Jump to Content
ABA: The American Bankers Association
Skip Section Navigation

In This Section


GDPR is a sweeping European Union regulation that governs the protection and use of personal data by corporate entities.

GDPR, which became effective on May 25, 2018, applies to companies with operations in the EU or that collect the personal data of people in the EU. With these broad parameters—and with the price tag for GDPR violations maxing out at the higher of $20 million or 4 percent of annual global turnover—all banks with a web presence should check twice to verify whether they will be subject to GDPR compliance.

To assist U.S. banks with their assessment of whether GDPR may apply, ABA has developed a checklist to use as the basis for a conversation between bank CEOs, board members, compliance officers, risk management team, IT staff and legal counsel.


Related Training & Events

GDPR: What Your Bank Needs to Know Now

ABA bank members can watch this free recorded webinar about GDPR and what their bank needs to know.

Watch Recorded Webinar