Dataskyddsrätten - tvättas svart eller vit? - En studie avseende förhållandet mellan regleringar om penningtvätt och dataskyddsrätt

Sammanfattning: The purpose of the thesis is to describe and analyze the relationship between regulations regarding money laundering and data protection law, in particular with regard to the handling of customer data that is used by banks to achieve customer knowledge. The thesis research questions include the bank's obligations regarding to money laundering regulations and the conditions that EU data protection regulations place on the bank's processing of personal data in order to achieve good customer knowledge. Today's technological development in society has not only made everyday life easier for the individual, but also criminals in economic crime. They take advantage of the increasing digitization by finding new ways to launder money from illegally black to legally white. As money laundering is a problem that occurs around the world, it is regulated at the international, European, and national level, which means that the thesis applies the legal dogmatic and EU legal method. At the international level, the Financial Action Task Force (FATF) is an organization that issues recommendations to promote work against money laundering. These recommendations form a central part of the EU's money laundering directive, which in turn is central to the Act (2017:630) on measures against money laundering and the financing of terrorism (the Money Laundering Act). The following regulations contain various measures that can be taken in the work to prevent money laundering, such as the banks' customer awareness form. In the case of customer knowledge, the bank obtains information by asking various questions about the customer, the origin of the money and any relatives of the customer. The process involves personal data being processed to collect relevant information, which means that the General Data Protection Regulation (2016/679) becomes relevant. The thesis concludes that banks, pursuant to the Money Laundering Act and the General Data Protection Regulation, must meet the conditions for processing personal data and ensuring customer knowledge. Despite the expectation of more explicit guidelines between the regulations, current interpretation only points to some uniformity. Improvement measures therefore need to be taken to support the customer's fundamental rights, where the money laundering regulations can currently be read against the background of EU data protection law as a process for increased transparency and protection of personal integrity.