Challenge for banks to get consent to share customer information

Banks sharing information on prospective clients is a nice idea to fight money laundering ("Banks in talks to set up system to fight money laundering"; last Saturday).

But will it work? The banks will face two major hurdles. The first is banking secrecy laws in Singapore, and the second is the protection of customers' personal data.

Under the Banking Act, a bank is prohibited from disclosing its customer information unless the customer consents or in cases permitted under the Act.

However, obtaining the written consent of customers will be fraught with challenges and will likely be a prohibitive exercise, in terms of cost and manpower.

DBS Group, OCBC Bank and United Overseas Bank would presumably have hundreds of thousands of existing customers.

How are they to obtain the consent of all these customers? What about customers who do not respond when contacted? Silence does not mean consent.

The best way forward seems to be to legislate consent under the Banking Act.

But is this a fair move? Most customers would not object to their information being disclosed to, say, law enforcement agencies or the Monetary Authority of Singapore.

Sharing their information with another bank is a different matter.

How can customers be assured that their information will not be abused?

This ties in with the Personal Data Protection Act, which also prohibits banks from disclosing the personal data of customers without consent.

Again, the only practical way out of this problem seems to be through legislation.

Tan Sin Liang

A version of this article appeared in the print edition of The Straits Times on May 12, 2016, with the headline 'Challenge for banks to get consent to share customer information'. Print Edition | Subscribe