2020 was a blockbuster year for AML related fines. Regulators across the globe took aggressive action against violators, handing down major financial penalties and in some cases, lengthy prison sentences to the individuals involved.
Throughout 2020 we collected information on all AML fines as they were publicly announced by regulatory agencies. In this report, we will share the total numbers, summaries of each fine, and actionable takeaways that compliance and AML professionals can learn from.
Note: these numbers do not include the fines levied against Goldman Sachs for their role in the 1MDB scandal. While these fines did include AML related violations, they also included anti-corruption, bribery, and other violations which make it difficult to separate the fines specific to AML related violations.
- In total 28 financial institutions were issued fines for AML related violations in 2020.
- Regulators from 14 countries issued AML related fines in 2020.
- In total, these financial institutions were fined roughly $3,224,875, 355 billion USD and £2,615,333,831 GBP.
- Q3 2020 saw the highest total of fines with $1,196,499,200 USD and £863,106,109 GBP.
- US regulators were the most aggressive, penalising banks $1,557,521,256 USD and £1,141,050,882 GBP in fines.
- Australian regulators were closely behind with $946,563,168 USD and £765,709,861 GBP in fines.
Australia AML Fines 2020
The second largest Australian bank, Westpac, was hit with a record $900 million fine for breaching AML laws. AUSTRAC – Australia’s financial crime watchdog – reported that Westpac failed to report over 19 million cross-border transactions. Some payments were linked and made to human trafficking and child exploitation operators based in the Philippines between 2013 and 2019. Westpac also failed in meeting compliance requirements to retain records and conduct customer due diligence checks on high-risk overseas correspondent banks.
Fine: $945,090,300.00, £692,699,643.35
Key takeaway: A proportionate risk-based approach on high-risk entities, and correspondent banks should be a fundamental part of your AML screening and due diligence program. Transactions to and from high-risk countries should always be monitored.
State Street Bank
U.S.-based State Street was slapped with a $950k fine for ninety-nine (99) self-reported breaches that left the bank exposed to money laundering, terrorism, human trafficking, and tax evasion crimes. The financial institution was fined for each breach by failing to declare international transaction instructions that left State Street widely exposed. The Australian Transaction Reports and Analysis Centre (AUSTRAC) said banks need to report suspicious transactions in a timely manner to counter terrorism-financing and money laundering.
Fine: $1,472,868.00, £1,079,531.91
Key takeaway: Always report suspicious activity on time and provide detailed information in SARs so authorities can take the necessary action.
Bahrain AML Fines 2020
Three senior officials at Future Bank were sentenced to five years in jail and fined $2.65 million each. Future bank is a sanctioned bank operating under the supervision of Bank Melli Iran and Bank Saderat Iran – financial institutions subject to strict international sanctions. Future Bank carried out thousands of financial transactions for Iranian entities by stripping and concealing information on transactions sent on the SWIFT network. Not only was Future Bank fined, but the three senior executives were prosecuted and sentenced in two money laundering cases by Bahrain’s High Criminal Court.
Fine: $98,139,207.00, £71,930,686.08
Key takeaway: The criminal and justice system may hold senior managers personally liable and accountable for breaking the law, resulting in lengthy jail sentences.
China AML Fines 2020
China’s central bank, The People’s Bank of China (PBOC), levied a $378,200 fine against BNP Paribas for failures in KYC identification and reporting suspicious transactions. The KYC and AML breaches also resulted in three executives being held accountable and fined.
Fine: $378,200.00 £276,980.44
Key takeaway – Senior management face fines or even worse jail time for violating the law.
Germany AML Fines 2020
The German lender was again in hot water with prosecutors who fined Deutsche Bank over $16 million for suspected money laundering and financial crimes in over 600 cases between 2010 and 2015. The transactions were linked to the Azerbaijan Laundromat which laundered billions of euros in efforts to win and exert political influence. Deutsche Bank failed to file timely alerts about suspicious activity and transactions with about 25,500 transactions via Danske Bank to western countries.
Fine: $16,374,573, £12,001,668.92
Key takeaway: Effective AML controls for correspondent banking should be implemented to capture red flags, investigate, and report suspicious transactions to law and regulatory enforcement agencies.
Hong Kong AML Fines 2020
Guotai Junan Securities
Hong Kong’s watchdog fined Guotai Junan Securities $3.25 million for AML violations and other regulatory breaches including the handling of third-party transactions and wash trades. Investigators found Guotai Junan failed to take reasonable measures to mitigate money laundering and terrorist financing risk by failing to monitor client's activity. Guotai Junan also did not effectively enforce policies and procedures with respect to third party transactions.
