Navigating GDPR,
Artificial
Intelligence, and
Cybersecurity
Challenges
APRIL 3
MERCHANTS' CLUB,
GEDIMINO AVE. 35, VILNIUS
About
Baltic banking industry conference Data Protection in Finance: Navigating GDPR, Artificial Intelligence, and Cybersecurity Challenges
April 3, 2025, Merchants’ Club, Gedimino ave. 35, Vilnius
This conference will bring together experts from the Baltic States, featuring representatives from national data protection authorities and leaders from the financial institutions and the private sector, who will collaboratively seek effective solutions to ensure the highest data security and privacy standards.
During the event, various data protection issues will be explored, ranging from the practical implementation of the General Data Protection Regulation (GDPR) and the resolution of legal and technological challenges to the latest trends shaping the future of data security. The event will also analyze current issues related to data management in finance, as well as new technologies that are transforming the financial sector’s landscape.
Speakers
Dijana Šinkūnienė
DIRECTOR OF STATE DATA PROTECTION INSPECTORATE
Eivilė Čipkutė
PRESIDENT OF LITHUANIAN BANKING ASSOCIATION
Valda Beizītere
Legal and Policy Officer at European Commission
Jekaterina Macuka
DIRECTOR OF LATVIAN DATA PROTECTION INSPECTORATE
Pille Lehis
DIRECTOR OF ESTONIAN DATA PROTECTION INSPECTORATE
Renate Strazdina
National Technology officer Central Europe/Central Asia at Microsoft
Tomas Kontautas
Partner at Sorainen Lithuania law firm
Mindaugas Civilka
TGS BALTIC LAW FIRM
Margarita Valčiukė
ADVISOR OF LAW DIVISION AND DPO AT STATE DATA PROTECTION INSPECTORATE
Vytautas Danta
CHIEF COMPLIANCE OFFICER EUROPE AT REVOLUT
Veronika Sajadova
DATA PROTECTION OFFICER AT SWEDBANK LATVIA
Marius Laurinaitis
LECTOR AT M. ROMERIS UNIVERSITY
Andrius IškauskaS
EXPERIENCED TECHNOLOGY & IP LAWYER, PARTNER AT NOOR
Edvardas Šileris
HEAD OF EUROPOL’S EUROPEAN CYBERCRIME CENTRE
Daiva Uosytė
Head of Security At SEB Monitoring and Security division
Daniel Holmes
DIRECTOR OF BANKING, IDENTITY & MARKET STRATEGY AT FEEDZAI
Reda Stanytė
HEAD OF AML REGULATION DIVISION, FINANCIAL MARKET SUPERVISION DEPARTMENT AT BANK OF LITHUANIA
Tomas Kontautas
Dr Tomas Kontautas is a partner of the Finance & Insurance practice group at the Baltic law firm Sorainen, where he advises on banking, project finance and PPP, investment funds, structures and pensions, fintech, capital markets, restructuring and insolvency, and insurance matters. During his career, Tomas has advised the banks, electronic money institutions and other market players on compliance, including AML, matters, represented clients in the AML investigations carried out by the Bank of Lithuania and the FIU and dealt with insurance cases involving GDPR-related investigations. Tomas is also lecturing on Financial Technology Law and Insurance Law at Vilnius University.
Andrius Iškauskas
Andrius Iškauskas is a tech-savvy attorney with nearly 20 years of experience in IT law, data protection, cybersecurity, and intellectual property. As a Partner at NOOR Legal, he leads the firm’s Technology, Media, Data Protection & IP practice, advising startups, fintechs, and creative industry clients on complex issues – from software licensing and privacy compliance (GDPR) to cybersecurity regulation (NIS2) and digital IP protection. He has successfully defended trademarks and resolved high-stakes copyright and patent disputes. Recognized by Chambers Europe and Legal 500, Andrius is known for bridging the gap between technology and law.
