Banks typically collect and store large amounts of customer data as part of their operations. While they have permission to collect this data, they are obligated to protect it and ensure its confidentiality. Internally, banks implement strict access controls, ensuring only authorised personnel can access sensitive data. They may also use anonymisation techniques, although, as discussed, this is not sufficient for robust privacy protection. Banks are increasingly exploring advanced methods like differential privacy to enhance data protection. This involves careful analysis and processing of customer data in a way that prevents the identification of individuals, thereby providing stronger privacy guarantees while still allowing the bank to utilise the data for business insights and services.