The TFTP agreement includes strictures on how SWIFT data may be used as well as on external oversight of this use, the DPAs said.
Rutgers declined to comment on possible sanctions SWIFT could face or on how long the inquiry would take.
It is much too early to talk about possible sanctions, said CPP spokeswoman Eva Wiertz in an email. "Moreover, the Belgian DPA cannot impose sanctions," she said, adding that if the DPA determines Belgian privacy laws are breached it can pass its findings on to the public prosecutor. The investigation will take at least a few weeks, she said.
SWIFT is cooperating with the Belgian and Dutch Data Protection Authorities, the organization said in a statement on its website. "There is no evidence at this time to suggest that there has been any form of confidentiality breach. SWIFT takes these matters extremely seriously and looks forward to confirming the positive outcome of this DPA review," it said.
Sign up for CIO Asia eNewsletters.