Anti-Telecom and Online Fraud Law of the People’s Republic of China

By Yoni HaoLast Updated on Aug 14, 2023
Anti-Telecom and Online Fraud Law of the People’s Republic of China

Promulgation Authorities: Standing Committee of the National People’s Congress

Release Date: 2022-09-02

Effective Date: 2022-12-01

Source: https://www.gov.cn/xinwen/2022-09/02/content_5708119.htm

Original Title: 中华人民共和国反电信网络诈骗法

Anti-Telecom and Online Fraud Law of the People’s Republic of China

Presidential Decree No.119

The Anti-Telecom and Online Fraud Law of the People’s Republic of China, adopted at the 36th Session of the Standing Committee of the 13th National People’s Congress of the People’s Republic of China on 2 September 2022, is hereby promulgated, effective 1 December 2022.

Xi Jinping

President of the People’s Republic of China

2 September 2022

Anti-Telecom and Online Fraud Law of the People’s Republic of China

(Adopted at the 36th Session of the Standing Committee of the Thirteenth National People’s Congress on 2 September 2022)

Chapter 1 General Provisions

Article 1 This Law is enacted in accordance with the Constitution of the People’s Republic of China (“PRC”) in order to prevent, curb and punish telecom (“telecom”) and online fraud, strengthen anti-telecom and online fraud, protect the legitimate rights and interests of citizens and organisations, and safeguard social stability and national security.

Article 2 For the purpose of this Law, “telecom and online fraud” refers to the act of swindling public or private property by means of telecom and Internet technologies in remote or non-contact way for the purpose of illegal possession.

Article 3 This Law applies to the crackdown on and control of telecom and online fraud committed within the territory of the PRC or telecom and online fraud committed overseas by citizens of the PRC.Overseas organisations and individuals who carry out telecom and online fraud activities targeting those within the territory of the PRC, or provide products, services and other assistance for others to carry out telecom and online fraud activities targeting those within the territory of the PRC, shall be punished and held liable in accordance with the relevant provisions of this Law.

Article 4 In carrying out anti-telecom and online fraud, it is imperative to adhere to people-orientation, make overall planning of development and safety, adhere to the system concept and the rule of law, with focus on treatment from the source and comprehensive control. It is also imperative to make concerted efforts and joint prevention and control, comprehensively implement various measures of crackdown, prevention and control, and strengthen social publicity and education for prevention; moreover, efforts should be made to make precise prevention and control in order to ensure the normal production and business activities and facilitate the livelihood of the people.

Article 5 Anti-telecom and online fraud shall be carried out according to law, in order to safeguard the legitimate rights and interests of citizens and organisations.Relevant authorities, entities and individuals shall keep confidential the state secrets, trade secrets, personal privacy and personal information that come into their knowledge during anti-telecom and online fraud.

Article 6 The State Council establishes a work mechanism for anti-telecom and online fraud and coordinate the combat work.Local people’s governments at all levels shall organise and lead anti-telecom and online fraud within their administrative regions, determine the targets, tasks and work mechanism for anti-telecom and online fraud, and carry out comprehensive control in this regard.

The public security organs shall take the lead in anti-telecom and online fraud, and the finance, telecom, cybersecurity, market regulation and other relevant authorities shall perform their regulatory responsibilities ex officio as subjects and take charge of the anti-telecom and online fraud in their respective industry.

The people’s courts and the people’s procuratorates shall play judicial and procuratorial functions in preventing and punishing telecom and online fraud according to law.

Telecom business operators, banking financial institutions, non-banking payment institutions and internet service providers shall assume risk prevention and control responsibility, establish an internal control mechanism and safety responsibility system for anti-telecom and online fraud, and strengthen the security assessment of fraud risks involved in a new business.

Article 7 Relevant departments and entities shall cooperate closely in the fight of anti-telecom and online fraud, achieve cross-industry and cross-regional coordination and rapid and joint action, and strengthen the building of professional teams to effectively combat and govern fraud committed via telecom or internet.

