Banks twist client arms to draw personal data

Andres Reimer
, business journalist
Please note that the article is more than five years old and belongs to our archive. We do not update the content of the archives, so it may be necessary to consult newer sources.

Nordea and Danske clients complained to Postimees that said banks withheld services related to transfers and purchase of shares as the individuals failed to fill fresh personal data declaration.

«I’m a client of Danske Bank for years, and I have just basically gotten a letter of threat from it,» said Jane Marksa.

«In case the bank receives sufficient amount of required data a situation may arise where the bank is no longer allowed to offer the desired banking services to the client. Failure to fill in the questionnaire may necessitate restrictions to use of banking services by the client or termination of customer relations by the bank,» Danske Bank declared in its letter to client.

«Beginning November 30th 2015 we will restrict use of banking services in a way that you will only be able to perform the desired transaction after you have filled in the questionnaire.»

A Nordea bank client, in turn, said the bank went as far as to refuse to alter payment date for shares in the ling-term contract until the client has filled a declaration proving investment competence.

«Filling that declaration takes serious work as the data asked for need to be searched out someplace,» said a bank client known to Postimees asking for anonymity. «I do not want to fill that declaration.»

The demands by the banks may equal to violation of the Constitution when they undertake to require detailed information regarding client’s close relatives. «At Nordea bank, all clients have been placed under obligation to monitor their family members,» said Toomas. «If unwilling to disclose data on family members, you cannot continue filling the questionnaire.»

Detailed data on family members are required when these are important state officials. Mr Toomas assures us his kinfolks include no such personas, yet he is disturbed by the way the question is presented.

The banking union says each year brings new personal data mandatory to require, wherefore all who updated their data this year must do so again.

«When currently, pursuant to a contract between Estonia and USA, the banks have to notify of US tax residents, then in the new year [they have to notify] of tax residents of all other nations also,» said the banking union CEO Katrin Talihärm. «Thus the bank clients of whom tax residency has thus far not been inquired must be ready to be asked for that information as the data is updated.»

Financial Supervision Authority said the laws do lay on banks the obligation to know their customers, but do not prescribe specific questions.

«Failure to apply diligence measures is punishable. Therefore, it is impossible for obligated persons not to impose measures of diligence on client,» explained Financial Supervision Authority anti money laundering monitoring chief Andres Palumaa.

«The extent of the measures is selected by each service provider. Asking data regarding relatives may be primarily linked to earlier activity of the individual, such as frequent payments between private persons.»

Data Protection Inspectorate’s main stand is that the bank presenting the questions must also ensure that the clients know why they need to declare the extra data.

«To the inspectorate’s knowledge, update of client data is underway at the banks as related to diligence obligation requirement prescribed by section 13 subsection 1 clause 5 of Money Laundering and Terrorist Financing Prevention Act,» said the inspectorate’s public relations advisor Margit Liivoja.

«This is in no contradiction to Personal Data Protection Act pursuant to which processing of data is allowed on legal basis including in Tax Information Exchange Act.»

The banks told Postimees that they are not collecting the detailed data on their own initiative but are under obligation to fulfil diligence measures arising from laws and other regulations.

«Nordea is adhering to requirements arising from various laws, Financial Supervision Authority instructions as well as Nordea group rules,» said Nordea bank’s jurist Toomas Tomson. «To our knowledge, Nordea’s practice at fulfilling diligence obligation differs not significantly from those at other banks in Estonia.»

The Nordea jurist advises all troubled clients to address the bank directly, is possible, for specific explanations.

Danske Bank explained that the information collected about customers has become very detailed. «In addition to an individual’s personal and document data, a bank must identify the customer’s activity profile, field of activity, volume of activity (bank account turnover), main partners,» explained the bank’s communication chief Tõnu Talinurm.

«Pursuant to Tax Information Exchange Act, Danske Bank A/S Estonian branch needs to provide Tax and Customs Board information regarding US tax residents known to it or presumed by it. Because of that, we need to ask all clients whether they are US tax residents.»


Mart Siilivask, Swedbank communication manager

The risk questionnaire is not merely fulfilling another requirement by the European Union, but we may say that during the eight years that we have filled it with our clients, it is a good opportunity, during the fulfilment of which a client becomes aware of his risks as related to investments, and thinks these through in a deeper way. For instance, after the latest financial crisis, people and therefore also the results of their risk questionnaire became markedly more conservative. Now, however, during these past couple of years, we are noticing some added willingness to risk.