Just over a year since the Data Protection Act 2018 (DPA 2018) set new standards for protecting personal data in accordance with the General Data Protection Regulation (GDPR), the Information Commissioner’s Office (ICO) has announced its intention to issue its first penalty fines under the new regime. The ICO intends to impose an eye watering £183m fine for a data breach on the ‘world’s favourite airline’ British Airways (BA) and £99m on Marriott, an international hotel group.
The government’s recent response to the House of Commons’ Treasury Select Committee report, ‘Economic Crime – Anti-Money Laundering Supervision and Sanctions Implementation’, provides some pointers for future policy initiatives in this area. These will be of particular interest to businesses in the property sector, others currently supervised by HMRC, and those on the receiving end of banks’ policies of ‘de-risking’.
After careful consideration of the concerns raised by complainants and certain MPs, the government rightly decided a change was necessary in order to strengthen this particular area of sexual offences within criminal law.
The so-called “Troika Laundromat” fraud, uncovered after one of the largest banking information leaks ever, highlights the ever-growing importance for those within the regulated sector to implement robust customer due diligence (“CDD”) policies which are tailored to the specific money laundering risks posed by their customers.