Article 8 The people’s governments at all levels and relevant departments shall strengthen the publicity of anti-telecom and online fraud and popularize relevant laws and knowledge to improve the public’s awareness in preventing various means of anti-telecom and online fraud and their ability to various types of telecom and online fraud.Relevant departments in charge of, among others, education administration, market supervision and civil affairs, and villagers’ committees and residents’ committees shall, in light of the distribution of the group of victims of telecom and online fraud and other characteristics, strengthen the publicity and education on such fraud for the elderly, teenagers and other groups, enhance the pertinence and accuracy of the publicity and education against fraud committed via telecom or internet, and carry out activities in schools, businesses, communities, rural areas and families, etc. with regard to the publicity and education against fraud committed via telecom or internet.

All entities shall strengthen their internal prevention of telecom and online fraud and carry out education for their staff on the prevention of such fraud; individual shall strengthen their awareness of the prevention of such fraud. Entities and individuals shall assist and cooperate with the relevant departments in carrying out anti-telecom and online fraud in accordance with the provisions of this Law.

Chapter 2 Telecom Governance

Article 9 Telecom operators shall fully implement the real identity information registration system for telephone users according to law.Basic telecom enterprises and mobile telecom resale enterprises shall assume the responsibility for implementing the real-name user system management over their agents and specify the agents’ responsibilities for real-name system registration and the relevant measures for handling breach of contract in the relevant agreements.

Article 10 The number of telephone cards to be processed shall not exceed the relevant limits prescribed by the State.Where any abnormal application for a card is identified, the telecom business operator has the right to strengthen the verification or reject the application for a card. The telecom authority of the State Council shall develop the specific identification measures.

The telecom authority of the State Council shall organize the establishment of a verification mechanism for the number of telephone cards to be issued and a risk information sharing mechanism, and provide a convenient channel for users to check the information on the telephone cards registered under their names.

Article 11 Telecom operators shall carry out real-name verification again for the users of telephone cards identified to be involved in abnormal fraud and adopt differential and corresponding verification measures based on the risk levels. If the verification is not carried out as required or the verification is not passed, telecom business operators may restrict or suspend the functions of relevant telephone cards.

Article 12 Telecom operators shall establish a risk assessment system for Internet of Things card users and shall not sell Internet of Things cards to those who fail to pass the assessment. The identity information of Internet of Things card users shall be strictly registered. Effective technical measures shall be taken to restrict the available functions, use scenarios and applicable equipment of Internet of Things cards.Where a corporate user purchases an Internet of Things card from a telecom business operator and then sells the equipment on which the Internet of Things card is carried to other users, the identity information of such users shall be verified and registered, and the sales volume, stock and real-name information of such users shall be transmitted to the telecom business operator to which the number belongs.

Telecom operators shall establish a monitoring and early warning mechanism for the use of Internet of Things cards. In the event of any abnormal use of Internet of Things cards, telecom business operators shall suspend services, reverify identity and use scenarios and take other measures agreed in the contract.

Article 13 Telecom operators shall standardize the transmission of real calling numbers and lease of telecom lines, and block and intercept and trace the sources of calls with changed numbers.Telecom operators shall strictly standardize the transmission of international communication business gateway exchange calling numbers, truthfully and accurately indicate to the users the countries or regions where the incoming numbers are located and identify and intercept false and non-standardized calls within or between networks.

Article 14 No entity or individual may illegally manufacture, trade, provide or use the following equipment and software:

(I) the equipment for bulk insertion of telephone cards;

(II) the equipment and software with the functions of changing calling numbers, virtual dialing, and accessing public telecom network by Internet telephones in violation of the rules;

(III) the system for automatic switching of bulk account numbers and web addresses, and the platform that provides SMS verification and voice verification for bulk receiving; and

(IV) other equipment and software used for committing telecom or online fraud and other illegal crimes.Telecom operators and Internet service providers shall take technical measures to promptly identify and block the access network of the illegal equipment and software provided in the preceding paragraph, and report to the public security authorities and the relevant industry authorities.

