2021 was yet another blockbuster year for AML related fines. While the total dollar amount of AML fines for the year fell from $3.2 billion to $2.7 billion, the number of institutions fined dramatically increased, going from 24 in 2020 to 80 in 2021.
Throughout 2021 we’ve been collecting information on all AML fines as they were publicly announced by regulatory agencies. During the first half of 2021, 80 banks have been fined an estimated $2,732,099,008 for AML and KYC related violations.
In this report, we will share the total numbers, summaries of each fine, and actionable takeaways that compliance and AML professionals can learn from.
AML FINES Q1 2021
Summary: Malaysian Bank AmBank reached a $700 million dollar settlement with the government of Malaysia for its role in the 1MDB scandal that rocked Malaysian politics. The bank held former prime minister Najib Razak’s bank accounts including one which received a $681 million payment from the Saudi royal family. Razak was found guilty of money laundering and corruption over the transfer of millions of dollars linked to the 1MDB embezzlement scheme. The hefty fine is expected to have a material impact on AmBank’s earnings.
Key Takeaway: PEP transactions and suspicious activity reports should be reported to the local financial intelligence unit.
Summary: The US Department of Treasury’s Financial Crimes Enforcement Network (FinCEN) fined credit card firm Capital One for willful and negligent violations of the Bank Secrecy Act. FinCEN found Capital One failed to file thousands of suspicious activity reports (SARS) and suspicious transactions. Millions of dollars in suspicious transactions went unreported for six years from 2008 to 2014 in a unit that served cash-checking businesses. Over 50,000 transactions totaling more than $16 billion were not reported.
Key Takeaway: Cash intensive businesses and suspicious transactions subject to payment thresholds must be reported to regulatory and law enforcement agencies to stop criminals abusing the financial system.
Summary: Deutsche Bank agreed to pay more than $130 million for violations of the Foreign Corrupt Practices Act (FCPA). An investigation by the US Securities and Exchange Commission (SEC) into a bribery and commodities fraud scheme found the German bank funneled more than a million dollars in outright bribes and millions more in consultants to bolster the bank's business around the world. The scheme included senior executive leaders, who knowingly and willfully conspired to falsify payments to corrupt consultants.
Key Takeaway: Banks must enforce an anti-bribery & corruption policy and have procedures to detect red flags and payments relating to `Gifts & Entertainment`. Senior executives must set a tone from the top to combat crime.
11 Banks in UAE
Summary: The United Arab Emirates central bank took enforcement action against 11 banks dishing out a combined total of $12.5 million in fines for AML failings. The Banks, which were not named, were found to have insufficient and inadequate money laundering and terrorist financing controls in 2019. UAE was criticized by the global financial crime watchdog FATF in the past for failing to act. The 11 fines are the first of its kind in the UAE. The central bank warned that it will continue to impose further financial sanctions in cases of non-compliance.
Key Takeaway: Regulated entities must ensure they have an adequate AML framework and the necessary controls in place to comply with an ever-changing regulatory landscape.
Apple Bank for Savings
Summary: Apple Bank for Savings settled a $12.5 million fine with the Federal Deposit Insurance Corporation (FDIC) for violating the Bank Secrecy Act. The regulator asked the bank to improve and enhance its AML compliance program, but Apple Bank for Savings failed to comply with that FDIC order in a timely manner. The violations occurred between April 2014 and September 2018.
Key Takeaway: Failings discovered during regulatory inspections must be addressed on time by allocating sufficient resources.
Summary: The French AML regulator, Autorité de contrôle prudentiel et de résolution (ACPR), fined ING following an inspection and shortcomings in the bank’s AML and counter-terrorist financing framework. The regulator found that ING did not have a good system to monitor and prevent money laundering and lacked complete and clear information about payers and payees of credit transfers that exceeded payment thresholds. Furthermore, the bank did not know some clients were Politically Exposed Persons (PEPs) presenting a heightened risk of bribery or corruption.
Key Takeaway: Banks must identify PEPs and adopt a risk-based approach and apply enhanced due diligence risk mitigation measures to manage PEP risk. Having effective AML & KYC systems and processes in place to monitor customers should be central to managing customer risk.
