2021 has already been a blockbuster year for AML related fines. Regulators across the globe are taking aggressive action against violators, handing down major financial penalties and in some cases, lengthy prison sentences to the individuals involved.
Throughout 2021 we’ve been collecting information on all AML fines as they were publicly announced by regulatory agencies. During the first half of 2021, 44 organisations have been fined an estimated $1,972,797,500 for AML and KYC related violations.
In this report, we will share the total numbers, summaries of each fine, and actionable takeaways that compliance and AML professionals can learn from.
AML Banks Fines Q1 2021
Summary: Malaysian Bank AmBank reached a $700 million dollar settlement with the government of Malaysia for its role in the 1MDB scandal that rocked Malaysian politics. The bank held former prime minister Najib Razak’s bank accounts including one which received a $681 million payment from the Saudi royal family. Razak was found guilty of money laundering and corruption over the transfer of millions of dollars linked to the 1MDB embezzlement scheme. The hefty fine is expected to have a material impact on AmBank’s earnings.
Key Takeaway: PEP transactions and suspicious activity reports should be reported to the local financial intelligence unit.
Summary: The US Department of Treasury’s Financial Crimes Enforcement Network (FinCEN) fined credit card firm Capital One for willful and negligent violations of the Bank Secrecy Act. FinCEN found Capital One failed to file thousands of suspicious activity reports (SARS) and suspicious transactions. Millions of dollars in suspicious transactions went unreported for six years from 2008 to 2014 in a unit that served cash-checking businesses. Over 50,000 transactions totaling more than $16 billion were not reported.
Key Takeaway: Cash intensive businesses and suspicious transactions subject to payment thresholds must be reported to regulatory and law enforcement agencies to stop criminals abusing the financial system.
Summary: Deutsche Bank agreed to pay more than $130 million for violations of the Foreign Corrupt Practices Act (FCPA). An investigation by the US Securities and Exchange Commission (SEC) into a bribery and commodities fraud scheme found the German bank funneled more than a million dollars in outright bribes and millions more in consultants to bolster the bank’s business around the world. The scheme included senior executive leaders, who knowingly and willfully conspired to falsify payments to corrupt consultants.
Key Takeaway: Banks must enforce an anti-bribery & corruption policy and have procedures to detect red flags and payments relating to `Gifts & Entertainment`. Senior executives must set a tone from the top to combat crime.
11 Banks in UAE
Summary: The United Arab Emirates central bank took enforcement action against 11 banks dishing out a combined total of $12.5 million in fines for AML failings. The Banks, which were not named, were found to have insufficient and inadequate money laundering and terrorist financing controls in 2019. UAE was criticized by the global financial crime watchdog FATF in the past for failing to act. The 11 fines are the first of its kind in the UAE. The central bank warned that it will continue to impose further financial sanctions in cases of non-compliance.
Key Takeaway: Regulated entities must ensure they have an adequate AML framework and the necessary controls in place to comply with an ever-changing regulatory landscape.
Apple Bank for Savings
Summary: Apple Bank for Savings settled a $12.5 million fine with the Federal Deposit Insurance Corporation (FDIC) for violating the Bank Secrecy Act. The regulator asked the bank to improve and enhance its AML compliance program, but Apple Bank for Savings failed to comply with that FDIC order in a timely manner. The violations occurred between April 2014 and September 2018.
Key Takeaway: Failings discovered during regulatory inspections must be addressed on time by allocating sufficient resources.
Summary: The French AML regulator, Autorité de contrôle prudentiel et de résolution (ACPR), fined ING following an inspection and shortcomings in the bank’s AML and counter-terrorist financing framework. The regulator found that ING did not have a good system to monitor and prevent money laundering and lacked complete and clear information about payers and payees of credit transfers that exceeded payment thresholds. Furthermore, the bank did not know some clients were Politically Exposed Persons (PEPs) presenting a heightened risk of bribery or corruption.
Key Takeaway: Banks must identify PEPs and adopt a risk-based approach and apply enhanced due diligence risk mitigation measures to manage PEP risk. Having effective AML & KYC systems and processes in place to monitor customers should be central to managing customer risk.
Fine: $2,650,000 each
Summary: Bahrain`s criminal court sentenced five officials of Iran-owned Future Bank to five years in prison and fined $2.65 million each for committing money laundering offences. Future Bank is majority owned by Bank Saderat and Bank Melli – financial institutions subject to strict financial and economic sanctions. The executives were found to have deliberately concealed and stripped information from transactions when transferring funds over the SWIFT network to disguise the origin and beneficiary of funds.
Key Takeaway: Wire stripping and tampering with payment details is a criminal offence punishable by law.
Deutsche Bank and Discovery Life
Summary: The South African Reserve Bank (SARB) imposed penalties against Deutsche Bank and Discovery Life for weaknesses in complying with the Financial Intelligence Centre Act (FIC Act) – a legislation aimed at combating money laundering and terrorist financing. The central bank emphasized the bank was sanctioned due to a lack of governance and controls but not found to have facilitated transactions involving terrorist financing or money laundering. Discovery Life failed to fulfil cash threshold reporting requirements. Deutsche failed in customer due diligence and enhanced due diligence procedures.