Chapter 3 Financial Governance

Article 15 Banking financial institutions and non-bank payment institutions shall establish a customer due diligence system during the opening of bank accounts and payment accounts and the provision of payment and settlement services for customers, and during the existence of the business relationship with customers, lawfully identify the beneficial owners, and take appropriate risk management measures to prevent the use of bank accounts and payment accounts for telecom or online fraud.

Article 16 The opened quantity of bank accounts and payment accounts shall not exceed the relevant quantity restricted by the State.If abnormal account opening circumstances are identified, the banking financial institution concerned or the non-bank payment institution concerned is entitled to strengthening verification or rejecting the account opening.

The People’s Bank of China (“PBC”) and the banking regulator of the State Council shall organise relevant clearing agencies to establish a cross-institution account opening quantity verification mechanism and a risk information sharing mechanism, and provide a convenient channel for customers to enquire about bank accounts and payment accounts under their names. Banking financial institutions and non-bank payment institutions shall provide the account opening situations and related risk information according to the relevant provisions of the State. Relevant information shall not be used for purposes other than anti-telecom or online fraud.

Article 17 Banking financial institutions and non-bank payment institutions shall establish a risk prevention and control mechanism for abnormal situations of opening corporate accounts. Relevant authorities of finance, telecom, market regulation, and taxation shall establish the relevant information sharing and inquiry system on the opening of corporate accounts and provide online verification services.The market entity registration authorities shall verify the identity information of the enterprises’ real-name registration according to law, supervise and inspect the registration matters in accordance with the provisions, and focus on supervision and inspection on the enterprises that may have false registration or fraud. If the registration is revoked according to law, information shall be timely shared in accordance with the provisions of the preceding paragraph; and convenience shall be provided for banking financial institutions and non-bank payment institutions to carry out customer due diligence and lawfully identify the beneficial owners.

Article 18 Banking financial institutions and non-bank payment institutions shall strengthen the monitoring of bank accounts, payment accounts and payment and settlement services, and establish a sound monitoring mechanism for abnormal accounts and suspicious transactions that meet the characteristics of telecom or online fraud.The PBC shall establish a unified anti-money laundering monitoring system across banking financial institutions and non-bank payment institutions, and shall, in conjunction with the public security department of the State Council, improve the anti-money laundering suspicious transaction reporting system compatible with the characteristics of the flow of funds for telecom or online fraud.

For the abnormal accounts and suspicious transactions identified in the monitoring, banking financial institutions and non-bank payment institutions shall, in light of risk situation, take necessary preventive measures such as verifying the transaction information, re-verifying identity, delaying payment and settlement, and restricting or suspending relevant businesses.

When carrying out monitoring of abnormal accounts and suspicious transactions in accordance with the provisions of the first paragraph, banking financial institutions and non-bank payment institutions may collect the necessary transaction information such as the Internet protocol address, network card address, and payment terminal information of abnormal customers, as well as equipment location information. The above information shall not be used for purposes other than the anti-telecom or online fraud without the authorisation of the customers.

Article 19 Banking financial institutions and non-bank payment institutions shall, in accordance with the relevant provisions of the State, transmit the transaction information such as the names of the businesses which directly provide goods or services, and the names and account numbers of the paying and receiving customers in a complete and accurate manner, and ensure the authenticity and completeness of the transaction information and the consistency in the whole process of payment.

Article 20 Public security department of the State Council shall, in concert with the relevant authorities, establish and improve the systems for instant inquiry, emergency stop of payment, rapid freezing, timely unfreezing and return of the funds involved in the telecom or online fraud, and clarify the relevant conditions, procedures and remedial measures.If the public security authorities decide to take the above measures according to law, banking financial institutions and non-bank payment institutions shall cooperate with them.

Chapter 4 Internet Governance

Article 21 Telecom business operators and Internet service providers providing the following services for users shall lawfully require the users to provide real identity information at the time of signing the agreement with the users or confirming the provision of services; if the users fail to provide real identity information, the services shall not be provided:

(I) providing Internet access services;

(II) providing network address conversion services such as network agencies;

(III) providing Internet domain name registration, server hosting, space renting, cloud services and content distribution services; and

(IV) provide information and software distribution services, or providing services such as instant messaging, online transactions, online games and online live-streaming and advertising promotion.

