ABN AMRO and integrity testing

Imagine: you are involved in the damage or loss of our property, there is a suspicion of fraud or the government or police are investigating you. There may also be certain outcomes of Customer Due Diligence (CDD) checks under the Wft and Wwft or you do not comply with agreements with the bank.

These are examples of occurrences that require the bank’s special attention. The bank must be able to record and store these so that it can take appropriate action or follow-up steps. The bank has a legitimate interest to do this.

Such occurrences are called “events”. They are recorded in a special internal administration of the bank, generally called “Event Administration”, which can only be accessed by authorised employees.

Linked to the Events Administration is an Internal Referral Register (IVR). This ensures that if we feel that a customer’s involvement in an event is serious enough, we can alert our relevant departments. This also applies to our group companies. This alert only has internal effect (within our organisation). Whether an event can be shared within our organisation via the IVR is tested against the AVG rules. Among other things, we explicitly inform about the reasons for inclusion, the consequences of the inclusion for the customer and his or her relationship with us and with our group companies. We also inform the customer about the duration of the recording and the customer’s rights, e.g. the right to object.

We also record when we have end the contractual relationship if it follows from the Wwft. For example, when you have not adequately informed us where your money comes from, or you are involved in money laundering or terrorist financing. In these cases, we may include your data in what we call the CAAML list. This registration, like the IVR, only has internal effect. The purpose of this registration is that we, as a group, can remember that we have had to say goodbye to you because we cannot (anymore) comply with our Wwft obligations. We also have a legitimate interest for this. If you are included in the CAAML list, you will also be explicitly informed about this. In this communication, we will inform you, among other things, of the reasons for inclusion and what consequences this has for your relationship with the bank and its subsidiaries. You will then be informed about the duration of the inclusion and your customer rights, e.g. the right to object.

In addition, financial institutions in the Netherlands, including ABN AMRO, have developed an alert system that, unlike the Event Administration, the IVR and the CAAML list, has external effect.

It allows them to test whether someone:

• ever defrauded,
• attempted to commit fraud,
• or otherwise threatens the safety of the banking sector

You can read more about this alert system and how it works on the Dutch Banking Association (NVB) site. The rules governing how banks, and therefore also ABN AMRO, can use the external warning system have been approved by the Personal Data Authority. You can also read these rules on the site of the NVB. If you are included on this external alert system, according to these rules you will be informed about the registration and how you can exercise your (privacy) rights. 

If you want to become a customer with us or you want to purchase a new product from us or one of our group companies, we test for these registers. Only those dealing with customer and product acceptance are allowed to test against these lists. These employees only receive a signal if you are registered. Only a limited number of authorised staff can see details about the reasons for inclusion on the lists. It is always considered on the basis of this information whether the bank can accept you or grant the product and if so - under what conditions.