E-commerce regulations
Chapter I General Provisions
Article 1 These Guidelines are formulated to standardize and guide the healthy development of electronic payment, safeguard the legitimate rights and interests of parties, guard against payment risks, and ensure the safety of banks and customers' funds.
Article 2 Electronic payment refers to the behavior that units and individuals (hereinafter referred to as customers) send payment instructions directly or authorize others through electronic terminals to realize monetary payment and fund transfer.
The types of electronic payment are divided into online payment, telephone payment, mobile payment, point-of-sale terminal transaction, ATM transaction and other electronic payments according to the initiation mode of electronic payment instructions.
These Guidelines are applicable to domestic banking financial institutions (hereinafter referred to as banks) to carry out electronic payment services.
Article 3 When conducting electronic payment business, banks shall abide by the provisions of relevant state laws and administrative regulations and shall not harm the interests of customers and the public.
Where a bank cooperates with other institutions to carry out electronic payment business, the qualification requirements of its cooperative institutions shall comply with the provisions of relevant laws and regulations, and the bank shall sign a written agreement and establish a corresponding supervision mechanism in accordance with the principle of fair trade.
Article 4 A customer shall open a bank settlement account (hereinafter referred to as an account) in a bank when handling electronic payment business, and the opening and use of the account shall comply with the Measures for the Administration of RMB Bank Settlement Accounts and the Provisions for the Administration of Domestic Foreign Exchange Accounts.
Article 5 Electronic payment instructions and paper payment vouchers can be converted to each other and have the same effect.
Article 6 The meanings of the following terms in these Guidelines are:
( 1)? Originating bank? , refers to the bank that accepts the customer's entrustment to issue electronic payment instructions.
(2)? Receiving line? , refers to the electronic payment instruction payee's bank; If the payee does not open an account in the bank, it means that the funds determined by the electronic payment instruction are remitted to the bank.
(3)? Electronic terminal? , refers to the computer, telephone, point-of-sale terminal, ATM, mobile communication tool or other electronic equipment that customers can use to initiate electronic payment instructions.
Chapter II Application of Electronic Payment Services
Article 7 Banks shall determine the conditions for customers to handle electronic payment business according to the principle of prudence.
Article 8 A bank handling electronic payment business shall publicly disclose the following information:
(1) The name, business address and contact information of the bank;
(2) Conditions for customers to handle electronic payment business;
(3) The types of electronic payment services provided, operating procedures and charging standards, etc. ;
(4) All possible risks of electronic payment transaction varieties, including operational risks of varieties, security measures not taken, security loopholes that cannot be taken, etc. ;
(5) Risks that may arise when customers use electronic payment transaction varieties;
(6) Warning information (such as cards, passwords, keys, electronic signature making data, etc.) to remind customers to properly keep, use or authorize others to use electronic payment transaction access tools. );
(7) Dispute and error handling methods.
Article 9 Banks should carefully examine the basic information of customers who apply for electronic payment services, and sign written or electronic agreements with customers.
The bank shall properly keep the customer's application materials according to the requirements of accounting file management, and the retention period shall be 5 years after the customer cancels the electronic payment business.
Article 10 When handling electronic payment services for customers, banks should agree with customers on appropriate authentication methods, such as passwords, keys, digital certificates and electronic signatures. , according to the nature of the customer, electronic payment type, payment amount, etc.
The agreement and use of authentication methods shall comply with the provisions of People's Republic of China (PRC) Electronic Signature Law and other laws and regulations.
Article 11 When a bank requests a customer to provide relevant information, it shall inform the customer of the purpose and scope of providing information, safety protection measures and the consequences of the customer's failure to provide or not to provide relevant information.
Article 12 A customer may designate an account in his bank settlement account to handle electronic payment business. This account can also be used to handle other payment and settlement businesses.
Bank settlement accounts not designated by customers may not handle electronic payment business.
