New publication by Dominika Kuźnicka-Błaszkowska

A recent article analyses the Polish data protection authority’s decisions against ING Bank and the growing tension between GDPR enforcement and anti-money laundering obligations in the banking sector.

The study shows how routine identity-document scanning, long treated as standard AML practice, was found to breach core GDPR principles, and how such enforcement can have wider consequences for onboarding processes, compliance certainty and financial stability. The paper calls for better coordination between data-protection and financial supervisors to avoid placing banks in contradictory regulatory positions.

📘 When Privacy Collides with Financial Stability: PUODO’s ING Rulings and the GDPR–Banking Interface, European Data Protection Law Review 4/2025, pp. 528-534. See: https://edpl.lexxion.eu/article/EDPL/2025/4/16

Funded by: National Science Centre, Poland (project no. 2023/51/D/HS5/00077), PI Katarzyna Parchimowicz