On 1 November 2024, the regulations on the processing of personal data related to violations of the law, including sanction list checks of the Swedish Authority for Privacy Protection (IMY), enter into force. The regulations permit specific companies, particularly in the financial sector and the security and defence market, to process personal data related to legal violations when conducting checks against sanction lists. The regulations eliminate the previous requirement for companies to seek IMY’s permission for such data handling. The regulations seek to enhance compliance with legal obligations regarding anti-money laundering and terrorism financing measures.
Original source