Jekaterina Macuka
Jekaterina Macuka is a qualified lawyer, with master's degree in Law (Latvian University) who worked more than 10 years at the Ministry of Justice of Latvia. During the Latvian Presidency in the Council of the European Union in 2015 Jekaterina Macuka was the chairperson of the EU Council working party “Data protection and information exchange working party”. From 2020 has a position of the head of the data protection supervisory authority – Data state inspectorate of Latvia. From the 2021 lecturer at the Latvian University teaching personal data protection rules.
Reda Stanytė
Reda Stanytė is an expert in the fields of financial crime prevention, AML/CTF, sanctions implementation and fraud prevention, with more than 12 years of experience in the banking sector and supervision.
Daiva Uosytė
Daiva Uosytė is an experienced banking professional with over 20 years of expertise in the financial sector. As the Head of Security at SEB Bank for the past four years, she has been at the forefront of fraud prevention and data protection. Known as a leading voice in the industry, she regularly shares insights on emerging fraud tactics and effective strategies to safeguard sensitive personal information. Daiva's deep expertise and practical approach empower you to remain at the forefront of the evolving world of financial security.
Marius Laurinaitis
Marius Laurinaitis is a professor at Mykolas Romeris University and the head of the Law and FinTech study program. He specializes in the legal regulation of electronic payments, AML, and personal data protection. He has published over 20 scientific papers in the field of information technology regulation.
Margarita Valčiukė
Margarita Valčiukė brings 8+ years’ experience in the area of data protection, 6 of which (and still counting) as a Legal Adviser and Data Protection Officer in State Data Protection Inspectorate (the SDPI). At the SDPI she takes part in assessing the data protection issues in the fields of finance, innovations, international transfers and other sensitives areas. Awarded by the Ministry of Justice (2024) for her merits in the area of the human rights.
Vytautas Danta
Vytautas Danta holds the positions of Deputy CEO, Chief Compliance Officer, and Board Member at Revolut Bank. Since joining the company in 2020, he's overseen the Compliance division, which encompasses Regulatory Compliance, Financial Crime Compliance, Compliance Assurance and Regulatory Affairs. Bringing 17 years of banking industry experience, Vytautas has held key compliance roles at leading Scandinavian banks, such as DNB and Swedbank. He holds a Master’s degree in law and is also a certified anti-money laundering specialist.
Valda Beizītere
Valda Beizītere is a legal and policy officer in data protection unit of the European Commission’s DG Justice and Consumers. She is responsible for monitoring the implementation of the GDPR in the Member States. As part of her tasks she also works closely with other European Commission services. That include work on legislative and non-legislative initiatives under the European strategy for data, in the area of financial services, and mobility.
Eivilė Čipkutė
Economist dr. Eivilė Čipkutė was appointed President of the Lithuanian Banking Association in 2020. Previously E. Čipkutė worked as a senior policy advisor at the European Investment Fund office in Brussels, Belgium. She also served as senior advisor to the World Bank's Office of the Executive Director of the Nordic and Baltic Countries at World Bank's headquarters in Washington, D.C., USA. Before continuing her career in international institutions, E. Čipkutė worked at the Lithuanian Ministry of Finance, where she headed the Financial Markets Policy Department, was the board member and chairperson of several state-owned companies. Moreover, E. Čipkutė represented Lithuania in the Committees of the EU Council and the European Commission, dedicated to Finance and Banking. E. Čipkutė has obtained master's degree in international business at Georgetown University in the USA and has defended her doctoral dissertation in the field of social sciences and economics at Vilnius University.
Dijana Šinkūnienė
Dijana Šinkūnienė is an experienced lawyer with master’s degree in law. She started her career in personal data protection in 2001. Dijana has been appointed as a Director of the Lithuanian personal data protection supervisory authority for a five-year term since February 2023. She is also a member of the European Data Protection Board and National Cybersecurity Council.
Dijana is a lecturer in Privacy, Security and Technology (Privacytech) and Data Protection at Mykolas Romeris University, Vilnius.
Daniel Holmes
Daniel Holmes leads the Subject Matter Expert & Market Strategy team for Fraud & Identity. He collaborates closely with banks worldwide and supports them to understand the range of fraud prevention and detection capabilities offered by Feedzai. He focuses on aligning the company product strategy with the direction of the financial crime market.
