Trust as a Strategic Resource
The Verkhovna Rada Commissioner for Human Rights Dmytro Lubinets on March 12 opened proceedings over a possible violation of a monobank client's personal data. The case concerns a post by the bank's co‑founder Oleg Gorokhovsky in which a photo of a client with a flag in the background was published — later deleted.
What exactly happened
On March 9, Gorokhovsky published a photo of the client and explained that during the video identification he allegedly saw a flag that provoked an emotional reaction in him after years of war. The client, Karina Kolb, said she was abroad and that the photo shows the Slovenian flag, which differs from the Russian one by having a coat of arms. After a wave of criticism, Gorokhovsky deleted the post and apologized, assuring that clients' personal data remain protected.
"Personal data cannot become an instrument of public pressure or humiliation. The law is the same for everyone, and its violation cannot be justified by emotions or public outcry"
— Dmytro Lubinets, Verkhovna Rada Commissioner for Human Rights
"My attitude toward that flag has not changed. My attitude toward the action has."
— Oleg Gorokhovsky, co‑founder of monobank
Why this matters
First, it's about a possible breach of banking secrecy and personal data protection laws. Second, even isolated incidents damage trust in financial institutions — at a time when customer trust is critical, reputational risks become economic ones.
Lawyers and compliance specialists emphasize: publishing a client's photo without a clear legal basis may have administrative or criminal consequences, and may also require the bank to review internal video‑identification procedures and staff training.
Reaction and possible consequences
The ombudsman has launched a review; information from the bank is awaited and, if necessary, materials will be passed to the relevant regulatory authorities. For clients the practical question is: how does the bank inform about incidents and what guarantees of personal data protection actually apply.
What next
The results of the review should show whether the law was violated and whether sanctions or recommendations to change the bank's practices are necessary. In a broader sense, this is a test for the whole system: can financial institutions reconcile society's emotional sensitivity during wartime with respect for rights and procedures.
Now it's up to the regulatory bodies: will these findings be turned into clear rules that protect both citizens' security and trust in banks?
