Banking confidentiality or banking secrecy is a professional obligation of bankers (and others) to keep the details of clients’ financial and personal affairs confidential. In this regard, the terms financial confidentiality, banking security, and financial privacy are also often used. An agreement between a bank and its customers that all personal and financial data is kept confidential is intended to protect the customer’s interests, not the financial institution’s.
Confidentiality is an essential component of banking ethics, aimed at creating a trusting atmosphere necessary for the efficient operation of the banking sector.
Banking confidentiality implies that all information obtained by the bank in the course of business relations should not be used for insider gain, it should also not be transferred to other persons or publicly disclosed. The duty of confidentiality towards customers in banking is governed by the laws of a particular jurisdiction.
Banking secrecy includes the following information:
- information about customer’s bank accounts;
- information about transactions carried out on the client’s account;
- information about the client’s financial and economic status;
- passport data of individuals and details of legal entities.
It is also worth noting that within the European Union, the rights of customers to protect their confidential data and the internal procedures of banks regarding handling customer complaints about privacy violations must comply with EU legislation in the field of personal data protection, including the General Data Protection Regulation (GDPR).
According to the GDPR, customers have the following rights to protect their sensitive data:
- The right to access your personal data and information about how it is used;
- The right to correct your personal information if it is inaccurate;
- The right to delete your personal data (the right to be “forgotten”);
- The right to restrict the processing of your personal data;
- The right to have your personal data transferred to another controller;
- The right to object to the processing of your personal data.
In addition, customers may contact the competent data protection authority in their country if they believe their privacy rights have been violated. In the EU, each country has its national authority responsible for implementing the requirements and protecting personal data under the GDPR.
In case of violation of the confidentiality of banking information, customers can contact the bank to resolve the problem. The bank must have complaints procedures that satisfy the customer’s rights to protection and confidentiality. In case of an unsuccessful outcome, customers may contact the banking regulator or the competent data protection authority.
Thus, in the EU, customers have broad rights to protect their confidential data, and banks have an obligation to protect this data and use it only with the customer’s permission, except as expressly provided by law.
From the history of the concept. It is generally accepted that the banking confidentiality practice was first applied in the 17th century by Italian merchants who operated in Northern Italy (in the region that later became the Italian-speaking region of Switzerland). Swiss banking secrecy was first enshrined in the Banking Law in 1934, making it a crime to disclose customer information to third parties without the latter’s consent.
Disclosure of confidential banking information
The confidentiality of bank customers is not absolute. In some cases, the client’s private information may be requested through the court as part of certain procedural actions, including criminal ones. In addition, under anti-money laundering and anti-terrorist financing laws, banks are required to report suspicious transactions to the police or other competent authorities. However, in some countries, banking confidentiality means that banks do not have the right to disclose information about their customers’ accounts to the authorities. It applies to countries such as Switzerland, Singapore and Luxembourg.
