on the severity and scale of the offense. The law now distinguishes between individual fraud and large-scale operations.

1. Standard Fraudulent Acts

For general violations of the Act, the penalties are:

• Imprisonment: Six (6) years to ten (10) years.
• Fine: A minimum of ₱500,000.00 or twice the value of the offense, whichever is higher.

2. Possession of Counterfeit Devices

If an individual is found in possession of ten (10) or more counterfeit access devices, even if they have not yet used them:

• Imprisonment: Twelve (12) years to twenty (20) years.
• Fine: A minimum of ₱500,000.00 or twice the value of the offense.

3. Fraud as Economic Sabotage

The most severe penalties are reserved for acts categorized as Economic Sabotage. This occurs when the fraud is committed by a "syndicate" (three or more persons) or on a "large scale" (against three or more persons individually or as a group).

• Penalty: Life Imprisonment.
• Fine: Between ₱1,000,000.00 to ₱5,000,000.00.

Presumptions of Intent to Defraud

A critical aspect of R.A. 8484 is the presumption of intent. The law simplifies prosecution by stating that the mere possession of a counterfeit access device or the possession of two or more access devices belonging to other people (without authorization) is "prima facie" evidence of intent to defraud.

Furthermore, a cardholder who abandons their place of employment or residence without notifying the credit card issuer, while having an outstanding balance of at least ₱10,000.00 that is unpaid for 90 days, can also be presumed to have used the card with intent to defraud.

Jurisdictional Reach

The Act applies not only to crimes committed within Philippine territory but also to those committed abroad if the access device was issued by a Philippine bank or financial institution, or if the fraud affects a Philippine-based account.

Summary Table of Penalties

Note on Civil Liability: The criminal penalties mentioned above are separate from civil liability. A perpetrator found guilty will still be ordered by the court to pay back the actual amount stolen or defrauded from the victim or the banking institution.