Fine: $2,650,000 each
Summary: Bahrain`s criminal court sentenced five officials of Iran-owned Future Bank to five years in prison and fined $2.65 million each for committing money laundering offences. Future Bank is majority owned by Bank Saderat and Bank Melli – financial institutions subject to strict financial and economic sanctions. The executives were found to have deliberately concealed and stripped information from transactions when transferring funds over the SWIFT network to disguise the origin and beneficiary of funds.
Key Takeaway: Wire stripping and tampering with payment details is a criminal offence punishable by law.
Deutsche Bank and Discovery Life
Summary: The South African Reserve Bank (SARB) imposed penalties against Deutsche Bank and Discovery Life for weaknesses in complying with the Financial Intelligence Centre Act (FIC Act) - a legislation aimed at combating money laundering and terrorist financing. The central bank emphasized the bank was sanctioned due to a lack of governance and controls but not found to have facilitated transactions involving terrorist financing or money laundering. Discovery Life failed to fulfil cash threshold reporting requirements. Deutsche failed in customer due diligence and enhanced due diligence procedures.
Key Takeaway: Non-compliance in terms of KYC and CDD controls and governance often results in financial penalties. Aligning your governance and control framework to regulatory rulebooks can mitigate regulatory risk.
In addition to the fines listed above, two banks below have had investigations opened up for alleged violations of AML laws.
Fine: Facing charges
Summary: The Financial Conduct Authority (FCA) has started criminal proceedings against NatWest Group Plc. It is the first time the FCA is pursuing criminal action against a financial institution for breaching money laundering rules. Landmark money laundering charges were brought against the bank for failing to monitor company accounts receiving cash deposits totaling £365 over a 5-year period. NatWest failed to conduct proper due diligence and oversight in relation to Fowler Oldfield, a gold dealer and customer of the bank per se. The charges could lead to an unlimited fine. Shares fell by 3% as the announcement was made by the FCA. NatWest is part owned by the government.
Key Takeaway: Significant cash deposits are a red flag and suspicious transactions warrant extra due diligence.
Fine: Under investigation
Summary: ABN Amro is the subject of an ongoing money laundering investigation. Dutch prosecutors started an investigation in September 2019, but regulatory breaches were found to be broader and more complex than previously thought. The bank is now suspected of culpable money laundering, meaning ABN Amro was aware of money laundering but did not act turning a blind eye to criminal behavior. This raises the possibility of a higher fine and senior executives being held personally accountable and liable for money laundering. ABN Amro shares fell 4% following the announcement. The investigation is expected to last longer than expected.
Key Takeaway: Willfully ignoring money laundering or terrorist financing will have serious legal ramifications.
AML FINES Q2 2021
Summary: ABN Amro agreed to pay $574 million as part of a settlement with Dutch prosecutors due to serious shortcomings in AML. Clients engaged in criminal activities abused bank accounts. The settlement was paid to cover “unlawfully obtained gains'' prosecutors said. ABN last year doubled its team dedicated to detecting and investigating suspicious transactions. The Dutch bank reported a net loss of $66 million over the first quarter of 2021.
Key takeaway: Hefty regulatory fines can have a negative impact on a bank's balance sheet.
Bank Julius Baer
Summary: Julius Baer, a Swiss bank, admitted conspiring to launder over $36 million in bribes through the USA to FIFA officials. The bank entered into a deferred prosecution agreement and was ordered to pay $79 million in penalties for its role in the FIFA money laundering scandal.
Key Takeaway: Corruption and money laundering can land you in serious hot water with the authorities resulting in criminal enforcement.
Summary: DNB ASA, the largest financial services group in Norway, was reprimanded and ordered to pay a fine of $48.1 million for money laundering lapses. The Norwegian regulator said a routine regulatory inspection revealed serious breaches in AML compliance. The violations had occurred under Norway’s old money laundering act, however the fine imposed related to breaches of current AML legislation only. The bank agreed to make improvements to its AML policies and procedures.
