The banking sector organized a discussion forum on personal data protection with the Agency for Information and Privacy

11.05.2022, Pristina-

For the banking sector, the implementation of the legislation, whether primary or secondary, is crucial for a stable and transparent financing toward the citizens of the Republic of Kosovo. The banking sector is one of the largest personal data processors in the country. As a result, the forum on personal data protection in the financial sector aimed to establish cooperative relations between key actors in order to implement the Law on Personal Data Protection as fairly as possible.

The banking sector in Kosovo generally implements best international practices, therefore the adaptation of the new Law on Personal Data Protection in Kosovo in accordance with the requirements of the EU regulation on personal data protection (GDPR), represents a further step towards adapting and harmonizing the domestic legal framework with that of the European Union (EU).

The welcome speech of the forum "Implementation of the Law on Personal Data Protection in the financial sector" was made by the Chairperson of the Compliance Committee within the Kosovo Banking Association, Mrs. Kaltrina Haxha Ferizi, while in the opening speech of the forum Chief Executive Officer of the Kosovo Banking Association Mr. Petrit Balija, said that: “It is true that data protection of customers requires great commitment and has a high cost but it is something necessary as it protects the institution from violations and penalties, but also preserves the reputation of the institution, which in the case of the banking sector reputation and credibility are extremely important. The forum continued with the discussion of topics in the panel consisting of: Mrs. Krenare Sogojeva Dermaku - Commissioner, Information and Privacy Agency, Mrs. Eriola Bibolli - Chief Executive Officer, ProCredit Bank Kosovo, Mrs. Daniela Bollmann, Personal Data Protection Officer, Raiffeisen Bank International & Austrian Subsidiaries of RBI and Mrs. Kaltrina Haxha Ferizi - Chairperson of the Compliance Committee of the Kosovo Banking Association.

Some of the topics addressed during this forum were: the importance and scope of the Law and interaction with other laws in the country, the role of the Agency in the proper implementation of the Law, challenges and overcoming them during the implementation of "GDPR" in the EU, especially in the banking sector, the implementation of the Law in the local banking sector, the adoption of supporting bylaws in order to implement the Law in practice, the organization of forums and increase of expertise on privacy and personal data protection, the examination of banks and the focus of the examination, the rights of the data subject as well as the transfer of personal data to other states and international organizations.

The panelists discussed various aspects and the added value of the Law on Personal Data Protection in the banking sector, however agreed that the requirements of the Law are quite complex and need to be supported with additional guidance and ongoing discussions. Commissioner Mrs. Krenare Sogojeva Dermaku stressed that the primary purpose of the Agency is to assist and ensure the implementation of the Law in practice and fines will be used only as a last resort to processors, if they do not address the recommendations of the Agency within the legal deadlines. Finally, all parties agreed that this forum is the first step towards a long-term dialogue "sector and Agency", until full compliance with all requirements of the Law.