The purpose of whitelisting is to bypass standard checks. For instance, email spam filters may have a whitelist to always allow mail from the whitelisted email addresses, domains and/or IP addresses. In compliance, whitelisting is often used when periodically checking a customer base.

whiteListing 300

Despite its apparent simplicity, it is a complex matter to define the criteria that must be fulfilled to whitelist a customer. From FINMA publications, it is evident that a relationship between the customer and an executive director of the bank is not recommended as a whitelisting criterion (see section 4.2.2 case E in “Sorgfaltspflichten der Schweizer Banken im Umgang mit Vermögenswerten von politisch exponierten Personen”, November 10, 2011). Furthermore, the policy “once whitelisted, always whitelisted” is not recommended either. The customer’s status may change, sanctions and PEP roles are change all the time, and last but not least, the matching criteria may change.

Complete Revision of the Federal Data Protection Act

The complete revision's draft of the Federal Data Protection Act is currently in political consultation. Data Protection is to be increased by giving people more control over their private data as well as reinforcing transparancy regarding the handling of confidential data.

Links: draft, report

Eurospider Information Technology AG
Schaffhauserstrasse 18
8006 Zürich

 

Cookies make it easier for us to provide you with our services. With the usage of our services you permit us to use cookies.
More information Ok Decline