Article 22 Internet service providers shall re-verify the abnormal accounts involved in fraud identified by monitoring, and shall, in accordance with the relevant provisions of the State, take measures such as restricting functions and suspending services.Internet service providers shall, as required by the public security authorities and the telecom authorities, verify the relevant Internet accounts registered in connection with the telephone cards involved in cases and the abnormal telephone cards involved in fraud, and shall, in light of the situation of risks, take measures such as ordering correction within a time limit, restricting functions, suspending the use, closing the accounts and forbidding re-registration.

Article 23 Whoever intends to establish mobile Internet applications shall go through licensing or filing formalities with the telecom authorities according to relevant provisions of the State.Whoever provides packaging and distribution services for applications shall register and verify the real identity information of the developers and operators of the applications and verify the functions and purposes of the applications.

Public security, telecom and cybersecurity authorities, telecom business operators and Internet service providers shall strengthen the monitoring and timely handling of applications involved in fraud that are downloaded and transmitted by means other than the distribution platforms.

Article 24 The providers of domain name resolution, domain name forwarding, and URL link conversion services shall verify the authenticity and accuracy of domain name registration, resolution information and Internet protocol address, standardise the forwarding of domain names, record and retain the log information of the corresponding services provided, and support the traceability of the resolution, domain name forwarding and conversion records according to the relevant provisions of the State.

Article 25 No entity or individual may provide the following support or assistance for others to commit telecom or online fraud:

(I) selling or providing personal information;

(II) helping others to launder money through virtual currency transactions or by other means; and

(III) other activities of providing support or assistance for telecom or online fraud.Telecom business operators and Internet service providers shall, according to relevant provisions of the State, perform the duty of reasonable care, and monitor, identify and handle the fraud-related support and assistance activities carried out by using the following businesses:

(I) providing Internet access, server hosting, network storage, communication transmission, line renting, domain name resolution and other network resource services;

(II) providing network promotion services such as information release or search, advertising promotion, and traffic promotion;

(III) providing production and maintenance services for applications, websites and other network technologies and products; and

(IV) providing payment and settlement services.

Article 26 When the public security organs collect the evidence in accordance with the law in the handling of telecom or online fraud, the Internet service provider concerned shall promptly provide technical support and assistance.Where an Internet service provider finds out any fraud-related criminal clues or risk information in its monitoring of fraud-related information and activities in accordance with the provisions of this Law, if they have, it shall refer them to the public security, finance, telecom, cyberspace or other authorities depending on the type and degree of the risks of fraud. Relevant authorities shall establish and improve the feedback mechanism, and timely notify the referring authorities of the relevant information.

Chapter 5 Comprehensive Measures

Article 27 The public security organs shall establish and improve the mechanism for combating telecom or online fraud and strengthen the development of specialized teams and professional and technical skills. All police types and all local public security organs shall closely cooperate to effectively punish the telecom or online fraud according to the law.When receiving a report of or discovering any telecom or online fraud, the public security organs shall file and investigate the case according to the Criminal Procedure Law of the PRC.

Article 28 The financial, telecom and cyberspace authorities shall, ex officio, supervise and inspect the implementation of this Law by banking financial institutions, non-banking payment institutions, telecom business operators and Internet service providers. Relevant supervision and inspection activities shall be lawfully carried out in a standardized manner.

Article 29 Personal information handler shall, in accordance with the Personal Information Protection Law of the PRC and other laws and regulations, regulate the handling of personal information, strengthen the protection of personal information, and establish a mechanism for the prevention of personal information being used for telecom or online fraud.The authorities and entities performing the duties of personal information protection shall give priority to the protection of logistics information, transaction information, loan information, medical information and marriage information, etc. that may be used for telecom or online fraud. When handling the case involving telecom or online fraud, the public security organs shall at the same time investigate the source of personal information used in the offence and hold the relevant personnel and entities liable according to the law.

