European regulators still have work to do to help businesses navigate conflicting requirements between this year’s payments overhaul and shifts in anti-money laundering and data protection reforms,...
Irish data protection authorities have seen a “significant” increase in both complaints and breach notifications since EU-wide reforms took effect in May, PaymentsCompliance can reveal.
The UK’s financial regulator has handed down a £16.4m fine to Tesco Bank for its failings in relation to a cyberattack in 2016, bringing to the fore questions of regulatory jurisdiction in a post...
On September 26, 2018, the Information Commissioner’s Office (ICO) announced that it had formally commenced enforcement proceedings against 34 organisations, including various financial...
On September 24, 2018, France’s data protection authority, the National Commission on Informatics and Liberty (Commission Nationale de l’Informatique et des Libertés - CNIL), published a study...
The General Data Protection Regulation (Regulation 2016/679), also known as GDPR, will significantly increase the responsibilities and obligations for payments businesses in how they collect and...
British Airways has confirmed that cardholders’ CVV numbers were accessed during a recent high-profile data breach, but said the highly sensitive information was not being stored internally.
Lawmakers in the Netherlands have touted the idea of a consent dashboard to be implemented by banks to help consumers manage access permissions given to third-party providers.
This practical guide provides an overview of the notion of “consent” under the General Data Protection Regulation (GDPR), based on the explanations given by the former Article 29 Working Party.
On August 13, 2018, the Act transposing the Network and Information Security Directive was published in the Portuguese official gazette. The act establishes a legal framework for the security of...
On August 2, 2018, HM Treasury published a discussion paper analysing the economic value of data and the challenges related to enhanced data-driven innovation. The paper is the first of a series of...
On May 15, 2018, the Data Protection Act 2018 of the Isle of Man entered into force under the order of the Council of Ministers. The act aims to enhance the protection of personal data and to...
On June 20, 2018, the Department for Digital, Culture, Media and Sport published a public consultation, in order to review the data controllers’ exemptions from paying charges to the Information...
On April 3, 2018, the Office of the Commissioner for Personal Data Protection launched a public consultation on a preliminary draft law implementing a number of the provisions of the General Data...
France’s data protection authority will be tasked with drafting guidelines on third-party access to non-payment accounts, after lawmakers failed to agree on broadening the scope of the revised...
New EU rules on data protection have had unintended consequences for firms fighting transaction laundering and fraud, due to restrictions placed on a global database seen as a critical resource by...

Pages