Banks normally monitor (i.e., manage) money transfers (i.e., information), in part to make sure that nefarious people are not transferring money to other nefarious people. Apparently, they needed to monitor (i.e., manage) who their customers are (i.e., information).
“Australia’s Biggest Bank Faces Record Fine,” The Wall Street Journal, June 5, 2018 B10. Fine of $530 million proposed for bank who failed to catch transfers of money in and out of an account owned by someone who left the country (Australia) in 1999 (and who “had also been charged in Lebanon in 2004 with belonging to a terrorist organization…”).
So, does “information” include who your customers are and whether they are charged as terrorists in another country? How do you monitor that? Just ask your customers to notify you if they are charged with terrorism? Have them sign a form annually stating that they haven’t been charged as a terrorist?