2021 saw some spectacularly high fines issued to banks and other financial institutions for Anti-Money Laundering (AML) breaches — over $2.7 billion, according to our AML Fines 2021 report.
From non-compliance to willingly facilitating bribes, from payment stripping to simply not having the tools to detect suspicious behaviour, the biggest fines could have been avoided with an increased commitment to compliance.
Here are ten of the largest fines in 2021 and the situations that led to them, which banks and regulated firms can learn from in order to avoid a similar fate and keep their data safe and reputation intact.
AmBank
Fine amount in USD: $700,000,000
Summary: AmBank held bank accounts for former disgraced Malaysian prime minister, Najib Razak. The bank was fined for its role in the 1MDB scandal that rocked finance.
Key takeaway: AmBank was fined for having a highly risky customer, and didn’t take proper measures to protect themselves. Banks wanting to avoid a similar situation need to monitor and screen the accounts and transactions of Politically Exposed Persons (PEPs), their relatives, and their close associates. Be sure you report any suspicious activity to financial intelligence and law enforcement as well.
Capital One
Fine amount in USD: $390,000,000
Summary: Capital One was willfully negligent in violating the Bank Secrecy Act and didn’t report suspicious activity for six years. Failing to file thousands of suspicious activity reports (SARs) landed Capital One in hot water with the authorities — and with a $390 million fine.
Key takeaway: Report suspicious activity when you detect it, and prioritise filing SARs. Additionally, investigate if your process to file SARs is outdated. Check if your AML transaction monitoring system can automate the filing of SARs to eliminate the chances of upsetting the regulator.
ABN Amro
Fine amount in USD: $574,000,000
Summary: Regulators will dish out hefty fines when they discover your clients are involved in criminal activity. ABN was found to have serious shortcomings in their AML process, as accounts involved in money laundering and suspicious clients went undetected. They also failed to report these issues to authorities.
Key takeaway: Your AML process is what is going to detect suspicious clients and activity, so you need to make sure you have the right approaches in place. Big fines can cause huge financial losses, too, as ABN reported a net loss in Q1 2021.
NatWest
Fine amount in USD: $356,000,000
Summary: NatWest was found guilty of failing to monitor client activity and ignoring red flags when a customer of the bank, a jeweller, was found to have laundering millions in cash. This situation also prompted the Financial Conduct Authority to pursue criminal convictions.
Key takeaway: Configure your AML transaction monitoring system and check you have the models, rules, and logic in place to detect suspicious activity.
Mashreqbank
Fine amount in USD: $100,000,000
Summary: Mashreqbank omitted fields in payment messages, also known as payment stripping, to circumvent sanctions, which is a criminal offense. The bank also violated Sudan sanctions when the country was under US and international sanctions.
Key takeaway: Check that your system can detect missing or incomplete fields, and dummy terms for incoming and outgoing payment messages and transactions. It may be a small thing to notice, but it’s consequences can be huge.
BitMEX
Fine amount in USD: $100,000,000
Summary: Crypto trading platform, BitMEX facilitated $209 million in illegal transactions to darknet markets and unregistered MSBs. It also failed in gathering customer information, and to report suspicious activity to authorities.
Key takeaway: Not only banks but all regulated firms, including crypto exchanges need to ensure that they not only have appropriate AML procedures in place, but that they’re doing their due diligence on KYC collection as well.
HSBC
Fine amount in USD: $85,000,000
Summary: HSBC’s AML transaction monitoring software lacked scenarios to cover money laundering typologies. The Financial Conduct Authority also found weaknesses in relation to the quality, accuracy, and completeness of data used in transaction monitoring.
Key takeaway: How easily can you build, test, and deploy new scenarios and models? Use a system that requires minimum third-party intervention and give your compliance team time deploying new models to detect emerging criminal typologies.
Bank Julius Baer
Fine amount in USD: $79,000,000
Summary: Bank Julius Baer conspired to launder $36 million in bribes in a FIFA soccer scandal. They were lucky to only enter into a deferred prosecution agreement.
Key takeaway: Bribery, corruption, and money laundering are serious offences. Ensure you have procedures and robust controls in place to monitor internal business activities and payments.
DNB ASA
Fine amount in USD: $48,000,000
Summary: Norwegian regulator slapped DNB with the largest fine in Norwegian history for retrospective breaches in AML compliance law.
Key takeaway: Review your AML framework, policy, and procedures regularly to ensure that you are in continuous compliance.
Robinhood
Fine amount in USD: $30,000,000
Summary: Stock-trading app, Robinhood reached a settlement agreement after a probe into its crypto business’ cybersecurity and anti-money laundering practices.
Key takeaway: Regulators are increasing scrutiny of virtual asset service providers. Always mitigate high risk by conducting enhanced due diligence and understanding the exposure of risks to your client’s nature of business.
The Top Fines List in Summary
The top ten fines in 2021 paint a picture of non-compliance, sanction breaches, handling criminal funds, and negligence. Failing legacy systems, incomplete and missing data, and concealing the identity of the beneficiary all led to hefty fines. Unless regulated firms learn from these errors and shore up their AML and KYC processes to expose violations, regulators will only continue in their recent trend of fining non-compliant organisations significant sums of money.
