Understanding obligations in relation to data breaches

Data breaches are becoming more common. Where they involve personal information, data breaches increase the risk of identity crime, fraud and cyber-enabled crime.

More Detail

AUSTRAC released guidance to help Reporting Entities:

  • understand their AML/CTF obligations when it comes to data breaches;
  • protect their business and customers from the heightened ML/TF risks that can arise from data breaches; and
  • identify potential indicators of identity crime, fraud and cyber-enabled crime.

The guidance applies if the business has been:

  • directly subject to a data breach; or
  • impacted by an external data breach that affects the customers or services.

The guidance highlights the importance of:

  • regularly reviewing risk assessments and systems and controls to make sure they reflect the ML/TF risks arising from a data breach;
  • identifying, mitigating and managing the ongoing customer risks, paying particular attention to potential indicators for identity crime, fraud and cyber-enabled crime; and
  • reporting any data breach appropriately.

AUSTRAC encouraged all Reporting Entities to:

  • read the guidance; and
  • make sure they are taking all necessary steps to protect their business and the broader community from the impacts of data breaches.

Read the data breach guidance.

Share Us:

Related Posts