Implementation of the personal data minimization principle in financial institutions: Lithuania’s case

Laurinaitis, Marius; Štitilis, Darius; Verenius, Egidijus

doi:10.1108/jmlc-11-2020-0128

Cited by 2 publications

(1 citation statement)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…At the same time, in line with the data minimization principle known from personal data protection law [27], the EBA ML/TF Risk Factors Guidelines indicate that where data which might be of importance for AML/CFT purposes is not available to AISPs and PISPs in the context of PSD2, the guidelines do not require that AISPs and PISPs proactively request such information (feedback on responses to Guideline 18). For occasional Payment Initiation Service transactions, the legal ground for collecting information about the end user is the Payment Initiation Service itself.…”

Section: Resultsmentioning

confidence: 99%

Account Information and Payment Initiation Services and the Related AML Obligations in the Law of the European Union

Grabowski

2024

FinTech

View full text Add to dashboard Cite

The Second Payment Services Directive introduced new services into the European Union legal system—Payment Initiation and Account Information Services. These services are based on payment accounts already opened and maintained for customers by the Account Servicing Payment Service Provider (bank, payment institution, electronic money institution). The Account Services Payment Service provider performs AML/CFT verification of the account holder and applies customer due diligence measures to the account holder, such as identifying beneficial owners, obtaining information on the purpose and intended nature of the business relationship, and ongoing monitoring of the business relationship. Payment Initiation and Account Information services are therefore provided to a previously verified client and based on the payment account currently maintained for him. European Union law does not clearly specify whether a Third-Party Service Provider offering Payment Initiation or Account Information Services is obliged to re-apply financial security measures to customers. The aim of this article was to perform a legal analysis of the regulations and soft law acts in force in the European Union and to answer the question. The purposive (teleological) and linguistic–logical (grammatical) methods of interpretation of regulations were used for the analysis. The structure of the legal system of the European Union as a civil law (code law) system was taken into account. This article shows that in the current legal situation, there is no doubt that Third-Party Service Providers are obliged entities in terms of AML/CFT law and are obliged to apply the AML/CFT to customers using Payment Initiation and Account Information services. However, the degree to which customer due diligence measures have to be applied varies depending on the adopted model of providing Payment Initiation and Account Information services. Third-Party Service Providers will be obliged to apply financial security measures in cases where the relationship between the customer and the service providers will have a continuing character. In the case of occasional provision of services, when the transaction value does not exceed a certain threshold, the supplier may only perform simplified customer verification. In particular, this applies to Payment Initiation service models, where the Payment Initiation Service Provider works for merchants, enabling them to accept payments for goods and services sold. In such a model, the Service Provider has a continuous relationship with the merchant but only performs an occasional transaction for the user. The analysis also allowed for the conclusion that European Union law, including that in the draft phase, does not regulate in a sufficiently precise manner when a given model of Account Services and Payment Initiation Services may be treated as based on an occasional transaction. This made it possible to formulate a de lege ferenda request to include this issue in the proposal for an EU Regulation on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing.

show abstract

Section: Resultsmentioning

confidence: 99%

Account Information and Payment Initiation Services and the Related AML Obligations in the Law of the European Union

Grabowski

2024

FinTech

View full text Add to dashboard Cite

show abstract

Improving client risk classification with machine learning to increase anti-money laundering detection efficiency

Reite,

Karlsen,

Westgaard

2024

JMLC

View full text Add to dashboard Cite

Purpose This study aims to describe and empirically explore a new method for bank anti-money laundering (AML) systems using machine learning models. Current automated money laundering detection systems are notorious for flagging many false positives, causing bank employees to spend unnecessary time manually checking transactions that do not constitute money laundering. Decreasing the number of false positives can free up resources for investigating money laundering. Design/methodology/approach This study uses unique bank data on small- and medium-sized enterprises (SMEs) to examine how various client risk classification models can predict future suspicious transactions. This study explores various sources of client risk data and machine-learning approaches. Findings Client risk classification models can accurately predict suspicious future transactions. Adding accounting data and credit score information to client risk classification dramatically improves accuracy. This makes it easier to balance the risk of missing suspicious transactions with the need to reduce the number of false positives. Practical implications The suggested approach with readily available data sources and a focus on classifying client risk in a dynamic model can help banks significantly improve their efficiency by targeting their AML efforts toward the riskiest clients. Originality/value To the best of the authors’ knowledge, this study is the first to empirically explore machine learning in client risk classification, document how machine learning in client risk classification can significantly reduce false positives by incorporating novel, but readily available sources, such as credit risk and accounting data.

show abstract

Implementation of the personal data minimization principle in financial institutions: Lithuania’s case

Cited by 2 publications

References 2 publications

Account Information and Payment Initiation Services and the Related AML Obligations in the Law of the European Union

Account Information and Payment Initiation Services and the Related AML Obligations in the Law of the European Union

Improving client risk classification with machine learning to increase anti-money laundering detection efficiency

Contact Info

Product

Resources

About