AML and data protection
AML and data protection

The following Risk & Compliance practice note provides comprehensive and up to date legal information covering:

  • AML and data protection
  • The data protection regime
  • How is data protection regulated?
  • UK GDPR
  • Who is the regulator?
  • What is personal data?
  • Lawful ground for processing
  • Restriction on processing personal data for non-AML/CTF purposes
  • Information requirements
  • Protecting and retaining CDD data
  • More...

AML and data protection

This document reflects the UK GDPR regime. References and links to the GDPR refer to the UK GDPR (Retained Regulation (EU) 2016/679) unless expressly stated otherwise.

The provisions of the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (DPA 2018) creates some challenges under the anti-money laundering (AML) and counter-terrorist financing (CTF) regime, including:

  1. complying with information requirements

  2. the requirement not to use personal data collected for AML/CTF reasons for other purposes

  3. protecting the customer data you collect during the customer due diligence (CDD) process

  4. sharing customer data with law enforcement agencies, eg by making suspicious activity reports (SARs) or responding to enquiries, and

  5. data subject access requests (DSARs) and tipping-off offences

This Practice Note begins with a brief overview of the data protection regime and its principles and then explains these challenges, providing practical guidance on how to approach them. It reflects the requirements of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLR 2017), SI 2017/692 which came into force on 26 June 2017. It provides guidance which is of general application. You should check whether MLR 2017, SI 2017/692 contains additional or varied requirements for your sector and whether your regulatory body has any additional, sector specific requirements in relation to data protection.

The data protection regime

To comply with the

Related documents:

Popular documents