Article 13 An electronic payment agreement signed between a customer and a bank shall include the following contents:
(1) The name and account number of the account designated by the customer to handle the electronic payment business;
(2) The customer shall ensure the payment ability of the electronic payment business account;
(3) Electronic payment types, transaction rules and authentication methods agreed by both parties;
(4) The bank's obligation to keep confidential the application materials and other information provided by customers;
(5) The time and method for the bank to provide transaction records according to the customer's requirements;
(6) Disputes, mishandling and liability for damages.
Article 14 In any of the following circumstances, the customer shall submit an electronic or written application to the bank in time:
(1) The electronic payment agreement is terminated;
(2) The basic information of customers has changed;
(3) The agreed authentication method needs to be changed;
(4) The information and access tools related to the electronic payment business are stolen or lost;
(5) Other circumstances agreed between the customer and the bank.
Fifteenth customers use electronic payment to engage in activities in violation of national laws and regulations, banks should stop handling electronic payment business for them according to the requirements of the competent authorities.
Chapter III Initiation and Receiving of Electronic Payment Instructions
Article 16 The customer shall initiate the electronic payment instruction according to the agreement with the initiating bank.
Article 17 The initiating bank of electronic payment instructions shall establish necessary security procedures to confirm the identity of customers and electronic payment instructions, and form log files and other records, which shall be kept for 5 years after the transaction.
Article 18 The initiating bank shall take effective measures to prompt the customer to confirm the accuracy and completeness of the instruction before the customer issues the electronic payment instruction.
Article 19 The initiating bank shall ensure the correct execution of the customer's electronic payment instruction, and can provide the customer with a paper or electronic transaction receipt after confirming the electronic payment instruction.
After the initiating bank executes the electronic payment instruction that has passed the security procedure, the customer may not request to change or cancel the electronic payment instruction.
Article 20 The initiating bank and the acquiring bank shall ensure that the transmission of electronic payment instructions is traceable, auditable and unalterable.
Article 21 The initiating bank and the acquiring bank shall send, receive and execute the electronic payment instruction in time according to the agreement, and reply for confirmation.
Article 22 Where an electronic payment instruction needs to be converted into a paper payment voucher, the paper payment voucher must record the following items (the specific format shall be determined by the bank):
(a) The name and signature of the drawee's bank;
(2) The name and account number of the payer;
(3) the name of the receiving bank;
(4) the name and account number of the payee;
(5) the amount expressed in words and figures;
(6) Initiation date and transaction serial number.
Chapter IV Safety Management
Article 23 The information security standards, technical standards and business standards adopted by banks to carry out electronic payment services shall comply with the relevant provisions.
Article 24 A bank shall establish an effective risk management system for electronic payment business activities.
Article 25 A bank shall, according to the principle of prudence, make reasonable restrictions on the types of electronic payment, the amount of single payment and the accumulated daily payment for different customers.
When a bank handles electronic payment services for individual customers through the Internet, the single amount shall not exceed RMB 65,438+0,000, and the daily cumulative amount shall not exceed RMB 5,000, except for security authentication methods such as digital certificates and electronic signatures.
When a bank handles electronic payment business for its customers, the amount paid by an enterprise customer from its bank settlement account to an individual bank settlement account shall not exceed 50,000 yuan, except that the bank and the customer can provide effective payment basis in advance through agreement.
Banks should set the credit line of online payment transactions within the credit line of customers' credit cards for customers to choose, but the credit line shall not exceed the cash line of credit cards.
Article 26 A bank shall ensure the security of the electronic payment business processing system, the non-repudiation of important transaction data, the integrity of data storage and the authenticity of customer identity, and properly manage the authentication data such as passwords and keys used in the electronic payment business processing system.
Article 27 Banks shall not use customer information and transaction records beyond the scope permitted by laws and regulations and authorized by customers.
Banks should keep confidential the information and transaction records of customers according to law. Unless otherwise stipulated by national laws and administrative regulations, banks should refuse inquiries from any unit or individual other than the customer himself.
