European AML Enforcement Plateaued Last Year

By Koos Couvée and Gabriel Vedrenne

Enforcement of anti-money laundering rules trended slightly downward in Europe in 2022, but blockbuster, financial crime-related criminal penalties and settlements in France and the United Kingdom buoyed the overall drop in AML regulatory actions.

The year-on-year decrease in the total value of regulatory fines for compliance-related violations in Europe largely stems from Britain’s Financial Conduct Authority logging a relatively quiet 12 months last year after having assessed a record £480 million of penalties in 2021, data compiled and reviewed by ACAMS shows.

But the FCA still led the pack in terms of enforcement for the third time in four years in racking up four fines against banks and three against brokerages, which paid a combined £144 million for AML violations, business integrity breaches and other infractions.

The FCA’s most notable action came in December, when the U.K. branch of Banco Santander drew a £108 million penalty for systemic AML failures that allowed several money services businesses and other high-risk companies to move hundreds of millions of pounds through corporate accounts in a manner that should have immediately raised suspicion.

“The FCA has been—and remains—under huge pressure to take action, against banks in particular,” said Gregory Brandman, a former enforcement attorney with the Financial Services Authority, the agency that preceded the FCA. “Failures at ongoing monitoring—ensuring that the activity on certain accounts is consistent with the bank’s understanding of the customer profile—has been a big part of outcomes against quite a few big banks.”

In March 2022, Gidiplus Limited became the first U.K. cryptocurrency platform to lose a legal challenge against a decision by the FCA not to provide a company an operating license. The regulator had concluded four months earlier that the firm’s AML systems and controls fell short of standards.

The FCA’s first successful use of an account forfeiture order came the following month, when a court in London approved the seizure of £2 million from seven bank accounts controlled by QPay Europe Limited, a London-based financial technology-centric platform, or fintech, that handled funds tied to a U.S. wire-fraud scheme.

The regulator then warned online lenders and other “challenger banks” to address gaps in their assessments of financial crime-related risks, suspicious-transaction-reporting procedures and other aspects of their AML programs amid concerns that fast-onboarding processes had exposed them and other fintechs to illicit funds.

In June, the FCA fined the local branch of Ghana International Bank £5.8 million for failing to properly vet dozens of other African lenders before onboarding them as correspondent clients, and subsequently failing to screen billions of pounds of cross-border payments.

London-based Islamic lender Gatehouse Bank drew a £1.5 million fine from the regulator in October for failing to conduct adequate due diligence on overseas customers, including several politically connected individuals, from 2014 to 2017.

“The FCA identified the overseas banking sector as a real potential area of money laundering risk around 10 years ago,” Brandman, now a partner at Eversheds Sutherland in London, said.

The following month, the FCA fined Julius Baer International £18 million and imposed a ban on three former senior executives over the wealth management’s firm’s allegedly corrupt relationship with an employee of Russia’s now-defunct Yukos Group.

The Gambling Commission meanwhile cemented its reputation as Britain’s most active enforcer of AML rules after issuing 13 penalties for a combined £41 million last year, led by a then-record £17 million assessment against Entain Group in August.

Online casino operator Genesis Global drew a £3.8 million fine at the beginning of last year for violating AML and social-responsibility standards, including by allowing a single customer to lose £600,000 before properly determining the source of his income. The company filed for insolvency in December.

The regulator then fined online gaming platform 888 more than £9 million for AML- and social responsibility-related shortcomings, six years after the company triggered a nearly £8 million penalty for a similar set of violations.

Andrew Cotton, director of betting and gaming matters at the Ince & Co. law firm in London, told that the same theme emerged in several of last year’s gaming-related regulatory actions.

“The cases highlight common, repeated failings over the past five years to set [monetary] thresholds to ensure intervention occurs at a much earlier stage,” Cotton said. “It’s about identifying whether a customer’s spending money in a way that matches an operator’s expectations.”

The regulator also penalized several gaming platforms last year for failing to vet third-party vendors.

“It appears clear that the Commission is undertaking compliance assessments on some of the smaller operators based in Malta and Cyprus, some of which are just not doing proper due diligence when entering into business with other people,” Cotton said.

In June, the Office of Financial Sanctions Implementation, or OFSI, gained new powers to assess civil monetary penalties on a basis of strict liability.

The new standard freed the agency from having to prove that an individual or business under investigation knew, or had reasonable cause to suspect, that a particular transaction or activity violated sanctions before penalizing them.

OFSI also disclosed plans that month to increase its headcount from 70 to 100 employees to meet growing demand for guidance and licenses, and also to answer the call for more enforcement after reports on suspected sanctions violations spiked during the first months of Russia’s full-scale invasion of Ukraine.

But those developments did not translate into any notable enforcement actions in 2022.

After having issued only one penalty the previous year, OFSI levied three small fines worth a combined £81,000 in 2022 against an organizer of wine contests, an industrial technology supplier and an electronic money institution.

