More needs to be done
The Commission proposals on money transfers, prevention of money laundering and terrorist financing need to do more than make mere references to data protection, said the European Data Protection Supervisor (EDPS) today. Specific safeguards, such as the right of individuals to be informed and the respect of the principles of proportionality and purpose limitation are essential to prevent ordinary citizens from being excessively profiled by service providers on dubious grounds with potentially damaging effects.
Giovanni Buttarelli, Assistant EDPS, said: “The growing trend to acknowledge the importance of data protection in proposals for legislation is a welcome one. But on closer examination, the claims are often not supported with concrete measures and safeguards. A lack of further details will also result in undue discrepancies among Member States. Data protection should therefore not be perceived as an obstacle to combat money laundering but as a basic requirement necessary to achieve this purpose”.
In his Opinion, published today, the EDPS acknowledges that these proposals are in principle a legitimate exercise in combating specific illegal activities in which the collection and analysis of personal information is a crucial instrument. However, the proposals oblige professionals, without appropriate guidance or training, to profile clients or potential clients and analyse large amounts of personal information. Any suspicions must be reported to the relevant authorities and failure to do so will result in sanctions against these professionals. This surreptitious collection of information and reporting is likely to result in a combination of over-reporting, under-reporting and mistakes.
The implications of possible mistakes are serious since anyone suspected of money laundering is likely to be ineligible for a number of important services. As the proposals currently stand, those wrongly suspected of money laundering or terrorist financing will have little right to recourse.
Furthermore, the personal information of clients and potential clients will sometimes be transferred to organisations or subsidiaries in third countries, where the data protection standards are not equivalent to those found in the EU.
Click here to see the EDPS recommendations.
Whitepapers
Related reading
Central banks best suited to issue digital currencies
By Aaran Fronda A recent report by the Official Monetary and Financial Institutions Forum (OMFIF) said that central banks rather than private ... read more
Instant payments: innovations inbound for corporates
In 2020, instant payments look set to continue their current trajectory to become the biggest trend in payments. While these schemes already offer numerous benefits to corporates, leveraging innovations such as APIs and request to pay will go some way to unlocking their full potential, argues Michael Knetsch
Obstacles exist for banks to meet ECB’s instant payments goal
The cost of joining instant payment platforms will be one of many hurdles banks and payment services providers must overcome to meet ... read more
Banks must be aware of “biases” in data used to train ML models
Financial institutions need to be conscious of biases in the historical data that is being used to train machine learning (ML) models, ... read more