Key Takeaway: A banks AML framework, policy and procedures should be regularly reviewed and improved as part of a continuous improvement program to combat financial crime.
Summary: Latvia’s watchdog imposed a fine of $6.9 million to Rietumu Banka for AML and counter-terrorism violations. The Financial and Capital Market Commission (FCMC) carried out an investigation in 2019 to assess the bank's internal controls and systems to see if the bank could identify and mitigate risks domestically. Irregularities and deficiencies were identified, and the bank was found to inadequately assess risks of payment service providers. A lack of resources were allocated by the bank to address issues. Risk assessments and risk scoring were found to be defective, and transaction monitoring alerts affected customers.
Key Takeaway: Shortcomings in AML clearly can have a negative impact on the customer experience.
Summary: Nasdaq’s Stockholm’s disciplinary committee ordered Swedbank AB to pay $5.5 million for AML failures and breaching rules on disclosure of information and classifying inside information. The committee said Swedbank breached its rulebook by not classifying information concerning money laundering which was widely known by the bank’s senior management.
Key takeaway: AML failings are not only of primary concern to the regulator, but the stock exchange can impose penalties for failing to disclose information.
Deutsche Bank AG
Summary: The South African Reserve Bank (SARB) imposed an administrative penalty after the supervisory authority found weaknesses in Deutsche Bank’s AML internal controls following an inspection in 2019. The bank failed to comply with provisions outlined in the Financial Intelligence Act including compliance with customer due diligence and enhanced due diligence requirements; record keeping; and governance of AML and counter terrorism financing requirements.
Key takeaway: Systemic failures in AML can result in multiple fines in different jurisdictions.
Bank J. Safra Sarasin
Summary: The Monetary Authority of Singapore (MAS) fined the Singapore branch of Bank J. Safra Sarasin (BJS) - a private Swiss bank - $1 million US dollars due to non-compliance with MAS’ AML and counter-terrorism financing regulations. The violations took place from March 2014 to September 2018 and involved serious breaches in customer onboarding and ongoing monitoring of business relationships. BJS failed to identify and verify source of wealth and funds and understand the rationale behind numerous high value transactions with no economic purpose.
Key takeaway: Unusually large sum transactions which have no obvious economic purpose and source of wealth lack of verification are unlikely to go unpunished by regulators.
Four Pakistani Banks
Summary: Pakistan is another on the FATF grey list for strategic deficiencies in its AML and counter-terrorism financing framework. The country’s regulator - The State Bank of Pakistan (SBP) - dished out $614k in fines on four of the largest banks. The banks were not named but were fined for failing to comply with regulatory obligations relating to banking operations, customer due diligence, AML, and foreign exchange. The central bank advised the four banks to strengthen and improve AML procedures.
Key takeaway: Pressure by FATF and the international community can be the springboard for regulators to act.
Citibank Taiwan & DBS Bank Taiwan
Fine: $357,194 & $214,302
Summary: Citibank Taiwan and DBS Bank Taiwan were both on the receiving end of regulatory fines by Taiwans’ Financial Supervisory Commission (FSC) for failing to evaluate money laundering risks and detecting suspicious activity. Citibank Taiwan ignored transaction types specific to Taiwan that potentially are linked to proceeds of crime. Transactions to high-risk jurisdictions and one-person corporate clients sharing the same billing address and contact details were ignored as red flags and marked as low or medium risk customers. Moreover, the transaction monitoring system excluded large value transactions which went against the spirit of AML principles.
Key takeaway: Risk appetite, systems, controls, and processes should be adapted to country-specific requirements and regulations.
Summary: Malta-based Em@ney Plc, an online bank, was fined by Malta's Financial Intelligence Analysis Unit (FIAU) for a series of AML breaches involving passport sales and cryptocurrencies with links to organised crime. The online bank failed to perform enhanced due diligence for high-risk customers and investigate adverse media alerts that showed criminal connections. Em@ney Plc did not collect any information regarding the nature of transactions in sixteen files held by the bank and did not obtain sufficient information relating to business activity of customers in another four files.
Key takeaway: Failing to carry out enhanced due diligence and investigating links to organised crime poses a serious risk to banking operations.