Article 30 Telecom business operators, banking financial institutions, non-banking payment institutions and Internet service providers shall carry out publicity against telecom or online fraud for their practitioners and users, give reminders on the prevention of telecom or online fraud in the relevant business activities, promptly remind the users of telecom or online fraud newly emerging in their respective fields, and give warnings for the legal liability of illegally buying and selling, renting or lending one’s relevant cards, accounts or account numbers for the use of telecom or online fraud.Press, radio, television, culture and Internet information service providers, among others, shall carry out publicity and education against telecom or online fraud to the public.

Any entity or individual has the right to report telecom or online fraud, and relevant authorities shall timely handle the case in accordance with the law and shall reward and protect the whistleblowers who provide valid information.

Article 31 No entity or individual may illegally buy, sell, rent or lend phone cards, Internet of Things cards, telecom lines, SMS ports, bank accounts, payment accounts, and Internet accounts, etc. or provide real-name verification assistance; it is not allowed to impersonate others or fabricate the agency relationship to open the above cards, accounts, and account numbers, etc.For the entities, individuals and related organisers who have committed the activities specified in the preceding paragraph, as well as the persons who have been criminally punished for engaging in the activities of telecom or online fraud or related crimes, as determined by the public security organs above the level of municipalities with districts, their credit records may be recorded according to relevant regulations of the State, and such measures against them  may be taken as restricting the functions of their relevant cards, accounts and account numbers, stopping non- counter services for them, suspending new services for them and restricting their network access. Whoever disagrees with the above determinations and measures may file an appeal. Relevant authorities shall establish and improve appeal channels, as well as the credit repair and relief system. Public security department of the State Council shall work with the relevant authorities to develop the specific measures.

Article 32 The State supports telecom business operators, banking financial institutions, non-banking payment institutions and Internet service providers to research and develop the technologies for anti-telecom or online fraud, in order to monitor, identify, dynamically block and handle the abnormal fraud-related information and activities.Public security department, financial regulator, telecom authority and cyberspace administration of the State Council shall coordinate the development of the technical measures for anti-fraud in their respective industries and fields, promote the sharing of sample information and data involving telecom or online fraud, strengthen the cross verification of fraud-related user information, and establish the monitoring and identification, dynamic blocking and handling mechanisms for abnormal fraud-related information and activities.

Where disposal measures such as restriction and service suspension are taken against fraud-related abnormalities in accordance with the provisions of Article 11, Article 12, Article 18, Article 22 or the preceding paragraph of this Law, the party concerned shall be informed of the disposal reasons, remedy channels and materials to be submitted, and the party concerned may appeal to the department or entity making the decision or taking the measures. The authority or entity that has made the decision shall establish and improve the appeal channel, timely accept the appeal and conduct verification. If the verification is passed, the relevant measure shall be immediately lifted.

Article 33 The State promotes the development of public service of online identity authentication and supports the voluntary use by individuals and enterprises. Telecom business operators, banking financial institutions, non-banking payment institutions and Internet service providers may re-verify the users’ identity through the national network identity authentication public service if telephone cards, bank accounts, payment accounts and Internet accounts are involved in fraud.

Article 34 Public security organs shall, in concert with the finance, telecom and cyberspace authorities, organise banking financial institutions, non-banking payment institutions, telecom business operators and Internet service providers etc. to establish a warning and dissuasion system, and shall timely take appropriate dissuasion measures as the case may be for the potential victims found in the early warnings. For cases regarding telecom or online fraud, the recovery of stolen money or losses shall be strengthened, the disposal system for involved funds shall be improved and the legitimate property of the victims shall be timely returned. Victims who suffer from severe life difficulties shall be given relief by the relevant parties according to the regulations if the relevant national relief conditions are met.

Article 35 Upon the decision or approval of the State Council’s work mechanism for anti- telecom or online fraud, the public security, finance and telecom authorities, etc. may take necessary temporary risk prevention measures in specific regions with serious telecom or online fraud in accordance with the relevant regulations of the State.