He is a thought leader within the industry, frequently authoring white-papers and blogs, speaking with press and analysts, and appearing on stage at various events across the globe.
Before joining Feedzai, Dan served as the Director of Solutions at LexisNexis Risk Solutions and held various fraud-related positions at Lloyds Banking Group UK. In these roles, he leveraged the latest digital fraud technology to protect the bank's online and mobile users.
Veronika Sajadova
Dr.iur. Veronika Sajadova is a certified data protection expert in Latvia and Europe. She is a highly skilled legal professional with expertise in comparative data protection practices across the European Union and cyber security, as well as a doctoral degree in International Law. Over the past seven years, she has focused on the finance sector in establishing and maintaining compliant data protection frameworks. As the Data Protection Officer of Swedbank Group in Latvia (incl. the biggest bank in Latvia, leasing, insurance, pension fund, investment company) and Co-Chairwoman of the GDPR Working Group in the Finance Latvia Association, she is deeply involved in industry compliance. She is also included in the Support Pool of Experts at the European Data Protection Board. As a researcher and lecturer, she additionally engages in seminars, conferences, and training sessions, and conducts scientific research with publications in data protection. With over 15 years of experience in finance, she has provided legal support across courts, public authorities, and NGOs.
Renate Strazdina
Renate Strazdina National Technology officer Central Europe/Central Asia Microsoft.
Renate has more than 25 years of experience in IT industry and management consulting. Renate is a leader who helps organizations adopt the latest technologies in a responsible and sustainable way ensuring that the technology solutions are compliant with ethical, legal, and social standards. Since 2021 she is serving as an independent supervisory board member of Swedbank Latvia. Renate is an active mentor for women in tech.
Renate holds a Doctorate in Engineering from the Faculty of Computer Science and Information Technology at the Riga Technical University and a master’s degree in management from the University of Latvia. For many years she was serving as a board member of the American Chamber of Commerce in Latvia and the Latvian Information and Communications Technology Association.
Edvardas Šileris
Edvardas Šileris commenced as Head of the European Cybercrime Centre in 2020. He is responsible for the central collation of criminal intelligence on cybercrime across the EU, supporting member state investigations into online child sexual exploitation, cyber-dependent crimes, non-cash means of payment fraud, and crime on the dark web. His Centre collaborates closely with the Joint Cybercrime Action Taskforce (J-CAT), a team of specialist cyber investigators from various countries. His teams at EC3 further provide digital forensic support in complex cases, strategic analysis of threats and trends, liaison with industry, academia and non- law enforcement partners, prevention and awareness, and capacity building. Before becoming Head of EC3, Edvardas was Deputy Police Commissioner General of the Lithuanian Police, also covering innovation, with 22 years dedicated to crime investigation.
Pille Lehis
Pille Lehis has been working as Director General of the Estonian Data Protection Inspectorate since 19 August 2019 and was reappointed for a new term in August 2024. She has previously worked for the Estonian Tax and Customs Board, where she started in 2005 and worked until June 2019. She started there as a court lawyer and before leaving Tax and Customs Board she was head of litigation unit.
As the Director General of the Estonian Data Protection Inspectorate, she participates in the work of the European Data Protection Board and Convention 108 of the Council of Europe. Pille graduated from the Faculty of Law of the University of Tartu.
Mindaugas Civilka
Partner at the law firm “TGS Baltic” and the head of the Technology Industry Group. He has over 20 years of legal experience, advising clients on personal data and privacy protection, cybersecurity, intellectual property, commercial, and contractual matters. He leads key projects related to the GDPR, software licensing, and cloud services, representing clients before data protection authorities and courts. He also provides legal counsel to leading and largest companies in the Baltic States and has represented them in precedent-setting cases.
In addition to his legal practice, Mindaugas is actively involved in academic work. He has nearly 10 years of teaching experience at the Faculty of Law of Vilnius University, where he developed and taught courses on Information Technology and Data Protection Law. He also conducts seminars and training sessions for lawyers and their assistants, judges, and has published dozens of articles and reviews on IT, personal data protection, and competition law.
