EDPS finds major deficiencies in anti-money laundering proposals

More needs to be done

The Commission proposals on money transfers, prevention of money laundering and terrorist financing need to do more than make mere references to data protection, said the European Data Protection Supervisor (EDPS) today. Specific safeguards, such as the right of individuals to be informed and the respect of the principles of proportionality and purpose limitation are essential to prevent ordinary citizens from being excessively profiled by service providers on dubious grounds with potentially damaging effects.

Giovanni Buttarelli, Assistant EDPS, said: “The growing trend to acknowledge the importance of data protection in proposals for legislation is a welcome one. But on closer examination, the claims are often not supported with concrete measures and safeguards. A lack of further details will also result in undue discrepancies among Member States. Data protection should therefore not be perceived as an obstacle to combat money laundering but as a basic requirement necessary to achieve this purpose”.

In his Opinion, published today, the EDPS acknowledges that these proposals are in principle a legitimate exercise in combating specific illegal activities in which the collection and analysis of personal information is a crucial instrument. However, the proposals oblige professionals, without appropriate guidance or training, to profile clients or potential clients and analyse large amounts of personal information. Any suspicions must be reported to the relevant authorities and failure to do so will result in sanctions against these professionals. This surreptitious collection of information and reporting is likely to result in a combination of over-reporting, under-reporting and mistakes.

The implications of possible mistakes are serious since anyone suspected of money laundering is likely to be ineligible for a number of important services. As the proposals currently stand, those wrongly suspected of money laundering or terrorist financing will have little right to recourse.

Furthermore, the personal information of clients and potential clients will sometimes be transferred to organisations or subsidiaries in third countries, where the data protection standards are not equivalent to those found in the EU.

Click here to see the EDPS recommendations.

Related reading

Leave a comment