UK DUAA right to complain enforces in -- days · 19 June 2026 EU AI Act high-risk enforces in -- days · 2 August 2026
OBEXGATE
Free AI Risk Assessment Does OBEXGATE apply to you?

Enforcement Intelligence

GDPR Enforcement Risk in Spain Financial Services

Real enforcement patterns. Operational governance signals. Practical remediation paths.

Analyse your AI governance risk

Free AI Risk Assessment Informational Meeting

Enterprise-grade AI governance without the enterprise team. Português, Français, Deutsch, Español, and English. 89 Articles, 4 Continents, within your budget and expertise level. Runtime AI Governance. For a demo: hello@obexgate.com

Enforcement Summary

Total finesEUR 37.3M
Enforcement actions120
Largest fineEUR 5.0M
Most common violationInsufficient legal basis for data processing
Primary regulatorSpanish Data Protection Authority (aepd)
Risk signal91

Top Violations

Structured violation patterns are shown only when supplied in the enforcement dataset.

Insufficient legal basis for data processing

Count
46

Non-compliance with general data processing principles

Count
37

Insufficient technical and organisational security measures

Count
19

Insufficient fulfilment of data subjects rights

Count
9

Insufficient cooperation with supervisory authority

Count
5

Common Patterns

Operational patterns that repeat across enforcement records.

Real Examples

Examples are shown only when source-backed records are supplied.

Major commercial bank

Regulator
Spanish Data Protection Authority (aepd)
Date
2020-12-11
Fine amount
EUR 5.0M
Source
Source
Governance lesson
Insufficient fulfilment of information obligations

Major commercial bank

Regulator
Spanish Data Protection Authority (aepd)
Date
2023-10-26
Fine amount
EUR 5.0M
Source
Source
Governance lesson
Non-compliance with general data processing principles

Insurance company

Regulator
Spanish Data Protection Authority (aepd)
Date
2024-12-10
Fine amount
EUR 4.0M
Source
Source
Governance lesson
Insufficient technical and organisational security measures

Enforcement Pattern › Governance Control › Runtime Evidence

OBEXGATE Remediation Positioning

OBEXGATE turns enforcement patterns into operational controls and runtime evidence.

Enforcement Pattern Governance Control Runtime Evidence

Source and Update Positioning

Source datasetSpanish Data Protection Authority (AEPD)
Last updated2026-06-02

Language alternates

Related OBEXGATE links

Information contained is not medical advice, legal advice, or a guarantee of success. Regulatory requirements change and should be verified against current published guidance, legislation, and regulator materials.