Banks & FinTech

The banking and financial services sector (Banks & FinTech) is an extremely regulated sector. Specific provisions stipulate many legal obligations and the sector has been in public interest since the latest crisis in 2007. Moreover, due to banking secrecy, Data Protection has always played a fundamental, important role in this industry. Nowadays, the processing of Personal Data takes place digitally, automatically and in large computer centers. In addition, there is the possibility to work together with service providers. Accounts, payment transactions, postings – no business operation is possible without digital data. From a Data Protection point of view, digitization requires a more differentiated analysis of existing data and the extraction of completely new data as one of the most valuable raw materials of the future.

The GDPR also creates a considerable need for additional action on the part of banks and credit institutions. For example, new contracts must be concluded that consider Data Processing on behalf of the Data Controller (Art. 28 GDPR), the conflict between Data Protection and Compliance must be kept in mind. As well as the clear regulation on theĀ  reporting of Data Breaches. In principle, Data Breaches are now subject to an obligation to report to the competent Supervisory Authorities, irrespective of the category of data concerned (Art. 33 f. GDPR).

The requirements for Data Protection for banks and financial service providers are correspondingly high. In addition, the banks hae an obligation regarding combat and prevention of money laundering and other criminal offences.

Our services for Banks & FinTech

We advise banks and financial service providers of this sector on all aspects of Data Protection Organization. In addition to the general processing, including the handling of customer and employee data, topics such as credit decision processes, cross-border data traffic and new technologies such as cloud computing or mobile banking are part of our consulting services. We examine new developed products or processes with expert opinions or accompany their development in an advisory capacity. In line with the other needs of the financial sector, we also provide advice prior to certification in accordance with the Payment Card Industry Data Security Standard (PCI-DSS).