Key Takeaway: Non-compliance in terms of KYC and CDD controls and governance often results in financial penalties. Aligning your governance and control framework to regulatory rulebooks can mitigate regulatory risk.
AML Banks Fines Q2 2021
Summary: ABN Amro agreed to pay $574 million as part of a settlement with Dutch prosecutors due to serious shortcomings in AML. Clients engaged in criminal activities abused bank accounts. The settlement was paid to cover “unlawfully obtained gains” prosecutors said. ABN last year doubled its team dedicated to detecting and investigating suspicious transactions. The Dutch bank reported a net loss of $66 million over the first quarter of 2021.
Key takeaway: Hefty regulatory fines can have a negative impact on a bank’s balance sheet.
Bank Julius Baer
Summary: Julius Baer, a Swiss bank, admitted conspiring to launder over $36 million in bribes through the USA to FIFA officials. The bank entered into a deferred prosecution agreement and was ordered to pay $79 million in penalties for its role in the FIFA money laundering scandal.
Key Takeaway: Corruption and money laundering can land you in serious hot water with the authorities resulting in criminal enforcement.
Summary: DNB ASA, the largest financial services group in Norway, was reprimanded and ordered to pay a fine of $48.1 million for money laundering lapses. The Norwegian regulator said a routine regulatory inspection revealed serious breaches in AML compliance. The violations had occurred under Norway’s old money laundering act, however the fine imposed related to breaches of current AML legislation only. The bank agreed to make improvements to its AML policies and procedures.
Key Takeaway: A banks AML framework, policy and procedures should be regularly reviewed and improved as part of a continuous improvement program to combat financial crime.
Summary: Latvia’s watchdog imposed a fine of $6.9 million to Rietumu Banka for AML and counter-terrorism violations. The Financial and Capital Market Commission (FCMC) carried out an investigation in 2019 to assess the bank’s internal controls and systems to see if the bank could identify and mitigate risks domestically. Irregularities and deficiencies were identified, and the bank was found to inadequately assess risks of payment service providers. A lack of resources were allocated by the bank to address issues. Risk assessments and risk scoring were found to be defective, and transaction monitoring alerts affected customers.
Key Takeaway: Shortcomings in AML clearly can have a negative impact on the customer experience.
Summary: Nasdaq’s Stockholm’s disciplinary committee ordered Swedbank AB to pay $5.5 million for AML failures and breaching rules on disclosure of information and classifying inside information. The committee said Swedbank breached its rulebook by not classifying information concerning money laundering which was widely known by the bank’s senior management.
Key takeaway: AML failings are not only of primary concern to the regulator, but the stock exchange can impose penalties for failing to disclose information.
Deutsche Bank AG
Summary: The South African Reserve Bank (SARB) imposed an administrative penalty after the supervisory authority found weaknesses in Deutsche Bank’s AML internal controls following an inspection in 2019. The bank failed to comply with provisions outlined in the Financial Intelligence Act including compliance with customer due diligence and enhanced due diligence requirements; record keeping; and governance of AML and counter terrorism financing requirements.
Key takeaway: Systemic failures in AML can result in multiple fines in different jurisdictions.
Bank J. Safra Sarasin
Summary: The Monetary Authority of Singapore (MAS) fined the Singapore branch of Bank J. Safra Sarasin (BJS) – a private Swiss bank – $1 million US dollars due to non-compliance with MAS’ AML and counter-terrorism financing regulations. The violations took place from March 2014 to September 2018 and involved serious breaches in customer onboarding and ongoing monitoring of business relationships. BJS failed to identify and verify source of wealth and funds and understand the rationale behind numerous high value transactions with no economic purpose.
Key takeaway: Unusually large sum transactions which have no obvious economic purpose and source of wealth lack of verification are unlikely to go unpunished by regulators.
Four Pakistani Banks
Summary: Pakistan is another on the FATF grey list for strategic deficiencies in its AML and counter-terrorism financing framework. The country’s regulator – The State Bank of Pakistan (SBP) – dished out $614k in fines on four of the largest banks. The banks were not named but were fined for failing to comply with regulatory obligations relating to banking operations, customer due diligence, AML, and foreign exchange. The central bank advised the four banks to strengthen and improve AML procedures.
Key takeaway: Pressure by FATF and the international community can be the springboard for regulators to act.
Citibank Taiwan & DBS Bank Taiwan
Fine: $357,194 & $214,302
Summary: Citibank Taiwan and DBS Bank Taiwan were both on the receiving end of regulatory fines by Taiwans’ Financial Supervisory Commission (FSC) for failing to evaluate money laundering risks and detecting suspicious activity. Citibank Taiwan ignored transaction types specific to Taiwan that potentially are linked to proceeds of crime. Transactions to high-risk jurisdictions and one-person corporate clients sharing the same billing address and contact details were ignored as red flags and marked as low or medium risk customers. Moreover, the transaction monitoring system excluded large value transactions which went against the spirit of AML principles.