The Baramati Sahakari Bank, Mogaveera Co-operative Bank & Indapur Urban Co-operative Bank
Summary: Three Indian banks were hit with monetary penalties by the Reserve Bank of India (RBI). Mogaveera Co-operative Bank and Indapur Urban Co-operative bank, respectively, were fined for breaching KYC norms. The Baramati Sahakari Bank was also fined for contravention of norms and statutory restrictions.
Key takeaway: Adhering and complying with KYC norms should be the first line of defence.
Summary: The Cayman Islands Monetary Authority (CIMA) sanctioned a leading corporate services firm for breaching AML regulations. Intertrust has a protracted history of non-compliance. Failures in Know Your Customer (KYC) and customer due diligence (CDD) included shortcomings in identifying the ultimate beneficial owners (UBOs); collecting documentation; verifying the source of funds; establishing the nature of business; and monitoring clients. Scrutiny on local service providers had increased as the Cayman Islands was added to the Financial Action Task Force’s (FATF) grey list. Failings in AML are often inter-linked.
Key takeaway: Compliance teams need to ensure they collect documentation and verify UBOs which should be an integral part of your AML program.
Nan Shan Life Insurance
Summary: Taiwan’s Financial Supervisory Commission fined Nan Shan Life Insurance for poor AML practices and a lack of internal controls. Salespeople broke the law by paying premiums on behalf of customers to earn reward points and sharing proceeds. Nan Shan’s systems failed to identify and block such payments and the company failed in preventing fraud and money laundering.
Key takeaway: Monitoring insider threats should be a fundamental component of Fraud and AML surveillance but is often overlooked by firms.
Punjab National Bank and Bank of India
Summary: Punjab National Bank and Bank of India (BOI) were on the receiving end of fines imposed by the Reserve Bank of India (RBI) because they did not comply with certain requirements set by the authorities. Breaches included stipulated transaction limits, delayed reporting of fraud, sale of a fraudulent asset, and not meeting KYC norms and AML standards.
Key takeaway: Failing to report to supervisory authorities may result in administrative sanctions and penalties for a range of breaches.
Score Priority Corp
Actionable: The United States Financial Industry Regulatory Authority (FINRA) imposed a $250,000 fine to Score Priority Corp for failing to develop and implement an effective Anti-Money Laundering (AML) program to comply with the Bank Secrecy Act. The business lacked AML procedures to detect and monitor suspicious activity in the firm’s trading platform and customer accounts. Score Priority did not describe the steps or the frequency of monitoring transactions in foreign accounts, and did not use reports or automated tools to detect red flags.
Key takeaway: Manual reviews and failing to use surveillance systems to monitor transactions will undoubtedly lead to regulatory action.
Sapien Capital Limited
Summary: The Financial Conduct Authority (FCA) fined investment firm Sapien Capital Limited $248,000 for failing to stop financial crime and money laundering relating to Cum-Ex trades. Sapien Capital executed more than £6 billion pounds of trades on behalf of hedge-fund manager Sanjay Shah’s Solo Capital group who emerged as a key figure in a $1.6 billion-dollar international tax fraud scheme. More than twenty-five bankers, traders and lawyers have been charged in the U.K, Germany, and Denmark.
Key takeaway: Always follow the money trail in financial crime investigations.
Standard Chartered Trust (Guernsey)
Summary: Standard Chartered Trust (Guernsey) was placed in liquidation in May 2020 but will need to pay a financial penalty of over $194,000 relating to onboarding, customer due diligence, and risk assessment processes and procedures. The Guernsey Financial Services Commission (GFSC) found serious issues relating to the firm’s compliance practices. Most of Standard Chartered Trust’s clients were high-risk entities.
Key takeaway: Regulated firms must ensure they adopt sound and robust KYC and AML processes and carry out enhanced due diligence of high-risk customers at the point of onboarding and as part of an ongoing monitoring program.
