Across Regulatory Headlines, (Not) All GDPR, All The Time

FSB Eyes Crypto Regulation

It wasn’t all about GDPR.

Well, a lot of it was.

You may be forgiven for thinking that the regulatory environment last week was all about data protection. Yes, the General Data Protection Regulation took the spotlight, debuting in Europe, as had been long anticipated, on May 25.

Perhaps among the poster children for debates around data and privacy, Facebook came into the headlines this past week. The news was that four complaints were filed against the company by privacy activist Max Schrems, centered on consent required to use online services. The suits were specifically lobbed at Facebook as well as the company’s Instagram and WhatsApp, and also against Google’s Android offering.

Said Schrems in a statement: “It’s simple: Anything strictly necessary for a service does not need consent boxes anymore. For everything else, users must have a real choice to say ‘yes’ or ‘no.’” He noted that “Facebook has even blocked accounts of users who have not given consent.”

The GDPR mandate, Schrems noted, states that choice must be in place, yet choosing only to delete accounts is not really free choice. Facebook has countered that the company has prepped for the past year-and-a-half for GDPR, issuing a statement that its own privacy settings are “easier to find” and that the firm has introduced what it has described as “better tools” for users to access, download and delete info.

As previously reported, regulators have said they are not ready to enforce GDPR. Earlier this month, 17 of 24 authorities who responded to a survey said they do not have what they need in terms of authority or funding to enforce rules.

In banking, the Office of the Comptroller of the Currency has issued new guidance that encourages banks to offer what are defined as responsible small/short-term loans to customers. Although no regulatory changes are afoot, the stance seems to be that it is okay for banks to embrace the space again, with the Community Bankers Association stating in a press release that regulatory uncertainty forced banks out … leaving families to rely on pawn shops, costly payday lenders or loosely regulated online lending during times of financial stress. This guidance sends a clear signal [that] bankers can help customers receive short-term loans within the well-regulated, cost-effective banking system.”

In international news, Estonia is still feeling the impact of money laundering to the tune of more than $13 billion, which flowed through banks between 2012 to 2016. The money was laundered through bank accounts that belonged to non-residents of the country, with a significant amount coming from Russia.

News reports stated this past week that a group of firms registered in London had opened “false accounts,” and that at least one of those firms’ ultimate ownership stakes could be traced to Russia. Investigations are still ongoing.



Digital transformation has been forcefully accelerated, but how does that agility translate into the fight against COVID-era attacks and sophisticated identity threats? As millions embrace online everything, preserving digital trust now falls mostly on banks and FIs. Now, advances in identity data and using different weights on the payment mix afford new opportunities to arm organizations and their customers against cyberthreats. From the latest in machine learning for fraud and risk, to corporate treasury teams working in new ways with new datasets, learn from experts how digital identity, together with advances like real-time payments, combine to engender trust and enrich relationships.