Swedebank levied fine of $386 million for AML deficiencies
AML AND COMPLIANCE NEWS |
As the scale of the Danske Bank money laundering scandal rocked the financial world over the course of 2017 and 2018, it became readily apparent that Danske Bank was just the tip of the iceberg. The scope of the money laundering activity conducted through the Baltic states has become fractionally clearer as Swedish financial institution Swedbank AB (Swedbank) was levied a fine of 4 billion Swedish kronor ($386 million) by the Swedish Financial Supervisory Authority and a precept was issued by the Estonian Financial for deficiencies in their anti-money laundering operations. The rulings were the result of parallel investigations conducted into Swedbank and its Baltic operations that were initiated based on information that arose out of the Danske Bank scandal.
The investigations conducted by the regulatory authorities in Sweden and Estonia along with Swedbank’s counsel—Clifford Chance LLP—revealed the following about the deficiencies within Swedbank’s anti-money laundering operations and the results of these deficiencies:
- Significant deficiencies were found in anti-money laundering controls within the bank within the Baltic operations and deficiencies in its Swedish operations with respect to customer risk classification and transaction monitoring.
- Insufficient resources were invested in the bank’s anti-money laundering operations within the Baltic region.
- Sufficient consideration was not given to the risk presented by the bank’s operations in the region with regard to the high number of foreign clients maintained by these operations, the region’s adjacency to the Russian Federation, and the access that the Baltics provide to the markets of the European Union due to their membership status.
- The bank withheld information and documentation from Swedish and Estonian regulators that indicated the severity of the deficiencies at the bank.
- Customers were onboarded with insufficient documentation of due diligence on beneficial ownership, source of funds for the accounts and the purpose of the business entities. Additionally, customers were onboarded with the knowledge that beneficial ownership information was false and that customer business entities were structured in a manner to conceal the identity of the true beneficial ownership.
- Red flags for potentially suspicious activity were either not identified or ignored.
- Systematic automated sanctions screening on customers and transactions was not implemented within the Baltic operations until 2017.
- Leadership deficiencies existed that at various points included a failure to focus on anti-money laundering deficiencies, a lack of internal communication between bank functions on the deficiencies, and failures in reporting to the board of directors regarding the deficiencies.
- Bank personnel were not properly trained on AML policies and procedures.
- High-risk customers were actively pursued.
- Transactions totaling $4.8 million occurred through the bank that potentially violated U.S. sanctions.
- Over the period of 2010–2016, there were transactions totaling up to 20 billion euros from predominantly Russian nonresidents; approximately 37 billion euros worth of potentially suspicious activity was identified over the period of 2014–2019.
Further scrutiny is being brought to bear upon Swedbank as a result of the aforementioned deficiencies and activity as ongoing regulatory and criminal investigations are being conducted from authorities in the United States, Estonia and Latvia.
The case of Swedbank provides important lessons for financial institutions regardless of size, as no institution is immune to the compounding failures exhibited by Swedbank. Among the vital lessons that can be taken away from the Swedbank scandal are:
- Communication and transparency are of vital importance within the bank and to regulators.
- Operational deficiencies cannot be poorly addressed or left unaddressed in their entirety. The upfront cost and effort in shoring up identified deficiencies is worth the cost in the long run.
- A more complete understanding of geographical risk outside the bounds of standard anti-money laundering risk modeling must be considered. For example, the Baltic states, in particular Estonia and Lithuania, achieve exceptional risk ratings due to the limitations of risk modeling.
- The proverbial blocking and tackling of AML—customer due diligence and enhanced due diligence—must remain a focal point for financial institutions in order to operate a sufficient program.