Harnessing AI for AML/CFT: Legal Grounds for Training AI on Personal Data for AML/CFT under EU Data Protection Law.
Saved in:
| Title: | Harnessing AI for AML/CFT: Legal Grounds for Training AI on Personal Data for AML/CFT under EU Data Protection Law. |
|---|---|
| Authors: | Roussos, Manos1 (AUTHOR) E.Roussos@tilburguniversity.edu, Hajduk, Paweł2 (AUTHOR) |
| Source: | Information & Communications Technology Law. Mar2026, Vol. 35 Issue 1, p72-92. 21p. |
| Subjects: | General Data Protection Regulation, 2016, Legal justification, Data protection, European Union, Personally identifiable information, Economic crime, Artificial intelligence |
| Abstract: | AI systems can assist in fulfilling AML/CFT obligations within the revised EU AML framework. To function accurately, these AI-enhanced AML systems require extensive training on datasets, including personal data. This paper examines the legal grounds under the General Data Protection Regulation (GDPR) for processing such data, with a focus on compliance with legal obligations [Article 6(1)(c) GDPR] and legitimate interest [Article 6(1)(f) GDPR]. The paper argues that, while legal obligation may not provide a sufficient basis due to the lack of explicit mandates requiring AI use, legitimate interest presents a viable alternative, dependent on a rigorous test. By scrutinising the necessity of balancing financial institutions' need for AI-enhanced AML/CFT tools with EU data protection law, this paper underscores the significance of safeguards to mitigate risks associated with such tools, including bias, transparency shortcomings, and challenges in exercising data subject rights. [ABSTRACT FROM AUTHOR] |
| Copyright of Information & Communications Technology Law is the property of Taylor & Francis Ltd and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.) | |
| Database: | Engineering Source |
|
Full text is not displayed to guests.
Login for full access.
|
|
| FullText | Links: – Type: pdflink Text: Availability: 1 |
|---|---|
| Header | DbId: egs DbLabel: Engineering Source An: 191203186 AccessLevel: 6 PubType: Academic Journal PubTypeId: academicJournal PreciseRelevancyScore: 0 |
| IllustrationInfo | |
| Items | – Name: Title Label: Title Group: Ti Data: Harnessing AI for AML/CFT: Legal Grounds for Training AI on Personal Data for AML/CFT under EU Data Protection Law. – Name: Author Label: Authors Group: Au Data: <searchLink fieldCode="AR" term="%22Roussos%2C+Manos%22">Roussos, Manos</searchLink><relatesTo>1</relatesTo> (AUTHOR)<i> E.Roussos@tilburguniversity.edu</i><br /><searchLink fieldCode="AR" term="%22Hajduk%2C+Paweł%22">Hajduk, Paweł</searchLink><relatesTo>2</relatesTo> (AUTHOR) – Name: TitleSource Label: Source Group: Src Data: <searchLink fieldCode="JN" term="%22Information+%26+Communications+Technology+Law%22">Information & Communications Technology Law</searchLink>. Mar2026, Vol. 35 Issue 1, p72-92. 21p. – Name: Subject Label: Subjects Group: Su Data: <searchLink fieldCode="DE" term="%22General+Data+Protection+Regulation%2C+2016%22">General Data Protection Regulation, 2016</searchLink><br /><searchLink fieldCode="DE" term="%22Legal+justification%22">Legal justification</searchLink><br /><searchLink fieldCode="DE" term="%22Data+protection%22">Data protection</searchLink><br /><searchLink fieldCode="DE" term="%22European+Union%22">European Union</searchLink><br /><searchLink fieldCode="DE" term="%22Personally+identifiable+information%22">Personally identifiable information</searchLink><br /><searchLink fieldCode="DE" term="%22Economic+crime%22">Economic crime</searchLink><br /><searchLink fieldCode="DE" term="%22Artificial+intelligence%22">Artificial intelligence</searchLink> – Name: Abstract Label: Abstract Group: Ab Data: AI systems can assist in fulfilling AML/CFT obligations within the revised EU AML framework. To function accurately, these AI-enhanced AML systems require extensive training on datasets, including personal data. This paper examines the legal grounds under the General Data Protection Regulation (GDPR) for processing such data, with a focus on compliance with legal obligations [Article 6(1)(c) GDPR] and legitimate interest [Article 6(1)(f) GDPR]. The paper argues that, while legal obligation may not provide a sufficient basis due to the lack of explicit mandates requiring AI use, legitimate interest presents a viable alternative, dependent on a rigorous test. By scrutinising the necessity of balancing financial institutions' need for AI-enhanced AML/CFT tools with EU data protection law, this paper underscores the significance of safeguards to mitigate risks associated with such tools, including bias, transparency shortcomings, and challenges in exercising data subject rights. [ABSTRACT FROM AUTHOR] – Name: AbstractSuppliedCopyright Label: Group: Ab Data: <i>Copyright of Information & Communications Technology Law is the property of Taylor & Francis Ltd and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract.</i> (Copyright applies to all Abstracts.) |
| PLink | https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=egs&AN=191203186 |
| RecordInfo | BibRecord: BibEntity: Identifiers: – Type: doi Value: 10.1080/13600834.2025.2510748 Languages: – Code: eng Text: English PhysicalDescription: Pagination: PageCount: 21 StartPage: 72 Subjects: – SubjectFull: General Data Protection Regulation, 2016 Type: general – SubjectFull: Legal justification Type: general – SubjectFull: Data protection Type: general – SubjectFull: European Union Type: general – SubjectFull: Personally identifiable information Type: general – SubjectFull: Economic crime Type: general – SubjectFull: Artificial intelligence Type: general Titles: – TitleFull: Harnessing AI for AML/CFT: Legal Grounds for Training AI on Personal Data for AML/CFT under EU Data Protection Law. Type: main BibRelationships: HasContributorRelationships: – PersonEntity: Name: NameFull: Roussos, Manos – PersonEntity: Name: NameFull: Hajduk, Paweł IsPartOfRelationships: – BibEntity: Dates: – D: 01 M: 03 Text: Mar2026 Type: published Y: 2026 Identifiers: – Type: issn-print Value: 13600834 Numbering: – Type: volume Value: 35 – Type: issue Value: 1 Titles: – TitleFull: Information & Communications Technology Law Type: main |
| ResultId | 1 |