Sweden: Implemented IMY regulations on the processing of personal data related to violations of the law including sanction list checks

Description

Implemented IMY regulations on the processing of personal data related to violations of the law including sanction list checks

On 1 November 2024, the regulations on the processing of personal data related to violations of the law, including sanction list checks of the Swedish Authority for Privacy Protection (IMY), enter into force. The regulations permit specific companies, particularly in the financial sector and the security and defence market, to process personal data related to legal violations when conducting checks against sanction lists. The regulations eliminate the previous requirement for companies to seek IMY’s permission for such data handling. The regulations seek to enhance compliance with legal obligations regarding anti-money laundering and terrorism financing measures.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Data protection regulation
Regulated Economic Activity
infrastructure provider: other
Implementation Level
national
Government Branch
executive
Government Body
data protection authority

Complete timeline of this policy change

Hide details
2024-09-27
adopted

On 27 September 2024, the Swedish Authority for Privacy Protection (IMY) adopted regulations on the…

2024-11-01
in force

On 1 November 2024, the regulations on the processing of personal data related to violations of the…