Unnamed Exchange house
Summary: An unnamed exchange house was fined $136,000 by the Central Bank of the United Arab Emirates (UAE) for deficiencies in its AML compliance framework. The exchange house had a poor history in compliance and failed to prevent money laundering and terrorism financing. The supervisory authority of the UAE reminded exchange houses of their compliance obligations including the owners and employees of such firms to abide to laws, regulations, and standards both domestic and international.
Key takeaway: Cash intensive businesses must implement a robust AML framework to protect the integrity and transparency of the financial system.
AML FINES Q3 2021
Our AML Fines Report Q3 2021 summarises regulatory fines from around the world. We found more than twelve regulated entities, including senior managers were fined a total of $198,301,508 from 1st July – 30th September 2021. Below we explore each of the fines and provide actionable takeaways for AML and compliance professionals.
Summary: One of the world’s largest crypto trading platforms, BitMex, agreed to pay a $100 million fine to settle charges with the Financial Crimes Enforcement Network (FinCEN) and Commodities Futures Trading Commission (CFTF) for violating AML regulations and trading cryptocurrencies without regulatory approval.
BitMex failed to maintain AML controls and procedures and was found to have facilitated over $209 million in illegal transactions with darknet markets and unregistered money service businesses.
FinCEN claims BitMex’s senior leadership team deliberately altered customer information to hide the customer’s true location and were unwilling to collect more than an email address. Investigations into the co-founders of BitMex are ongoing.
Key takeaway: Obscuring illegal transactions to hide the beneficiary and failing to collect sufficient information on the customer is a criminal offence. Wilfully failing to comply with AML regulations may lead to serious ramifications for senior directors.
Future Bank, Central Bank of Iran, and other Iranian Banks
Summary: Bahrain’s high criminal court fined and convicted the Central Bank of Iran, Future Bank, and other Iranian banks a total of $50 million, confiscating $1.3 billion in a ground-breaking money laundering case.
Five Future Bank officials were sentenced to five-years in prison. The public prosecution service uncovered a large-scale money laundering operation involving alternate and unapproved payment transfer systems and stripping of SWIFT messages to conceal the beneficiary and source of funds – methods used to circumvent international sanctions imposed on Iranian individuals and entities. Further investigations are ongoing.
Key takeaway: Payment stripping to circumvent sanctions is a contravention of money laundering and terrorist financing laws that inevitably leads to prosecution. Sender, beneficiary and BIC codes should be screened for incoming and outgoing transactions.
Summary: The cryptocurrency arm of Robinhood Markets Inc reached a $30 million settlement agreement with the New York Department of Financial Services (NYDFS) after a probe into its cybersecurity and anti-money laundering (AML) practices.
NYDFS mandates that businesses maintain cyber defence systems and have contingency plans in the event of a hack. Financial firms must have AML programs, collect and verify customer data, respond to law enforcement requests, and comply with sanction regimes by screening and monitoring transactions.
The settlement is part of a proposed deal to end the investigation by NYDFS into alleged lax security and AML procedures at Robinhood Crypto.
Key takeaway: U.S. regulators are increasing scrutiny of crypto transactions and foreign exchanges used by criminal gangs to launder proceeds, evade taxes, or demand ransomware payments.
Summary: Malta’s Pilatus Bank was hit with a $5.8 million fine by the Financial Intelligence Analysis Unit (FIAU) for serious and systemic breaches of AML laws.
The FIAU said the bank's lax approach to customer due diligence was of particular concern. Pilatus bank failed to keep customer information, data, and documentation up to date in 97% of customer files reviewed by regulatory authorities. Egregious money laundering risks were not mitigated by the bank.
Dr. Claude-Anne Sant Fournier, the bank’s Head of Legal, and former Money Laundering Reporting Officer, has been charged with money laundering. The magistrates have also started criminal proceedings against eight individuals linked to Pilatus Bank. The move comes years after the murder of Daphne Galizia, a Maltese journalist, who accused the bank of being involved in money laundering and corruption.
Key takeaway: Assisting and abetting money laundering is a serious offence that carries a lengthy prison sentence.
Summary: Germany’s Federal Financial Supervisory authority BaFin, fined digital bank N26 relating to the late filing of 50 suspicious activity reports in 2019 and 2020. BaFin had already warned N26 and appointed a special commissioner to monitor N26’s compliance with an order to implement internal controls and comply with KYC and AML customer due diligence requirements.
