The President of Ukraine, Volodymyr Zelenskyi, signed a new law that gives law enforcement agencies expanded powers to access banking information of citizens and companies.
From now on, the National Police has the right to receive data on the accounts and financial transactions of suspects from all banks in case of criminal investigations. The law has sparked an active discussion in society, after which it raises the issue of privacy of personal data and at the same time is a number of steps in the fight against crime and financial offenses.
Ukrainian banks and non-bank financial institutions (primarily payment organizations) will start sharing customer information with the National Police. Today, November 6, the president signed draft law No. 11043, adopted at the beginning of October by the Verkhovna Rada - "On Amendments to Certain Laws of Ukraine on Improving the Functions of the National Bank of Ukraine on State Regulation of Financial Services Markets."
The document strengthens requirements and fines for financiers, expands the powers of the National Bank, and most importantly - obliges payment organizations to provide the necessary data to the police at the written request of law enforcement officers.
This is not an automatic transfer of financial information about everything and everyone. It is about answers to specific requests of the National Police in open criminal cases in the presence of signs of a criminal offense. The law lists the types of criminal articles under which data will be disclosed.
"Information on the payment service provider's response measures in case of receipt of a written (electronic) request from the National Police of Ukraine about a user's payment transaction, if such transaction contains signs of a criminal offense provided for in Articles 185, 190-192, 200, 361, 362-363 of the Criminal Code of Ukraine," the document literally says.
The listed articles of the Criminal Code relate to money theft/deception of funds (Articles 185, 192), fraud (Article 190), illegal transfers/account operations (Article 200) and hacking of information networks of banks and other payment organizations (Article 361, 362, 363).
It is expected that the information received will help the police, primarily the Cyber Police unit, to fight fraud. From the hacking of data systems and card accounts to the deception of Ukrainians who lose money due to fraudsters.
For this purpose, law enforcement officers will be able to receive from financial institutions not only information about their customers who participate in the crime - victims, suspects: full name, card/account number, type of transaction. But also their geolocation data to find out their territorial location. The full list of data that will be disclosed is extensive:
– Full name, name of the legal entity involved in the transaction.
– Identification code (or EDRPOU) of participants of all suspects.
– IP address of participants.
- Geolocation data.
– The actual address of the device used to perform the operation.
– Data about the application in which the payment was made.
- The address of the cash desk where the payment was made.
- Data on the provider of payment services - a bank, non-banking organizations and other participants.
– ID of the payment device.
– The payer's unique identifier and the payer's electronic account number.
To quickly identify all suspects/victims of embezzlement, participants in a payment transaction.
We will remind that many banks even before the full-scale war made it a mandatory function to track the geolocation of their customers. Without turning on the geolocation function, people are not allowed to carry out transactions through mobile applications. Thanks to which financiers can track the movement of users.
