In a report released March this year, Swedbank was found to have carried out €37 billion of high-risk payments over a five-year period.
While the investigation undertaken by law firm Clifford Chance did not find that money-laundering had transpired, systemic governance failings and inadequate controls exposed the bank and its Baltic subsidiaries to significant AML and sanctions risk.
The Swedish financial watchdog has slapped the bank with a record 4 billion crown ($386 million) fine and the bank awaits the verdict of ongoing US and Estonian investigations.
Investigations for the report released by Clifford Chance commenced in February 2019 following allegations into money-laundering from high-risk individuals across the Baltic region from January 2007 through March 2019.
The findings underscore the necessity for every operational level within financial institutions to maintain and develop AML procedures that meet compliance thresholds and pre-empt regulatory changes. With the 6th Anti Money Laundering Directive (6AMLD) looming, the stakes for financial decision-makers have never been so high.
Be preemptive, not reactive, to meet AML requirements
David DiBari, practice area leader for US litigation & dispute resolution, co-head of Clifford Chance's global risk team and lead partner for the Swedbank investigation, tells Finextra Research that the wider banking industry should learn from the report findings.
“It is important for senior management to engage in adequate challenges and to seek appropriate assurances that risks have been adequately identified, analysed, and mitigated to an agreed risk tolerance.”
In its investigation of Swedbank’s public disclosures, the report found “certain statements made during October 2018 and February 2019 by Swedbank and its executives concerning Swedbank’s historical AML compliance, then current AML compliance, and exposure to certain types of AML risk, were inaccurate or presented without sufficient context.”
The bank was found to be actively targeting high-risk individuals across the Baltics, and 586 transactions totalling $4.8 million during the period investigated may have broken US sanctions.
CEOs and Board members would do well to heed DiBari’s advice, given the intensification of criminal liability under the sixth Anti Money Laundering Directive in the EU.
Michael Lyons, partner, Clifford Chance, comments that “in general terms, the 6th EU money-laundering directive broadens and harmonises the scope of the underlying criminal offence of money laundering across EU member states.”
Article 5 of the Directive extends penalties for money laundering to natural persons, with Article 7 setting out the liability of individuals who failed to adequately supervise or control those (for example employees) who carried out the offence.
While the issues Clifford Chance investigated at Swedbank related principally to the extent in which Swedbank had effective controls to detect and prevent money laundering among/by its customers, Lyons adds that “there is no doubt that that [6AMLD] may have a deterrent effect.”
“All international operating financial institutions would be well advised to closely scrutinise their AML risk assessment processes and to consider the lessons from enforcement actions involving other financial institutions.”
In the report the former chief executives Michael Wolf and Birgitte Bonnesen, in charge from 2009-2016 and 2016-2019 respectively, were found to “lack adequate appreciation for the severe risk” presented by non-resident business originating in Estonia, Latvia and Lithuania. The severance pay of Ms Bonnesen was “unilaterally cancelled” by Swedbank.
DiBari emphasises that a key lesson to be taken from the investigation is that change and responsibility at the top levels of the banking industry must be rigorous and continual: “In the global financial services industry, I think the greater awareness of the need for senior management and at Board level to devote adequate resources to identify, assess and mitigate risk has gone a long way toward identifying significant systemic compliance failures.”
“However, with every technological advance in compliance, there seems to be at least an equal advancement by those parties seeking to frustrate the efforts of compliance. It is a classic struggle for financial institutions against the backdrop of rising regulatory expectations and rapidly developing technological advances.”
Listing challenges resulting from Covid-19 including changed work environments, changed customer transaction activity that no longer matches historic expected patterns, new typologies of attempted fraud by those seeking to illicitly take advantage of the current situation, DiBari emphasises that this internal AML scrutiny must be maintained if not heightened across the industry: “This is particularly important in the current unprecedented environment.”