Berlin: Berlin Commissioner fines N26 Bank €50,000 under GDPR for customer black list violation
The Berlin data protection authority ('the Berlin Commissioner') announced, on 19 September 2019, that it had fined, in March 2019, N26 Bank GmbH €50,000 for violation of the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR'). In particular, the Berlin Commissioner stated that N26 Bank had kept former customers' names on a black list for anti-money laundering purposes, regardless of whether the customers were actually suspected of money laundering. Furthermore, the Berlin Commissioner noted that N26 Bank had accepted the fine and introduced a range of measures, such as increasing the number of its data protection staff and training its employees, to eliminate previous organisational deficiencies, thereby, improving the protection of their customers' data.
You can read the press release, only available in German, here