The European Data Protection Board (EDPB) has reiterated its concerns about the EU's proposed anti-money laundering plans, which it expressed last year.
The EDPB warned in a letter to Mairead McGuinness, European Commissioner for Financial Services, and Didier Reynders, European Commissioner for Justice, that the new AML proposals would have a "disproportionate negative impact to the rights and freedoms of individuals and would lead to significant legal uncertainty" without "further amendments."
The EDPB urged EU institutions to include the body in discussions about the bloc's AML proposals, urging them to make "crucial modifications" to the proposals on the private sector and the creation of AMLA.
Parts of the concerns expressed in a statement published in December 2020, as well as a letter published in May 2021, are echoed in the letter published earlier this week.
The EDPB notes that the European Commission has included "specific provisions" on the processing of special categories of data, as well as the processing of personal data relating to criminal convictions and offences, since the publication of these letters.
Despite these provisions, the EDPB has requested that the European Commission implement additional safeguards in relation to personal data processing in order to ensure compliance with GDPR Articles 9 and 10.
"The AML legislative proposals do not provide specific rules in relation to the sources to be used by obliged entities for gathering information, and in relation to information provided by data service providers of so-called ‘watch-lists," the EDPB stated.
The EDPB has been consulted in the drafting and adoption of regulatory technical standards, guidelines, and recommendations, which the body believes should be included in the AML legislative proposals.
The EDPB has urged the Commission to "better specify the conditions and limits" of processing special categories of data and personal data linked to criminal convictions, as well as to provide "additional provisions" regarding information sources.
The EDPB Chair, Andrea Jelinek, wrote a letter warning of obligated entities that use providers of "watch-lists," saying that the "processing of personal data performed by these ‘watchlists’ raises important data protection issues."
She went on to say that "better consistency between AML legislative proposals and GDPR principles… would improve the efficiency of the implementation of the AML/CFT legal framework."
By fLEXI tEAM