A Compliance Conundrum for Financial Institutions: U.S. Anti-Money Laundering Initiatives and the Forthcoming EU General Data Protection Regulation

Bloomberg Law


In this article, William Barry discusses the impact that European Union's General Data Protection Regulation (GDPR) will have on current anti-money laundering and counterterror finance compliance programs. "The GDPR will change the manner in which financial institutions may properly collect, process, use, share, and store data. This has direct and important ramifications for anti-money laundering and counterterror finance (AML/CTF) compliance programs at those institutions, particularly for financial institutions subject to U.S. AML/CTF requirements and the EU’s Fourth Anti-Money Laundering Directive," Barry wrote. "The challenge for financial institutions is to proactively develop a clear, defensible process to achieve GDPR compliance without diluting AML/CTF compliance. This will require a coordinated effort to understand existing tensions within the financial institution’s current processes and reorient company personnel in a manner that promotes the GDPR objectives of established rights to personal data protection and privacy."