Agenda
09:30 – 10:00
Registration and welcome coffee
10:00 – 10:10
Conference opening
DIJANA ŠINKŪNIENĖ, DIRECTOR OF STATE DATA PROTECTION INSPECTORATE
EIVILĖ ČIPKUTĖ, PRESIDENT OF LITHUANIAN BANKING ASSOCIATION
10:10 – 10:25
Fireside chat with Renate Strazdina, National Technology officer Central Europe/Central Asia at Microsoft
10.25 – 11:10
Panel I: Generative AI and GDPR
Moderator:
MINDAUGAS CIVILKA, TGS BALTIC LAW FIRM
DISCUSSION TOPIC:
Generative AI and GDPR
Generative Artificial Intelligence (Gen. AI) tools and systems are ubiquitous, and they impact people’s lives in many profound ways.
However, there is a need to strike a subtle balance between innovation and regulation ensuring that use of Gen. AI is ethical, legal and compliant with GDPR.
• What are the major legal threats and opportunities related to the engagement of Gen. AI in the financial sector?
• What rules should financial market players observe when using Gen. AI systems in their daily business lives?
• How do data protection and privacy regulations (such as GDPR) interact with and impact development as well as implementation of Gen. AI tools in the banking industry?
PANELISTS:
PILLE LEHIS, DIRECTOR OF ESTONIAN DATA PROTECTION INSPECTORATE
MARGARITA VALČIUKĖ, ADVISOR OF LAW DIVISION AND DPO AT STATE DATA PROTECTION INSPECTORATE
RENATE STRAZDINA, National Technology officer Central Europe/Central Asia at Microsoft
VYTAUTAS DANTA, CHIEF COMPLIANCE OFFICER EUROPE AT REVOLUT
11:10 – 11:25
Valda Beizītere, Legal and Policy Officer at European Commission
Presentation: Regulatory Challenges (special focus – AML)
11:25 – 12:10
Panel II: AML and GDPR
Moderator:
TOMAS KONTAUTAS, PARTNER AT SORAINEN LITHUANIA LAW FIRM
DISCUSSION TOPIC:
Data controllers face several challenges when processing data for AML purposes. How to reconcile the implementation of AML requirements with GDPR compliance. The choice of legal basis raises the question: is a legal obligation really the most appropriate legal basis for processing of data for AML purposes? Is it possible to avoid processing special categories data when processing politically exposed persons' data for AML purposes?
PANELISTS:
Valda Beizītere, Legal and Policy Officer at European Commission
Jekaterina Macuka, Director of Latvian Data Protection Inspectorate (TBC)
Veronika Sajadova, Data Protection Officer at Swedbank Latvia
Marius Laurinaitis, Lector at M. Romeris University
12:10 – 13:10
Lunch
13:10 – 13:25
Fireside chat with Dijana Šinkūnienė, Director of State Data Protection Inspectorate
13:25 – 14:10
Panel III: Fraud Prevention and GDPR
Moderator:
Andrius Iškauskas, Experienced technology & IP lawyer, Partner at NOOR
DISCUSSION TOPIC:
Financial institutions have an obligation to ensure fraud prevention using all kind of means, for example, machine learning, AI, monitoring a typical customer behavior. The obligation to use all kinds of data processing means raises the question how much a financial institution can invade data subject’s privacy? What scope of personal data can be processed? Does fraud prevention purpose justify all the data processing means?
PANELISTS:
Dijana Šinkūnienė, Director of State Data Protection Inspectorate
Edvardas Šileris, Head of Europol’s European Cybercrime Centre
Daiva Uosytė, Head of Security At SEB Monitoring and Security division
Daniel Holmes, Director of Banking, Identity & Market Strategy at Feedzai
Reda Stanytė, Head of AML Regulation Division, Financial Market Supervision Department at Bank of Lithuania
14:10 – 14:15
Closing of the Conference
14:15
Networking
APRIL 3
MERCHANTS' CLUB,
GEDIMINO AVE. 35, VILNIUS
Contacts
Partners
