Quentin Fontaine and Satya Staes Polet in their article ‘Belgian DPA’s new FATCA ruling adds pressure on EU-US data transfers‘ commented on the recent decision of the Belgian DPA (article).
They rightly note that the decision also affects financial institutions and further affects other regulations under which personal data is massively exchanged:

Beyond FATCA, the Decision sets out a structured approach for assessing the GDPR compliance of large-scale, government-led data transfers involving sensitive financial or identity information. Similar issues of proportionality, transparency, and redress may arise in the context of anti-money laundering (AML) and prevention of terrorism reporting regimes, sanctions reporting regimes, Passenger Name Record (PNR) systems, or the OECD’s upcoming Crypto-Asset Reporting Framework.