Obliged entities under the Financial Markets Anti-Money Laundering Act must comply with regulations designed to prevent money laundering and terrorist financing. Among other things, they must continuously monitor business relationships with their customers. If they suspect money laundering or terrorist financing is taking place, obliged entities must inform the Financial Intelligence Unit by means of a suspicious activity report.
But what does the continuous monitoring of the business relationship look like in practice? Are there any concerns about data protection law when suspicious activity reports are made or when information about these reports is passed on within the same group of companies?
- Mag.a Stefanie Chiba, Deputy Group Data Protection Officer at Generali Versicherung AG
- Dipl.-Ing Jürgen Viktor Repolusk M.A., Compliance Department at Erste Bank
- Mag.a Leyla Farahmandnia, attorney at STADLER VÖLKEL