The regulator said N26 needed to remediate backlogs in its AML monitoring system and re-verify several customers in its platform.
Key takeaway: Suspicious activity reports must always be filed to law and regulatory enforcement agencies on time. Alerts generated in AML transaction monitoring systems must always be remediated.
Summary: TSB Bank was ordered by the high court to pay $3.5 million for breaching AML regulations. The bank admitted it did not have adequate and effective controls for monitoring and mitigating compliance risks.
TSB failed to review and maintain its AML compliance programme and conduct risks assessments with respect to high-risk jurisdictions and high-risk sectors such as real estate. The fine comes five years after the bank was warned by the regulator for compliance failures.
Key takeaway: Banks should ensure AML/CFT policies, procedures and controls are regularly updated. High-risk activities including risky jurisdictions, sectors, high-risk customers, and products should be managed effectively as a priority.
Bank of China UK
Summary: Bank of China UK (BOC UK) settled a $2.3 million dollar fine with OFAC due to violations of the Sudan sanctions program. Between September 2014 and February 2016, BOC UK exported financial services from the U.S. by processing over 111 commercial transactions for over $40 million in total through the U.S. financial system on behalf of third parties in Sudan.
BOC UK’s internal customer database and outgoing SWIFT messages did not include any references to Sudan. Furthermore, BOC UK’s compliance team did not appropriately evaluate and escalate potential transactions with ties to Sudan. The transactions sent via U.S. correspondents were in breach of the Sudanese Sanctions Regulations. Certain sanctions with respect to Sudan were revoked in December 2020.
Key takeaway: The U.S. aggressively enforces its economic sanctions policy not only against U.S. entities but also foreign overseas businesses with connections to the U.S.
Summary: Payoneer, a leading financial services company providing online money transfer and digital payment services, agreed to settle a $1.4 million settlement with the U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) for 2,260 sanction breaches. Payoneer was found to have processed payments for third parties in sanctioned countries including Iran, Sudan, Syria, and the Crimea region of Ukraine along with payments of sanctioned individuals on OFAC’s SDN List.
The regulator found deficiencies in Payoneer’s sanctions program with respect to screening, testing, review of transactions, and compliance audits. This resulted in $802k worth of transactions processed on behalf of sanctioned individuals and countries.
Key takeaway: Numerous regulated and obliged entities have been fined due to outdated sanctions watchlist screening filters that miss important matches on a sanctions list. Regulated firms should regularly test the effectiveness of their screening filter and optimise watchlist screening to prevent the risk of breaching sanctions law.
Summary: German state-owned bank KfW-Ipex was fined $178,000 for facilitating loans to an Angolan brewery linked to Africa’s richest woman Isabel dos Santos, who was exposed in the Luanda Leaks by the International Consortium of Investigative Journalists (ICIJ).
ICIJ’s partners found that KfW-Ipex loaned $55 million to Angolan state-owned bank Banco de Poupanca e Credito which then loaned the funds to dos Santos’ brewery Sodiba. Dos Santos used the loan to purchase the brewery from German manufacturer Krones AG.
Key takeaway: Payments and loans to Politically Exposed Persons (PEPs) in high-risk jurisdictions should be subject to enhanced due diligence and heavily scrutinised for corruption and money laundering risks.
Taipei Fubon Commercial Bank
Summary: Taipei Fubon Commercial Bank was fined by The Financial Supervisory Commission (FSC) for breaching money laundering norms. The bank activated an account when orally instructed by bank president Roman Cheng.
The FSC found the bank did not implement robust controls against money laundering nor perform Know Your Customer (KYC) checks, failing to collect client documentation and verify the ultimate beneficial owner. Cheng allegedly approved a loan to a Chinese company for personal gain – a clear conflict of interest and ethics breach.
Key takeaway: Banks should be careful when opening accounts without KYC documents and ID verification. Conflict of interests may lead to disciplinary action and termination of employment.