Key takeaway: Risk appetite, systems, controls, and processes should be adapted to country-specific requirements and regulations.
Summary: Malta-based Em@ney Plc, an online bank, was fined by Malta’s Financial Intelligence Analysis Unit (FIAU) for a series of AML breaches involving passport sales and cryptocurrencies with links to organised crime. The online bank failed to perform enhanced due diligence for high-risk customers and investigate adverse media alerts that showed criminal connections. Em@ney Plc did not collect any information regarding the nature of transactions in sixteen files held by the bank and did not obtain sufficient information relating to business activity of customers in another four files.
Key takeaway: Failing to carry out enhanced due diligence and investigating links to organised crime poses a serious risk to banking operations.
Sapien Capital Limited
Summary: The Financial Conduct Authority (FCA) fined investment firm Sapien Capital Limited $248,000 for failing to stop financial crime and money laundering relating to Cum-Ex trades. Sapien Capital executed more than £6 billion pounds of trades on behalf of hedge-fund manager Sanjay Shah’s Solo Capital group who emerged as a key figure in a $1.6 billion-dollar international tax fraud scheme. More than twenty-five bankers, traders and lawyers have been charged in the U.K, Germany, and Denmark.
Key takeaway: Always follow the money trail in financial crime investigations.
The Baramati Sahakari Bank, Mogaveera Co-operative Bank & Indapur Urban Co-operative Bank
Summary: Three Indian banks were hit with monetary penalties by the Reserve Bank of India (RBI). Mogaveera Co-operative Bank and Indapur Urban Co-operative bank, respectively, were fined for breaching KYC norms. The Baramati Sahakari Bank was also fined for contravention of norms and statutory restrictions.
Key takeaway: Adhering and complying with KYC norms should be the first line of defence.
Summary: The Cayman Islands Monetary Authority (CIMA) sanctioned a leading corporate services firm for breaching AML regulations. Intertrust has a protracted history of non-compliance. Failures in Know Your Customer (KYC) and customer due diligence (CDD) included shortcomings in identifying the ultimate beneficial owners (UBOs); collecting documentation; verifying the source of funds; establishing the nature of business; and monitoring clients. Scrutiny on local service providers had increased as the Cayman Islands was added to the Financial Action Task Force’s (FATF) grey list. Failings in AML are often inter-linked.
Key takeaway: Compliance teams need to ensure they collect documentation and verify UBOs which should be an integral part of your AML program.
Nan Shan Life Insurance
Summary: Taiwan’s Financial Supervisory Commission fined Nan Shan Life Insurance for poor AML practices and a lack of internal controls. Salespeople broke the law by paying premiums on behalf of customers to earn reward points and sharing proceeds. Nan Shan’s systems failed to identify and block such payments and the company failed in preventing fraud and money laundering.
Key takeaway: Monitoring insider threats should be a fundamental component of Fraud and AML surveillance but is often overlooked by firms.
Punjab National Bank and Bank of India
Summary: Punjab National Bank and Bank of India (BOI) were on the receiving end of fines imposed by the Reserve Bank of India (RBI) because they did not comply with certain requirements set by the authorities. Breaches included stipulated transaction limits, delayed reporting of fraud, sale of a fraudulent asset, and not meeting KYC norms and AML standards.
Key takeaway: Failing to report to supervisory authorities may result in administrative sanctions and penalties for a range of breaches.
Score Priority Corp
Actionable: The United States Financial Industry Regulatory Authority (FINRA) imposed a $250,000 fine to Score Priority Corp for failing to develop and implement an effective Anti-Money Laundering (AML) program to comply with the Bank Secrecy Act. The business lacked AML procedures to detect and monitor suspicious activity in the firm’s trading platform and customer accounts. Score Priority did not describe the steps or the frequency of monitoring transactions in foreign accounts, and did not use reports or automated tools to detect red flags.
Key takeaway: Manual reviews and failing to use surveillance systems to monitor transactions will undoubtedly lead to regulatory action.
Unnamed Exchange house
Summary: An unnamed exchange house was fined $136,000 by the Central Bank of the United Arab Emirates (UAE) for deficiencies in its AML compliance framework. The exchange house had a poor history in compliance and failed to prevent money laundering and terrorism financing. The supervisory authority of the UAE reminded exchange houses of their compliance obligations including the owners and employees of such firms to abide to laws, regulations, and standards both domestic and international.
Key takeaway: Cash intensive businesses must implement a robust AML framework to protect the integrity and transparency of the financial system.
Standard Chartered Trust (Guernsey)
Summary: Standard Chartered Trust (Guernsey) was placed in liquidation in May 2020 but will need to pay a financial penalty of over $194,000 relating to onboarding, customer due diligence, and risk assessment processes and procedures. The Guernsey Financial Services Commission (GFSC) found serious issues relating to the firm’s compliance practices. Most of Standard Chartered Trust’s clients were high-risk entities.
Key takeaway: Regulated firms must ensure they adopt sound and robust KYC and AML processes and carry out enhanced due diligence of high-risk customers at the point of onboarding and as part of an ongoing monitoring program.