Fine: $3,300,000.00, £2,418,720.01
Key takeaway: KYC & AML policies and procedures must always be implemented taking reasonable efforts and measures to identify and mitigate financial crime risks.
Bank of Communications
The Securities and Future Commission (SFC), Hong Kong’s markets watchdog, fined Bank of Communications (BOCOM), one of China’s largest banks, for multiple regulatory breaches. BOCOM violated Hong Kong’s AML and counter-terrorist financing rules and regulations by failing to identify deposits made into customer accounts by third-party bank transfers and cheques in 2009, 2011 and 2015. The regulator found authorisation of transactions and client complaints breached provisions in internal control guidelines and the code of conduct.
Fine: $2,500,000.00, £1,830,912.50
Key takeaway – Ensure your AML and CFT policies cover CDD and EDD of third-party transactions.
Kenya AML Fines 2020
KCB Group, Equity, Co-op Bank Kenya, StanChart Kenya and Diamond Trust
Five Kenyan banks were fined relating to the theft of nearly $100 million by the national youth service (NYS) – a youth agency & governmental body of the Kenyan government. The mass scale theft involved government officials and ghost suppliers and was the second corruption scandal in recent years to hit NYS. The five banks - KCB Group, Equity, Co-op Bank Kenya, StanChart Kenya and Diamond Trust, respectively, failed to have adequate systems and procedures to stop money laundering and failed to comply with KYC laws.
Fine: $3,750,000.00, £5,118,161.28
Key takeaway – Make sure you have robust systems, controls, and procedures in place to comply with local and international KYC regulations.
Latvia AML Fines 2020
Failures to conduct due diligence and verify the source of wealth of your customers will certainly lead to regulatory action. Just ask Signet Bank. The Financial and Capital Market Commission (FCMC) of Latvia found a plethora of breaches and deficiencies. A cascade of astonishing compliance breaches including no due diligence on owners of certain accounts, gaping holes in obtaining the correct documentation, and failing to classify individual customers as shell companies, led to the Latvian bank having to pay a fine representing 10% of the bank’s total annual turnover.
Fine: $1,116,924.90, £818,645.03
Key takeaway: Always conduct due diligence on your customers. Check your customer data is up to date including, SoW and SoF have been identified and verified. Your customer information file should be updated and refreshed regularly.
Malta AML Fines 2020
Sparkasse Bank was used by Portmann Capital Management, a US investment firm, suspected of making illegal payments to a Venezuelan state oil company and government officials of the Maduro regime. Various shortcomings were found at Sparkasse Bank during a routine regulatory inspection. A total of thirty-four customer files lacked the details required for customer due diligence. Customer risk assessment was carried out after establishing a business relationship and included insufficient details on geographic risk. There were failures to collect and verify sources of wealth, and a lack of monitoring high value transactions including no due diligence on standalone payments exceeding $1 million. Sparkasse also failed to establish the intended use of the account and did not collect sufficient information and documentation to establish the nature of business.
Fine: $260,814.80, £191,163.02
Key takeaway: Deficiencies in AML programs tend to be inter-linked. Customer risk evaluation must be completed at the stage of onboarding and dynamically throughout the customer life cycle. KYC documentation must be complete and always kept up to date as the regulator may ask to see customer information during routine inspections.
Lombard Bank was fined by Malta’s Financial Intelligence unit (FIAU) for breaching five AML and CFT provisions in Malta’s AML law. The bank failed to verify the source of funds for a politically exposed person (PEP) while three other files lacked sufficient information on the client’s source of wealth. Client documentation was not centralized, and the regulator also found shortcomings in how files were being manually reviewed. Furthermore, serious deficiencies were identified in transaction monitoring – payments did not represent the customer’s profile. Lombard Bank did not obtain further information and allowed the transactions to continue.
Fine: $412,379.80, £302,251.90
Key takeaway: Always identify and verify source of funds and source of wealth for PEPs. If in doubt, stop and make sure you have all the information you need to make an informed risk-based decision.
Paraguay AML Fines 2020
The Central Bank of Paraguay levied a record-breaking fine against Banco Itau, a major Brazilian bank for failing to comply with AML regulations. The financial institution failed to report suspicious activity to the regulator. The fine was the largest in Paraguay’s history and the second the bank faced in two years.
Fine: $9,600,000, £7,030,704
Key takeaway: Suspicious activity must be reported immediately to the authorities and should be supported using a risk-based approach.
