27 March 2017
visit nextgenbanking.co.uk

Swift data privacy not under our jurisdiction - ECB

01 February 2007  |  4673 views  |  0 Source: European Central Bank

The European Central Bank (ECB) would like to note that central banks are responsible for fostering financial stability and promoting the smooth operation of payment and settlement systems.

As SWIFT is a messaging provider and not a payment system, central bank oversight of SWIFT (performed by the G101 central banks and the ECB) focuses on its technical security, operational reliability, resilience, appropriate governance arrangements, and its having in place risk management procedures and controls. The monitoring of SWIFT activities that do not affect financial stability is not a matter for central bank oversight and therefore the US Treasury sub-poenas of SWIFT were outside the purview of central bank oversight. The Oversight Group has no authority to oversee SWIFT with regard to compliance with data protection laws. The request by the European Data Protection Supervisor to bring data protection compliance within the remit of central bank oversight would not be in line with the allocation of legal responsibilities.

In each jurisdiction where SWIFT operates, compliance with mandatory laws is the responsibility of the authorities designated by the law. This also applies to data protection. It has also been pointed out that SWIFT provides services throughout the world, and we recommend that any measure adopted should take into account the global aspect of SWIFT's services. The ECB understands that initiatives have been taken in this context vis-à-vis the US Government; joint action by the EU institutions and bodies competent on data protection and on payment systems legislation as well as authorities responsible for the fight against terrorism is also urgently needed. The issue at stake requires action by the EU legislator, namely to provide legal certainty in areas where data protection might conflict with legislation on the fight against terrorism, and action by the European Union's foreign relations bodies in what relates to specific action regarding the US subpoenas.

The ECB is subject to Council Regulation (EC) No 45/2001 of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data. When using SWIFT services, the ECB will seek the consent for such use from its individual counterparties in payment transactions (i.e. employees and individual service providers) and continue to make use of SWIFT services by means of an explicit condition in the relevant documentation. When asking for this consent, the ECB will explicitly refer to its use of SWIFT and SWIFT's database storage. This processing conditional upon consent will be an explicit condition in the relevant documentation. Payment orders from natural persons who do not consent to the use of SWIFT cannot be processed. The ECB has investigated possible alternatives to using SWIFT services and has had to conclude that at this stage no feasible alternatives, which meet its expectations concerning availability, non-repudiation, security and reachability, are available.

On the same issue, the ECB has responded to questions raised by Mrs Pervenche Berès, the Chairwoman of the Committee on Economic and Monetary Affairs of the European Parliament and Mr Jean-Marie Cavada, the Chairman of the Committee on Civil Liberties, Justice and Home Affairs of the European Parliament, regarding the ECB's follow-up to the Article 29 Working Party on the processing of personal data by SWIFT.

Comments: (0)

Comment on this story (membership required)

Related company news

 

Related blogs

Create a blog about this story (membership required)
Visit capgemini.comvisit abe-eba.eu

Top topics

Most viewed Most shared
French retailer Carrefour launches online bank accountFrench retailer Carrefour launches online...
57409 views comments | 16 tweets | 36 linkedin
European Commission opens public consultation on fintechEuropean Commission opens public consultat...
9895 views comments | 44 tweets | 26 linkedin
MAS to roll out national KYC utility for SingaporeMAS to roll out national KYC utility for S...
9077 views comments | 26 tweets | 32 linkedin
Can banks really win in the payments business of the future? – new Finextra reportCan banks really win in the payments busin...
9012 views comments | 23 tweets | 37 linkedin
SecureKey taps IBM to put identity on the blockchainSecureKey taps IBM to put identity on the...
7465 views comments | 22 tweets | 15 linkedin

Featured job

Six Figure Base + Commission + Stock Options
London

Find your next job