Article 28 A bank shall make an agreement with its customers to provide them with information such as transaction records, fund balance and account status in a timely or regular manner.
Article 29 Banks shall take necessary measures to protect the integrity and reliability of electronic payment transaction data:
(1) Formulating corresponding risk control strategies to prevent intentional or unintentional changes in the electronic payment business processing system that endanger data integrity and reliability, and having effective business capabilities, business continuity plans and emergency plans;
(two) to ensure that the design of electronic payment transactions and data recording procedures can be effectively detected when they are changed without authorization;
(3) Effectively prevent electronic payment transaction data from being tampered with during transmission, processing, storage, use and modification, and any tampering with electronic payment transaction data can be detected through transaction processing, monitoring and data recording functions;
(four) in accordance with the requirements of accounting file management, the electronic payment transaction data are properly preserved in the form of paper or magnetic media for a period of five years, and it is convenient for reference.
Article 30 A bank shall take necessary measures to keep the transaction data of electronic payment confidential:
(1) Access to electronic payment transaction data must be reasonably authorized and confirmed;
(2) Electronic payment transaction data shall be kept safely, and shall be protected from unauthorized viewing or illegal interception when transmitted on public, private or internal networks;
(3) The third party's acquisition of electronic payment transaction data must comply with the provisions of relevant laws and regulations, as well as the Bank's standards and control systems on data use and protection;
(four) access to electronic payment transaction data must be registered, and ensure that the registration is not tampered with.
Article 31 A bank shall ensure that the operators, managers and system service providers of the electronic payment business processing system have reasonable authorization control:
(a) Ensure that the authentication data required for entering electronic payment business accounts or sensitive systems are protected from tampering and destruction. This tampering should be detectable, and audit supervision should be able to correctly reflect these tampering attempts.
(2) Any inquiry, addition, deletion or change of authentication data shall be authorized as required, and shall be recorded in an unchangeable log.
Article 32 A bank shall take effective measures to ensure the separation of duties in the electronic payment business processing system:
(1) Testing the electronic payment business processing system to ensure the separation of duties;
(2) The personnel who develop and manage the electronic payment business processing system remain separated;
(3) The transaction procedure and internal control system are designed to ensure that no single employee or external service provider can complete the transaction independently.
Article 33 A bank may outsource some electronic payment services to legal professional service institutions according to relevant regulations, but the obligations and corresponding responsibilities of the bank to customers shall not be transferred due to the establishment of outsourcing relationship.
Banks should sign agreements with professional service organizations related to electronic payment business, and establish a set of comprehensive and continuous procedures to manage their outsourcing relationship.
Article 34 If a bank uses digital certificates or electronic signatures for customer identity authentication and transaction authorization, it is suggested that a legal third-party authentication institution provide authentication services. If a customer suffers losses due to a transaction based on certification services, and the certification service institution cannot prove its innocence, it shall bear corresponding responsibilities according to law.
Article 35 The information processing and capital settlement of RMB electronic payment transactions in China shall be completed in China.
Article 36 A bank's electronic payment business processing system shall ensure that the electronic payment transaction information is completely recorded and disclosed in accordance with relevant laws and regulations.
Article 37 A bank shall establish a reporting system for major events in the operation of electronic payment business, and report the events that endanger the operation safety of electronic payment business to the regulatory authorities in a timely manner.
Chapter V Error Handling
Thirty-eighth electronic payment business error handling should follow the principle of truthfulness, accuracy and timeliness.
Article 39 A bank shall designate corresponding departments and business personnel to be responsible for error handling of electronic payment business, and clarify their rights and responsibilities.
Article 40 A bank shall properly keep the transaction records of electronic payment business and make detailed records of errors in electronic payment business. The contents of the record shall include the time when the error occurred, the contents of the error, the names of departments and personnel handling the error, customer information, the impact or loss of the error, the cause of the error, the handling result, etc.