Yardley Securities Limited CEO
Summary: In March 2021, The Securities and Futures Commission (SFC) of Hong Kong fined Yardley Securities Limited (YSL) $901,453 for failing to comply with counter-terrorism financing (AML/CFT) rules.
SFC announced in July 2021 it had reprimanded YSL’s Chief Executive Officer, Money Laundering Reporting Officer, and Compliance director for AML/CFT breaches. CEO Raymond Leung Tak Shing was responsible for handling and approving third-party fund transfers and was fined $52,000. Hong Kong’s financial watchdog said as a senior manager of the firm, Leung failed to ensure YSL had adequate systems in place to mitigate financial crime risks and adopted a lax attitude towards compliance.
Key takeaway: Personal liability and accountability of senior managers is on the rise. Wilful negligence may result in personal fines and being debarred from the financial industry.
AML FINES Q4 2021
Summary: Following the first time the Financial Conduct Authority (FCA) pursued criminal convictions in the UK, NatWest not only pleaded guilty but was handed a multi-million dollar fine by the authorities. NatWest failed to monitor the activity of Fowler Oldfield, a commercial customer and jewellery business. Approximately $356 was deposited in cash and despite some employees reporting suspicions to the bank, red flags were ignored. Furthermore, the banks transaction monitoring system incorrectly registered cash deposits as cheque deposits which carries a lower risk of money laundering. Twelve individuals are awaiting trial to commence in April 2022 in relation to the activities of Fowler Oldfield.
Key takeaway: Failing AML transaction monitoring systems is an emerging pattern appearing in regulatory fines issued to larger financial institutions. Check yours is fit-for-purpose and perform impact analysis of any gaps you’ve identified in the software make-up.
Summary: The second largest fine in Q4 was issued to Mashreq Bank. New York State Department of Financial Services (DFS) stated UAE-based Masheq processed more than $4Billion in payments linked to Sudan between 2005 and 2009. Sudan was under US sanctions and international sanctions for violations of human rights and terrorism since 1997. The investigation found Mashreq instructed staff to omit fields in payment messages sent between banks and correspondents to circumvent sanction screening filters.
Key takeaway: Deceptive practices such as omitting fields in payment messages is purposefully circumventing sanctions and may result in criminal prosecution.
Summary: The FCA rounded off 2021 handing out another fine this time to HSBC. The FCA found HSBC’s AML transaction monitoring software showed `serious weaknesses` from 2010 to 2018. The failures include a lack of scenarios to cover money laundering risks and emerging topologies. Moreover, there was a lack of appropriate testing and updating parameters used to flag suspicious activity. The third weakness was in relation to the accuracy and completeness of data used in transaction monitoring software. HSBC did not dispute the findings and agreed to settle with a 30% special discount from the FCA.
Key takeaway: Often poor-quality data hinders effective transaction monitoring. Use data enrichers and reference data to improve the quality and accuracy of your data. Ensure you can build new models and scenarios in your current AML system in a short-time frame with minimum third-party invention.
UBS, ICBC, Others
Summary: The Hong Kong monetary authority fined four banks - UBS, ICBS, China Construction Bank (Asia), and CTBC Bank Hong Long – for failures in conducting customer due diligence. It was not the only time in 2021 the Swiss bank had troubles with the financial watchdog of Hong Kong being on the receiving end of another fine. The regulator did not provide further information on the shortcomings.
Key takeaway: Customer Due Diligence is an integral part of your compliance framework. Foreign overseas banks must always carry out CDD and ensure the level of due diligence is proportionate to the level of risk.
Summary: Germany’s financial services regulator BaFin slapped N26 with a $5 million dollar fine due to lax AML controls. N26 was fined due to delayed fillings of suspicious activity reports between 2019 and 2020. BaFin ordered the challenger bank to address the shortcomings in AML and adopt risk mitigation measures that place limits on customer growth and exposure to certain types of risks. Unfortunately, for the thriving challenger bank, new customer acquisitions are now limited to 50,000 per month down from an average of 170,000. The regulator appointed a special commissioner to keep track and inform BaFin of progress of the implemented changes at N26.
