The creation of a database of regulatory and criminal information by 20 of the world biggest financial firms to be used for global background checks on customers goes "a step too far" and could compromise individual privacy, according to fraud expert Peter Dorrington from SAS.
The new Global Regulatory Information Database will combine data from 250 jurisdictions and is being compiled by Regulatory DataCorp International (RDC) which is funded by banks and investments firms including Citigroup, Goldman Sachs, CSFB, Bank of America, JPMorgan Chase, Lehman Brothers, Merrill Lynch, Morgan Stanley and UBS.
The database draws on more than 20,000 sources, including disciplinary actions in the past 30 years, lists of terrorists, organised crime figures, fugitives, drugs barons and senior politicians and their associates.
Although the increased vigilance and legislation against money launderers and ID thieves is welcomed, Dorrington says the database raises serious and lasting implications for customers.
Dorrington questions who is responsible for the accuracy of the data and the way policies and terms of reference are set up, saying it would be an infringement of basic human rights if the information was used for anything other than a very limited, clearly defined purpose.
"Who is acting as regulator or overseer of this scheme? Whom can the public go to if they believe that they have been wrongly associated with poor, incomplete or erroneous data held by RDC," says Dorrington.
He suggests that RDC be held fully accountable for any data abuses, misuses and mistakes, and that the banks backing the scheme assume an elevated duty of care for its management.