Article 41 If customer information is leaked or tampered with due to improper storage and use of the bank, the bank shall take effective measures to prevent customer losses, and timely notify and assist customers to remedy.
Article 42 If the electronic payment instruction cannot be delivered at the agreed time, is incomplete or tampered with due to the reasons of the bank's own system, internal control system or the third-party service organization providing services for it, thus causing losses to customers, the bank shall make compensation as agreed.
If losses are caused to customers due to the reasons of third-party service organizations, the bank shall compensate them, and then make recovery according to the agreement with the third-party service organizations.
Article 43 If the receiving bank fails to execute, incorrectly executes or delays the execution of the electronic payment instruction due to its own system or internal control system, it shall promptly correct the customer's money.
Article 44 Customers shall properly keep and use the access tools for electronic payment transactions. If the electronic payment service data and access tools are stolen or lost, the bank shall be notified in time according to the agreed methods and procedures.
Article 45 If the non-capital owner embezzles other people's access tools to issue electronic payment instructions, and his identity authentication and transaction authorization pass the security procedures of the initiating bank, the initiating bank shall actively cooperate with the customer to find out the reasons and minimize the customer's losses.
Article 46 If the customer finds that the operation is not in accordance with the regulations, or the electronic payment instruction is not executed, is not executed correctly or is delayed for other reasons, he shall notify the bank in accordance with the agreed procedures and methods within the agreed time. Banks should actively investigate and inform customers of the results of the investigation.
If the bank finds that the electronic payment instruction is not executed, not executed correctly or delayed due to the customer's reasons, it should take the initiative to inform the customer to correct or cooperate with the customer to take remedial measures.
Article 47 If the electronic payment instruction is not executed, executed incorrectly or delayed due to force majeure, the bank shall take active measures to prevent the loss from expanding.
Chapter VI Supplementary Provisions
Article 48 The People's Bank of China shall be responsible for the interpretation and revision of these Guidelines.
Article 49 These Guidelines shall come into force as of the date of promulgation.
Liability principle for violating e-commerce contract
The principle of liability for breach of contract in e-commerce refers to the legal principle of determining the establishment of liability according to the legal reasons for liability.
Breach of contract violates the obligations agreed by both parties. The principles of liability for breach of contract and tort are different. Tort liability is based on the principle of fault liability, supplemented by the principles of fault presumption, fair liability and no-fault liability. The liability for breach of contract is mainly based on the principle of strict liability, supplemented by fault liability. The different principles of imputation directly determine the different burden of proof of the parties. Implementation of fault liability? Who advocates who gives evidence? That is, the victim should bear the burden of proof for the claim that his perpetrator should bear tort liability, except for the special tort stipulated by law. The principle of strict liability implements the inversion of burden of proof, that is, the breaching party proves that there is an exemption for its breach of contract.
Tort liability takes the fact of damage as the constitutive element, and no damage means no responsibility; Generally speaking, however, the liability for breach of contract is not based on actual damage, except the liability for damages for breach of contract. In tort, the actor is only responsible for his own tort. However, the principle of social justice and the principle of relativity of contracts determine that the debtor should bear the liability for breach of contract caused by a third party, but can recover from the third party. Article 12 1 of China's contract law stipulates? If one party breaches the contract due to the reason of a third party, it shall be liable to the other party for breach of contract. Disputes between the parties and the third party shall be settled according to law or in accordance with the agreement. ?
According to the provisions of China's contract law, if a party fails to perform its contractual obligations or fails to meet them, it shall be liable for breach of contract such as continuing to perform, taking remedial measures or compensating for losses. If the contract cannot be performed due to force majeure, the liability shall be exempted in part or in whole according to the influence of force majeure, unless otherwise stipulated by law. If force majeure occurs after the delay in performance, the parties concerned cannot be exempted from their responsibilities. If one party is unable to perform the contract due to force majeure, it shall notify the other party in time to reduce the possible losses to the other party and provide proof within a reasonable period of time. After one party breaches the contract, the other party shall take appropriate measures to prevent the loss from expanding; If appropriate measures are not taken to expand the losses, no compensation shall be claimed for the expanded losses. The reasonable expenses incurred by the parties to prevent the loss from expanding shall be borne by the breaching party. It can be seen that China's Contract Law implements the principle of strict liability. Except for statutory and agreed exemptions, as long as the parties to a contract breach the contract, they shall bear the liability for breach of contract according to law.
