In the wake of this week’s revelations of years-long and significant alleged money laundering failures involving ING Bank and Danske Bank, European regulators have circulated a confidential “reflection paper” warning national governments and the European Parliament about shortcomings in the European Union’s (“EU”) anti-money laundering (“AML”) efforts and providing recommendations to strengthen these efforts. The reflection paper recommends centralizing the enforcement of AML rules through a powerful new EU authority to ensure that banks implement background checks and other AML measures, and setting a deadline for the European Central Bank to reach agreement with national authorities to allow for the sharing of sensitive data.
ING Bank’s Record Settlement
On Tuesday, ING Bank N.V. agreed to pay a record fine totaling $899.8 million (€775 million) to settle an investigation by the Netherlands Public Prosecution Service into the bank’s money laundering failures. Dutch prosecutors alleged that from 2010 to 2016, ING’s Netherlands branch (“ING NL”) failed to adequately implement the Dutch Anti-Money Laundering and Counter-Terrorism Financing Act because the bank failed to address known weaknesses in customer due diligence policies and to report suspicious transactions.
Dutch authorities began investigating the bank in 2016 after realizing that companies and individuals being criminally investigated held accounts with the bank. These authorities cited four such cases in which ING NL accounts were misused. In one example, a women’s underwear trader laundered approximately €150 million through his ING NL bank accounts. Dutch authorities argued that the bank should have realized that the trader’s transactions had “little to do with the lingerie trade and were therefore unusual.” They also emphasized the fact that the bank’s red alert system should have revealed that the individuals that held the accounts for this trader had been accused of money laundering in the past.
In another example, ING accounts were used to facilitate tens of millions of euros in bribes made by the telecommunications company VimpelCom Ltd. to the daughter of Uzbekistan’s former president. Dutch prosecutors argued that the bank failed to report the suspicious transactions to regulators for several years, and despite the fact that the Dutch Central Bank warned the bank on “multiple occasions” to address weaknesses in its AML policy. They noted that “[e]nhancement programs were put in place [by ING NL] but were not carried out with enough vigor.”
The bank also conducted an internal investigation that revealed several AML failures, including missing or incomplete files on customer due diligence. Bank officials announced on Wednesday that the SEC, which previously asked for information about the Dutch investigations, recently closed its investigation into the bank after the bank reached its settlement with Dutch authorities.
Report on Danske Bank’s Estonian Branch
Also on Tuesday, reports emerged that an independent investigation of Danske Bank revealed that up to 80,000 transactions totaling $30 billion in purportedly illegal Russian and former-Soviet money funneled through the bank’s Estonian branch in 2013 [editor’s update: on September 18, 2018, Danske Bank released a report regarding an internal investigation finding that the amount of suspicious transactions actually approximated the astounding sum of $234 billion dollars]. Prosecutors began investigating Danske Bank after a whistleblower flagged issues at its Estonian branch in 2013. And in a May 2018 report, the Danish Financial Supervisory Authority stated that Russian and other non-Baltic customers accounted for a suspiciously high percentage of Danske’s Estonian business.
On Tuesday, Danish authorities alleged that Danske did not begin reviewing the Estonian branch’s AML policies until July 2013, when Danske lost access to correspondent banking services for dollar payments because of that correspondent bank’s “concerns about the branch’s non-resident customers.” However, the authorities asserted, this review failed to result in significant changes and Danske started using another correspondent bank.
The Danish Public Prosecutor for Serious Economic and International Crime currently is conducting a criminal investigation into the bank. The bank also expects to complete an internal investigation of its Estonian branch and publish two sets of findings later this month: one detailing the suspicious transactions and the other focused on the bank’s AML governance.
Confidential “Reflection Paper” Provided to National Governments
These scandals underscore a key AML vulnerability facing Europe: the use of Nordic and Eastern European banks to funnel money – often Russian – through allegedly suspicious transactions. This week, regulators from the European Central Bank (“ECB”), the European Banking Authority (“EBA”), and the European Commission circulated a confidential “reflection paper” to national governments and the European Parliament that warns about “gaps” and “shortcomings” in the EU’s AML policies and recommends measures to address these issues. This report has not yet been publicly released but has been viewed by the Financial Times.
The report’s authors, who began examining AML issues in 2018, emphasized as weaknesses the lack of (1) clear guidance on how different financial regulators should collaborate in their AML efforts; (2) a comprehensive system for information-sharing among EU countries; and (3) EU resources to ensure adequate implementation and enforcement of AML policies. The report also revealed that only 2.2 full-time staff currently are specifically dedicated to monitoring AML issues across the EU’s three agencies that supervise AML oversight (the EBA and its sister authorities). The report’s recommendations include:
- Imposing a four-month deadline for the ECB to reach agreement with national authorities to allow for the sharing of sensitive data; and
- Centralizing enforcement of AML rules through a powerful new EU authority to ensure that banks implement background checks and other AML measures.