Financial Crime Compliance Services Processing Notice

LexisNexis Risk Solutions FL Inc. and WorldCompliance, Inc. (“LNRS”, “we”, “our”, “us”) provide financial crime compliance services, including Bankers Almanac® and WorldCompliance™, to financial institutions, corporations, government agencies and other organizational customers (“Customers”). This processing notice describes the processing of personal information in these services ("Services").

Our Services contain personal information that our Customers use to conduct due diligence and other screening activities to comply with their legal or regulatory obligations and for other risk management activities, including Know Your Customer (KYC), anti-bribery and corruption (ABC), anti-money laundering (AML), counter-terrorist financing (CTF), or other regulatory compliance checks, or for detecting, preventing, investigating or prosecuting financial crime, fraud and serious misconduct or dishonesty, or other criminal or unlawful activity or unethical conduct.

For example, when an individual applies for a bank account with one of our banking Customers, the Customer may search the individual’s name against government lists, media reports and other publicly available information, to assess whether opening an account presents a risk of violating regulatory requirements.

We do not decide what our Customers do with the results of a check – for example, whether our Customers decide to conduct further checks or are permitted to do business with a particular individual is solely up to them. Furthermore, our Customers are required to conduct their own checks to verify the accuracy of the data, and, are prohibited from using the data as the sole or exclusive basis for making decisions impacting individuals. Our Customers’ respective privacy notices will tell you more about how they collect, use and otherwise process personal information.

The personal information processed in our Services may include:

• identifiers such as name, age, date of birth, gender, photograph, and country of residence;
• government identification numbers such as social security or national insurance numbers
• information about business activities, such as affiliation with and ownership of businesses, employment/role, which may include details of public, religious, political or trade union roles, and education background;
• professional and personal affiliations (for example, organisations and individuals that you may be associated with in your professional or personal capacity);
• information about court judgments and criminal activity, such as details of offences and court dispositions;
• financial information relating to income or wealth, such as credit history, property ownership, net worth, charitable donations, and bankruptcy or insolvency filings;
• inclusion on sanctions lists, watch lists, or public lists of disqualified directors or other positions of responsibility;
• information in relation to a politically exposed person ("PEP") as defined under the Financial Action Task Force Recommendations, or close associates of PEPs;
• details of family circumstances, such as marital status and dependents, and in limited circumstances, PEP passport details; and
• reported allegations of money laundering, terrorism financing, bribery and corruption and similar activities.

The personal information in our Services is sourced from public records and publicly available information, such as court, regulatory and other government records, news, media reports, publications, company reports, business information, government websites, sanction or watch lists, electoral registers , politician websites, blogs and social media.

We may share personal information:

• with our Customers, service providers and affiliates;
• where we have a good faith belief that such disclosure is necessary to meet any applicable law, regulation, legal process or other legal obligation; detect, investigate and help prevent security, fraud or technical issues; and/or protect the rights, property or safety of LNRS, our users, employees or others; and
• as part of a corporate transaction, such as a transfer of assets or an acquisition by or merger with another company.

We do not monitor the profiles accessed in WorldCompliance due to AML and CTF regulations.

We process personal information as necessary for our and others’ legitimate interests for:

• provision of our Services to our Customers and their end users;
• detection, investigation, assessment, monitoring and prevention of fraud and other crime;
• mitigation of financial and business risk; and
• compliance with AML, CTF, ABC and other legal and contractual obligations.

We may also process personal information to develop and enhance of our services.

We process sensitive, special category and criminal offence data (as defined by applicable law) as necessary for reasons of substantial public interest, where the processing relates to personal information you manifestly made public, or when authorized, permitted or licensed in accordance with applicable law.

We process personal information where we, our affiliates and our service providers maintain servers and facilities, including in Ireland, the United Kingdom and the United States. We take steps, including through contracts, intended to ensure that the information continues to be protected wherever it is located in a manner consistent with the standards of protection required under applicable law.

You have the right under certain privacy and data protection laws, as may be applicable, to request free of charge:

• access to and correction or deletion of your personal information; and
• restriction of and objection to our processing of your personal information.

If you wish to exercise these rights, please submit your request using the contact details set out below. We will respond to your request consistent with applicable laws. Your rights to object, restrict or delete your personal information may be limited where we are legally required to process your personal information or have compelling reasons to override your request. To protect your privacy and security, we may require you to verify your identity.

We retain personal information for only as long as necessary to provide the Services and fulfil the transactions our Customers have requested, or for other essential purposes such as complying with our legal obligations, maintaining business and financial records, resolving disputes, maintaining security, detecting and preventing fraud and abuse, and enforcing our agreements.

We implement technical and organisational measures to seek to ensure a level of security appropriate to the risk to the personal information we process. These measures are aimed at ensuring the integrity, confidentiality, and availability of personal information.

We will update this processing notice from time to time. Any changes will be posted on this page with an updated revision date. If we make any material changes, we will provide notice through the Services or by other means.

If you have any questions, comments, complaints or requests regarding this processing notice, please contact us online here for U.S. requests or here for non-U.S. requests. Alternatively, you can write to: Data Protection Officer, LexisNexis Risk Solutions, Global Reach, Dunleavy Drive, Cardiff CF11 0SN, United Kingdom.

You may also lodge a complaint with the data protection authority in the applicable jurisdiction.

The data protection representative for our companies that are processing personal information in the Services within the scope of the UK data protection laws and established outside of the UK is LexisNexis Risk Solutions UK Ltd at the address above. The data protection representative for our companies that are processing personal information in the Services within the scope of the EU and Swiss data protection laws and established outside of the EEA and Switzerland is LexisNexis Risk Solutions (Europe) Limited, Riverside One, Sir John Rogerson's Quay, Dublin 2, D02 X576, Ireland.

 

Last updated: 1 July 2024