Bank cited for noting client’s bank heist past

Bank cited for noting client's bank heist past
The Swedish Data Protection Board (Datainspektionen) has criticised Swedbank for registering the fact that a customer had a prior conviction for robbing one of it branches.

“Information regarding crimes or suspected crimes can under no circumstances be registered,” the board wrote in its instruction to the bank.

The information was registered in the bank’s internal information system and consulted when the man applied for a student account offer.

While the information on the man’s conviction would appear in a routine credit check, the board has found the bank in contravention of Sweden’s Personal Data Act (Personuppgiftslagen – PUL) for making a note of the fact.

The bank has meanwhile argued that the note was necessary in order to be able to properly consider (and deny) the man’s business – a right framed in the state deposit insurance law.

While the law stipulates that a customer can not be denied a bank account which is covered by the guarantee, the board pointed out that exceptions can be made if “for example, the applicant has previously acted dishonourably towards the bank”.

The customer was convicted of the armed robbery of a branch of Swedbank in 2008 and part of his sentence involved the payment of compensation, a claim which is yet to be settled.

The board concedes that robbing one of its branches and having an outstanding compensation claim, is a legitimate legal reason for Swedbank to deny a client’s business.

It is furthermore noted that bank has taken steps to review its routines and to train its staff on the stipulations contained in the Personal Data Act.

The Local/pvs

Follow Peter on Twitter here.

Member comments

Become a Member to leave a comment.Or login here.