The bank failed to comply with a general risk assessment of products for corporate clients.
The bank failed to comply with a general risk assessment of products for corporate clients.
Two out of the four industries exposed to the greatest risk are banking and finance as well as payment institutions.
The Swedish Financial Supervisory Authority found that the bank failed to get in-depth customer knowledge relating to high-risk customers.
The Finnish authority has issued penalty payments on one bank and two companies.
Persónuvernd’s annual report for 2025 shows an increasingly proactive approach to cybersecurity failings, AI oversight, and organizations handling sensitive data.
Despite a resilient financial sector, economic development, cyber risks, and competitiveness are reshaping the supervisory approach.
Denmark’s Data Protection Authority has shifted towards stricter AI oversight, proactive GDPR regulation, and risk-based enforcement.
Most cases relate to work environment issues, data protection, or financial matters, with serious reports referred to relevant authorities.