With the General Data Protection Regulation — the European Union’ new regulation governing the use of EU personal data — taking effect tomorrow, ABA has developed several resources bankers can use to help them approach compliance.
While it remains unclear what effect the rule will have on U.S.-based banks offering banking products and services to European customers through internet banking websites, the statute recognizes that non-EU companies operating online that do not “envisage” doing business in the EU, or that inadvertently collect EU personal data, may not be subject to GDPR.
To assist domestic U.S. banks with their assessment of whether GDPR may apply, ABA has developed a checklist to use as the basis for a conversation between bank CEOs, board members, compliance officers, risk management team, IT staff and legal counsel. ABA members can find the checklist and other materials online at aba.com/GDPR. The page will continue to be updated as more materials become available. ABA will also host a free webinar on June 6 that will address what GDPR means for banks and how to comply. For more information, contact ABA’s Denyette DePierro.