Sweden AML fines 2020
A record fine for Sweden’s oldest retail bank, Swedbank was found to have serious deficiencies in its AML program and withheld information from the authorities. The bank processed $22 billion in suspicious transactions from Russian non-residents through Estonia. The Financial Supervisory Authority (FI) was surprised at the huge number of clients that did not have their real owners identified or verified. The investigation found deficiencies in risk classification, transaction monitoring, and insufficient governance of money laundering risks, processes, and procedures. Swedbank’s share price plummeted by a third and despite several warnings, the leadership team did not take sufficient measures to mitigate risks.
Fine: $432,154,800.00, £316,633,339.64
Key takeaway – Systemic failures breaching AML regulations can negatively affect a bank’s share price resulting in huge financial losses. Hiding information from the regulator is only going to make matters worse.
A probe into SEB Bank’s Baltic operations by regulators in Sweden and other Baltic countries found deficiencies in identifying and managing money laundering risk from non-resident customers in Russia and former Soviet states. The bank was found to have acted `too little and too late` by the FI which investigated SEB bank during the period between 2015-2019. AML controls and governance were found to be weak. SEB has been given a year to improve its AML transaction monitoring system.
Fine: $107,000,000.00, £78,373,063.10
Key takeaway: Non-resident customers warrant extra due diligence. Test your AML transaction monitoring system’s rules and controls in detecting money laundering and structuring of payments.
UK AML Fines 2020
Commerzbank’s UK branch was reprimanded by the FCA for failing to have adequate AML systems and controls between 2012 and 2017. Know Your Customer (KYC) and Customer Due Diligence (CDD) checks for over 1,700 clients were overdue. Weaknesses were identified in Commerzbank’s AML transaction monitoring system with 40 high-risk jurisdictions missing from the system and 1,110 high-risk clients not monitored at all. The bank failed to have adequate policies and procedures in place when conducting customer due diligence on high-risk customers.
Fine: $51,620,981.34, £37,805,400
Key takeaway – KYC remediation of customers must be completed on time. High-risk customers and incoming/outgoing funds to high-risk countries must be monitored as part of a risk-based approach. Policies, procedures, systems, and controls must be adequate to detect, prevent and mitigate money laundering risks.
US AML Fines 2020
Industrial Bank of Korea
The Industrial Bank of Korea (IBK) – a state-owned entity – was hit with a multi-million dollar fine for Iranian sanction violations. IBK allowed close to $1 billion dollars to be transferred to Iran and failed to implement adequate AML and CFT measures from 2011 to 2014. One of IBK’s clients was involved in the money laundering scheme transferring funds from a restricted account to local currency. The funds were later converted to U.S. dollars before being transferred to Iranian officials subject to international sanctions.
Fine: $86,000,000.00, £63,033,309.44
Key takeaway – International banks with branches in the U.S. must ensure they do not deal directly or indirectly with sanctioned individuals and entities.
Bank Hapoalim and its Swiss subsidiary were involved in a tax-evasion and money laundering scheme and pleaded guilty for conspiring to defraud the US tax authorities by setting up secret accounts and filing false tax returns. The bank’s employees assisted customers in concealing ownership, assets, and funds, to evade tax obligations by hiding $7.6 billion in 5,500 secret accounts held in Israeli and Swiss bank accounts. Bank Hapoalim’s role in the FIFA’s money laundering and corruption scandal was also in the spotlight.
Fine: $904,000,000.00, £662,142,514.46
Key takeaway – Tax evasion, fraud, and money laundering are crimes that do not respect borders. Monitoring transactions and employee activity should be a fundamental part of your AML compliance and fraud program.
Deutsche Bank found itself embroiled in the Jeffrey Epstein scandal and was hit with a £120 million pound fine for its failure to monitor its relationship and transactions with the convicted sex offender. US regulators discovered the German bank processed hundreds of transactions including payments to Russian models and suspicious cash withdrawals in the region of $800,000. Deutsche Bank helped Epstein transfer millions of dollars including large sums to resolve legal disputes and payments to women. Failures in monitoring transactions in the Danske Bank scandal was also cited in the settlement.
Fine: $150,000,000.00, £109,854,750.00
Key takeaway: Large cash withdrawals is a red flag – ensure your AML system can detect rapid movement of funds, large cash withdrawals, and suspicious transactions to and from third parties.
- Violation and fine information was collected by manually reviewing all public announcements made by regulators globally from January 1, 2020, to December 31, 2020.
- In all cases, the fines were related to historic offences that had taken place in previous years.
- These findings include only AML related fines and do not include fines related to sanctions, MIFID, and data privacy-related violations.
- These findings include only fines given to banks that exceeded $100,000 USD.