Key takeaway: A strong message to challenger banks and fintech’s! Fail to meet your AML reporting obligations, and not only will this hurt the bottom line but impact your top-line too.
Six exchange houses
Summary: Six exchange houses in the United Arab Emirates were hit with financial sanctions by the Central Bank for breaching AML and counter-terrorism financing laws. The firms failed to achieve appropriate levels of compliance regarding their AML & Sanctions framework by the end of 2019 – a deadline imposed by the Central Bank to remedy shortcomings. The regulator did not name the six companies involved in violating AML norms.
Key takeaway: The UAE central bank has recently stepped-up action against regulated firms as the country is of strategic importance to bad actors who engage in illicit activities.
Summary: Washington Federal Bank (WaFd Bank) agreed to pay a $2.5 million settlement with the Office of the Comptroller of the Currency (OCC) for deficiencies in the Banks Secrecy Act (BSA) and AML compliance program. The consent order signed in 2018 stipulates the board of directors at WaFd Bank must: (1) ensure the bank has a permanent, qualified, and experienced BSA officer; (2) implements an ongoing BSA/AML risk assessment program; and (3) monitors suspicious activity.
Key takeaway: Compliance breaches often point to systemic interrelated deficiencies. Banks should assess gaps in their compliance program and ensure their departments, staff and systems are set up to detect and prevent financial crime.
National Bank of Pakistan, Silk Bank, United Bank, and Industrial and Commercial bank of China-Pakistan
Summary: Pakistani regulator State Bank of Pakistan (SBP) imposed penalties for AML non-compliance on four banks: National Bank of Pakistan, Silk Bank Limited, UBL and ICBC, respectively. The breaches spanned know your customer (KYC), customer due diligence (CDD), foreign exchange and general banking operations. The regulator instructed the named offenders to conduct an internal enquiry and take disciplinary action against officials involved in regulatory breaches.
Key takeaway: Pakistan remains on the Financial Action Task Force (FATF’s) grey list for strategic deficiencies in its AML and counter-terrorism financing framework. AML professionals must apply enhanced due diligence on transactions and customers from high-risk countries.
Bank of Cyprus
Summary: The Central Bank of Cyprus (CBC) fined the country’s largest bank, Bank of Cyprus, for failing to comply with local AML laws and directives. The fine dates to findings uncovered during audits performed in 2018 and 2019 where regulators uncovered non-compliance with provisions of law. The bank was offered a special 15% discount if they coughed up the monies within a specified time limit imposed by CBC.
Key takeaway: Banks should assess the relevant legal and regulatory framework, ensure rulebooks are updated, and internal policies and procedures meet local and international compliance standards.
Summary: The Financial and Capital market Commission (FKTK) in Latvia slapped PrivatBank with an AML fine following inspections carried out in 2020. The bank was told it needs to improve internal controls, governance, and implement a risk management culture. Officials were assessed for liability for infringements with a warning issued to the former acting chairperson. PrivatBank is a repeat offender and has a history of corrupt practices and laundering dirty money. It was hit with a multi-million euro fine in 2019 after the bank was revealed to have channelled funds to North Korea through offshore companies. The bank’s Italian branch was shut down over engaging in large-scale money laundering.
Key takeaway: Banks with links to organised crime and sanctioned entities are an ever-present risk & danger to the financial system. Carry out enhanced due diligence on high-risk correspondents and ensure you have robust controls to detect upstream money laundering risks.
People’s Merchant Finance, Ideal Finance, and Seylan Bank
Summary: Sri-Lanka’s Financial Intelligence Unit (FIU) fined a bank and two finance companies for lacking compliance. People`s Merchant Finance Plc and Ideal Finance Limited failed to have systems and procedures in place to perform screening of customers at the time of onboarding. The bank failed in its compliance obligations to screen customers against designated persons and entities in the United Nation Security Council resolutions (UNSCRs) sanctions lists. Ideal Finance Limited. Seylan Bank failed to maintain records and implement risk controls and mitigation.
Key takeaway: There is no excuse not to screen customers against publicly available sanction lists. UNSCR sanctions compliance is the absolute minimum requirement in sanctions screening for regulated firms.