Article 36 For persons who travel to areas with serious telecom or online fraud, if their exit activities are suspected of being involved in telecom or online fraud, the immigration authorities may decide not to allow them to leave China.For persons who have been subjected to criminal penalties for engaging in telecom or online fraud, the public security organs above the level of city divided into districts may, in light of the situation of the crime and the needs for prevention of further crime, decide not to allow them to leave the country for a period of six months, up to three years, from the date of the completion of the punishment, and notify the immigration authorities to implement the decision.

Article 37 The public security department and other departments under the State Council shall, in concert with the foreign affairs department, strengthen judicial cooperation in international law enforcement, establish effective cooperation mechanisms with relevant countries, regions and international organizations, and enhance the level of cooperation in information exchange, investigation and evidence collection, detection and capture, recovery of stolen money and losses and other aspects by carrying out international police cooperation or otherwise, so as to effectively combat and curb cross-border telecom and online fraud.

Chapter 6 Legal Liability

Article 38 Whoever organises, plans, implements or participates in telecom or online fraud, or provides assistance for such fraud, which constitutes a crime, shall be investigated for criminal liability.If the act in the preceding Paragraph does not constitute a crime, the offender shall be detained by the public security authorities for more than 10 days but less than 15 days, the illegal income shall be confiscated, and a fine ranging from one to ten times the amount of the illegal income shall be imposed; if there is no illegal income or the illegal income is less than 10,000 yuan, a fine of not more than 100,000 yuan shall be imposed.

Article 39 Where a telecom service operator violates the provisions of this Law and falls under any of the following circumstances, the relevant authorities shall order it to make correction. If the circumstances are minor, the telecom service operator shall be given a warning, circulated a notice of criticism, or be imposed a fine ranging from 50,000 yuan to 500,000 yuan; if the circumstances are serious, a fine ranging from 500,000 yuan to 5 million yuan shall be imposed, and the relevant authorities may order it to suspend the relevant business, stop the operation for rectification, or revoke the relevant business permit or the business license, and impose a fine ranging from 10,000 yuan to 200,000 yuan on the directly responsible supervisor and other directly liable persons:

(I) failure to implement the internal control mechanism against telecom or online fraud determined by the relevant national regulations;

(II) failure to perform the duties of real-name registration for telephone cards and Internet of Things cards;

(III) failure to perform the duties of monitoring and identification, monitoring and early warning and relevant disposal for telephone cards and Internet of Things cards;

(IV) failure to conduct risk assessment on Internet of Things card users, or failure to define the functions, scenarios and applicable equipment of Internet of Things cards; and

(V) failure to take measures to monitor and dispose of phones with changed numbers, false callers or illegal equipment with corresponding functions.

Article 40 Where a banking financial institution or a non-banking payment institution violates the provisions of this Law and falls under any of the following circumstances, the relevant authorities shall order it to make correction. If the circumstances are minor, the offender shall be given a warning, circulated a notice of criticism, or be imposed a fine ranging from 50,000 yuan to 500,000 yuan; if the circumstances are serious, a fine ranging from 500,000 yuan to 5 million yuan shall be imposed, and the relevant authorities may order the offender to stop expanding new businesses, reduce the business type or scope, suspend the relevant business, stop the operation for rectification, or revoke the relevant business permit or the business license, and impose a fine ranging from 10,000 yuan to 200,000 yuan on the directly responsible supervisor and other directly liable persons:

(I) failure to implement the internal control mechanism against telecom or online fraud determined by the relevant national regulations;

(II) failure to perform the obligation of due diligence and relevant risk management measures;

(III) failure to perform the obligation of risk monitoring and relevant disposal for abnormal accounts and suspicious transactions; and

(IV) failure to transmit the relevant transaction information in a complete and accurate manner in accordance with the provisions.

