Do AML Responsibilities Override Your Data Protection Obligations? Let's Clear the Air!

While AML legislation requires firms to collect and assess client information before doing business, it doesn’t excuse you from complying with GDPR. AML law provides a legal basis for the obtaining and processing of this information, however, there are other responsibilities to consider. Here are the top three areas to watch out for:

1️. Secure Information Handling:

Avoid receiving AML data via email, especially sensitive documents like passports or IDs. Email isn’t secure!

AML information should be stored securely, and retained in a location that has restricted and controlled access.

2. Limited Use Of Data:

This data is obtained for the purpose of crime detection and prevention only. It cannot be used for another purpose. In particular, be careful not use this privileged information as a basis for marketing or promoting additional services.

3. Data Retention:

All information provided for this purpose should have a natural end of life. This is typically five years following the date of cessation of business with a client. Holding this data for longer is a breach of the principal of ‘storage limitation’ and can expose a firm to harm.

AML and Data Protection regulation is rarely in conflict, however, can be considered by some to be open to interpretation. This opening often attracts enthusiastic debaters. When considering these issues I think that a large degree of common sense and practicality should be applied. This is more likely to save you time and effort, and on most occasions keep you on the right side of the law.

#GDPR #DataProtection #AMLCompliance #LegalTech

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Analytics" category.
cookielawinfo-checkbox-necessary	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Necessary" category.
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
elementor	never	This cookie is used by the website's WordPress theme. It allows the website owner to implement or change the website's content in real-time.
rc::a	never	This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
rc::c	session	This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
viewed_cookie_policy	1 year	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
wpEmojiSettingsSupports	session	WordPress sets this cookie when a user interacts with emojis on a WordPress site. It helps determine if the user's browser can display emojis properly.

Cookie	Duration	Description
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gcl_au	3 months	Google Tag Manager sets the cookie to experiment advertisement efficiency of websites using their services.
CONSENT	16 years 4 months	These cookies are set via embedded youtube-videos. They register anonymous statistical data on for example how many times the video is displayed and what settings are used for playback.No sensitive data is collected unless you log in to your google account, in that case your choices are linked with your account, for example if you click “like” on a video.

Cookie	Duration	Description
_pk_id.1.1e46	1 year 1 month	Description is currently not available.
_pk_ses.1.1e46	1 hour	Description is currently not available.

Cookie	Duration	Description
test_cookie	15 minutes	doubleclick.net sets this cookie to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	6 months	YouTube sets this cookie to measure bandwidth, determining whether the user gets the new or old player interface.
VISITOR_PRIVACY_METADATA	6 months	YouTube sets this cookie to store the user's cookie consent state for the current domain.
YSC	session	Youtube sets this cookie to track the views of embedded videos on Youtube pages.
yt.innertube::nextId	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.

Cookie	Duration	Description
yt-player-headers-readable	never	The yt-player-headers-readable cookie is used by YouTube to store user preferences related to video playback and interface, enhancing the user's viewing experience.
ytidb::LAST_RESULT_ENTRY_KEY	never	The cookie ytidb::LAST_RESULT_ENTRY_KEY is used by YouTube to store the last search result entry that was clicked by the user. This information is used to improve the user experience by providing more relevant search results in the future.

1️. Secure Information Handling:

2. Limited Use Of Data:

3. Data Retention:

Solutions

Trust

Company

Why 'AML Manager'

1️. Secure Information Handling:

2. Limited Use Of Data:

3. Data Retention:

Solutions

Trust

Company

Why 'AML Manager'

NEW

Secure and easy transfer of documents