In e-commerce transactions, if one party leaks or improperly uses the other party's business secrets, it may also constitute civil liability. The disclosure or improper use of trade secrets has long been stipulated in the contract law. Article 43 of the Contract Law stipulates that the business secrets known by the parties in the process of concluding a contract shall not be disclosed or improperly used, regardless of whether the contract is established or not. If the disclosure or improper use of business secrets causes losses to the other party, it shall be liable for damages.
Financing methods of e-commerce enterprises
1. Bank loan: The qualification requirements of traditional bank credit loans are contradictory to the reality of small and medium-sized enterprises, which is difficult for most network operators to meet. For the bank's mortgage, pledge, guarantee, joint guarantee and other financing models, light asset network operators are also difficult to meet. In addition, online merchants have high borrowing frequency and fast capital turnover, while bank loans are mostly used for single credit documents, which are non-recoverable, take a long time to approve and slow down the next payment. On the whole, the traditional credit model of banks can no longer meet the needs of online merchants. At the same time, considering the safety of funds, banks mainly lend to large and medium-sized enterprises, and small enterprises only account for about 20%, which is more difficult for micro enterprises.
2. Small loan companies: On the one hand, the loan scale of more than 3,000 small loan companies nationwide is far from meeting the financing needs of small and micro enterprises, which is limited by policies. Except for a few areas such as Zhejiang and Chongqing, the financing ratio of most small loan companies is still 50%, which restricts the business development of small loan companies and the corresponding financial support for small and micro enterprises. On the other hand, considering their own business risks, small loan companies also have certain requirements for loan conditions, and the loan interest is not low. Take Shanghai as an example. Generally, there are loans with automobile mortgage, red-chip mortgage and other collateral, with monthly interest 1. 5% or more, and the monthly interest rate of pure credit loans exceeds 2%, which has high requirements and strict conditions for customers. Few customers get loans, and the interest rate of some loans has reached the lower limit of usury. Most of the loans of small loan companies still depend on mortgages and guarantees. For network operators, it is acceptable as temporary liquidity and unbearable for long-term use. Most online merchants, however, have no strong background and lack the necessary collateral and guarantor.
3. Private lending: In addition to interest-free loans from relatives and friends, general private lending does not require collateral, but it may require intermediary guarantee. The annualized interest rate is between 20% and 30%, and short-term loans are even as high as 80% annualized. In Zhejiang, Fujian and other coastal areas, there have been loans with a monthly interest rate of 30%, which is higher than usury. It is almost impossible to make a profit at such a high capital operation cost. If it's not really needed, online merchants might as well not borrow it.
4. Online lending platform: In recent two years, the emerging P2P online lending platform has solved the funding problem for many people and enterprises through the Internet. As a lender, online merchants need to pay attention to three points. First, it is a fact that the P2P industry is mixed and chaotic. Choosing a high-quality P2P platform can not only get loans quickly, but also help to accumulate credit rating and increase the loan amount. Second, the interest of bidding needs to be calculated strictly. At present, the interest rates of 20% and 30% for most P2P platforms are not affordable for most network operators. Third, pay attention to credit and repay in time. On the online lending platform, investors and lenders don't know each other, so it is difficult for investors to judge the credit status of lenders. When giving a borrower a loan, investors will not only consider whether the loan business has secured the principal through the platform, but also pay attention to the lender's credit record on the platform. The higher the credit rating, even if the interest rate is relatively low, there are enough investors to bid.