Volume: 14 Issue: 3
The Italian data protection authority (‘Garante’) announced, on 10 March 2017, that it had issued fines of over €11 million to five companies operating in the money transfer sector, namely Yume s.r.l., Marc 1 s.r.l., Sigue Global Service Limited, Sirama s.r.l., and Euro Communication System s.r.l. (‘the Companies’), for breaching the Personal Data Protection Code, Legislative Decree No. 196/2003 (‘the Privacy Code’). In particular, an investigation by the Financial Police found that Sigue Global Service, aided by the other four companies, collected and transferred to China the monetary sums of Chinese entrepreneurs in violation of anti-money laundering (‘AML’) and data protection legislation. The Companies fractioned the operations so that the transfers made were below the threshold specified by AML legislation and unlawfully used the personal data of over 1,000 unaware customers, making them appear as the senders of the payments.
“The money transfer business has long been under scrutiny by the Garante,” Antonello Soro, President of the Garante, told Data Protection Leader. “The fact that customers are left in the dark whilst their data are used to dodge AML laws is bound to be a source of major concern to us because it impacts not only data protection, but also the legal framework protecting our country’s economic system.”