Article 41 Where a telecom business operator or Internet service provider violates the provisions of this Law and falls under any of the following circumstances, the relevant authorities shall order it to make correction. If the circumstances are minor, it shall be given a warning, circulated a notice of criticism, or be imposed a fine ranging from 50,000 yuan to 500,000 yuan; if the circumstances are serious, a fine ranging from 500,000 yuan to 5 million yuan shall be imposed, and the relevant authorities may order it to suspend the relevant business, stop the operation for rectification, close the website or application, or revoke the relevant business permit or the business license, and impose a fine ranging from 10,000 yuan to 200,000 yuan on the directly responsible supervisor and other directly liable persons:

(I) failure to implement the internal control mechanism against telecom or online fraud as determined by the relevant national regulations;

(II) failure to perform the real-name system duties for online services, or failure to verify the Internet accounts registered in connection with the phone cards involved in the cases or fraud;

(III) failure to verify the authenticity and accuracy of domain name registration, resolution information and Internet protocol address, to standardize the forwarding of domain names, or to record or keep the log information of the corresponding services it provides according to the relevant provisions of the State;

(IV) failure to register and verify the real identity information of the developers and operators of the mobile internet applications, or failure to verify the functions and purposes of such applications, but providing applications packaging and distribution services;

(V) failure to perform the obligations to monitor, identify and handle the Internet accounts and applications involved in fraud, and other telecom or online fraud information and activities; and

(VI) refusing to provide technical support and assistance for the investigation and punishment of a crime of telecom or online fraud in accordance with the law or failing to refer relevant criminal clues and risk information in accordance with the regulations.

Article 42 Where the provisions of Article 14 or Paragraph 1 of Article 25 of this Law are violated, the illegal income shall be confiscated, and a fine ranging from one to ten times the illegal income shall be imposed by the public security organs or the relevant competent authorities; if there is no illegal income or the illegal income is less than 50,000 yuan, a fine of not more than 500,000 yuan shall be imposed; if the circumstances are serious, a detention of not more than 15 days shall be concurrently imposed by the public security organs.

Article 43 For any violation of Paragraph 2 of Article 25 of this Law, the relevant competent authorities shall order correction, give a warning, circulate a notice of criticism, or impose a fine ranging from 50,000 yuan to 500,000 yuan if the circumstances are minor; if the circumstances are serious, a fine ranging from 500,000 yuan to 5 million yuan shall be imposed, and the relevant competent authorities may order suspension of relevant business, suspending business for rectification, and close of website or applications, and a fine ranging from 10,000 yuan to 200,000 yuan shall be imposed on the person directly in charge and other directly liable persons.

Article 44 Where the provisions of Paragraph 1 of Article 31 of this Law are violated, the illegal income shall be confiscated, and a fine ranging from one to ten times the illegal income shall be imposed by the public security organs; if there is no illegal income or the illegal income is less than 20,000 yuan, a fine of not more than 200,000 yuan shall be imposed; if the circumstances are serious, a detention of not more than 15 days shall be imposed in combination.

Article 45 Where any staff member of the relevant authorities or organizations for anti-telecom and online fraud abuses his/her power, neglects his/her duties, plays favouritism and commits irregularities, or has other violations of this Law, which constitute a crime, he/she shall be held criminally liable according to law.

Article 46 Lawbreakers and criminals who organise, plan, implement or participate in telecom and online fraud or provide relevant assistance for such fraud shall bear civil liability in accordance with the Civil Code of the PRC and other laws, in addition to the criminal liability and administrative liability according to law if they have caused damage to others.Any telecom business operator, banking financial institution, non-banking payment institution or Internet service provider, etc. who violates this Law and has caused damage to others shall bear civil liability in accordance with the Civil Code of the PRC and other laws.

Article 47 In the performance of duties of anti-telecom or online fraud, the People’s Procuratorate may lawfully file public interest lawsuits with the People’s Court against acts that infringe upon the national interests and social public interests.

Article 48 The relevant entities or individuals who are unsatisfied with the decisions of administrative penalties and administrative measures taken in accordance with this Law may apply for administrative reconsideration or file an administrative lawsuit according to law.

Chapter 7 Supplementary Provisions

Article 49 Where this Law has not provided for the relevant management and responsibility system involved in anti-telecom or online fraud, the provisions of the Cybersecurity Law of the PRC, the Personal Information Protection Law of the PRC, the Anti-money Laundering Law of the PRC and other relevant laws shall apply.

Article 50 This Law shall come into force on 1 December 2022.