The National Crime Agency’s new Combating Kleptocracy Cell meanwhile launched several money-laundering and sanctions-evasion investigations into blacklisted Russian oligarchs and the third-party professionals suspected of helping them move and conceal their fortunes.

HM Revenue & Customs fined 68 real estate agents a combined £520,000 for AML failures last year and investigated hundreds of U.K. clients of the disgraced Puerto Rican lender Euro Pacific Bank, but drew criticism for allegedly failing to supervise the U.K. corporate-services sector sufficiently.

The Serious Fraud Office secured Europe’s largest financial crime-related penalty of the year in November, winning a £281 million judgment against Glencore after the Swiss mining conglomerate pleaded guilty to paying £23 million in bribes to officials across West Africa.

Britain’s only other notable asset seizure wrapped up at the beginning of the year, when the National Crime Agency secured £5.6 million worth of forfeitures from accounts controlled by relatives of a prominent Azeri lawmaker who allegedly moved the funds into Britain via the “Azerbaijani Laundromat.”

Across the Channel

France’s financial supervisors Autorite de controle prudentiel et de resolution, or ACPR, and Autorite des Marches Financiers, or AMF, had a relatively unremarkable year, ending with six AML-related enforcement actions for a combined €3 million in fines after having assessed 11 fines for €14 million in 2021.

“French authorities have come to the end of a supervisory cycle that began around 2018,” Florence Mercier-Baudrier, a Paris-Based AML consultant and former ACPR inspector, told “They’ve since turned to smaller financial entities and virtual asset service providers, which has likely resulted in a lower volume of fines.”

France did extract Europe’s second largest penalty of the year in October, when Credit Suisse agreed to pay a record €238 million to settle allegations that the lender encouraged thousands of clients to move their undeclared income to Switzerland, beyond the reach of French tax authorities.

“If these settlements allow judicial authorities to avoid long and costly investigations, they also represent the risk of parallel justice for the largest companies,” Mercier-Baudrier said. “Fortunately, the public prosecutor’s office has rejected several of them.”

A month earlier, in the first enforcement action of its kind, the ACPR and AMF jointly withdrew the Paris-based BYKEP cryptocurrency trading platform’s license to operate after just 19 months for violating AML rules and other requirements.

ACPR fined Credit Agricole €1.5 million in December for failing to vet customers, monitor transactions and fully investigate suspicious activity. The case marked the regulator’s first use of artificial intelligence to analyze hundreds of millions of transactions.

AML enforcement in the French real-estate sector held steady last year, with roughly 20 companies and professionals triggering some form of regulatory action. But supervisors raised the pressure on the corporate services sector, finalizing penalties against 20 providers after having penalized an annual average of seven over the previous five years.

Germany and Switzerland

Germany’s financial supervisor, BaFin, which has long faced accusations of lax AML enforcement, imposed remediation orders on Deutsche Bank and DZ Bank in 2022, and also took action against several payment services providers and electronic money institutions, including Concardis and Unzer, in response to “serious” AML failings.

“We do not rely on [penalties] alone to enhance AML—we focus on remediation first,” Birgit Rodolphe, BaFin’s AML director, told “We have appointed special monitors in cases where deficiencies are severe and progress is not sufficient, and we have also [imposed business restrictions] where we have identified a lack of compliance.”

Deutsche Bank made the news for all the wrong reasons again last year in Germany, agreeing to pay €7 million to settle allegations that the Frankfurt-headquartered lender repeatedly violated AML rules while handling correspondent transactions for Denmark’s Jyske bank.

In December, AML failures prompted BaFin to ban Solaris, Germany’s largest fintech, from entering into new partnerships with cryptocurrency platforms, payment institutions and other corporate clients without first obtaining regulatory approval.

“We do not rely on [penalties] alone to enhance AML—we focus on remediation first,” Birgit Rodolphe, BaFin’s AML director, told “We have appointed special monitors in cases where deficiencies are severe and progress is not sufficient, and we have also [imposed business restrictions] where we have identified a lack of compliance.”

AML enforcement bounced back to pre-pandemic levels in Switzerland last year, at least in terms of volume. The country’s primary AML regulator, the Swiss Financial Markets Authority, took action against 10 financial institutions, but lacks power to impose monetary penalties and tends to disclose few details about specific cases.

Scandal-hit Credit Suisse faced high-profile ignominy at home as well as abroad. In June, Switzerland’s top court ordered the bank to pay a record $22 million for handling millions of dollars of profits for Bulgarian drug traffickers, marking only the second time Swiss authorities have successfully prosecuted a lender for illicit finance-related violations.

In a deal brokered by the Swiss government, UBS agreed on March 19 of this year to acquire Credit Suisse for $3.2 billion after the latter institution suffered a run on deposits.

Elsewhere in Europe           

Sweden’s Finansinspektionen, or FSA, issued three relatively large AML fines in 2022, led by an €11.5 million assessment in August against Trustly Group, a payment services provider that served a large number of high-risk gambling firms.

The FSA fined ClearOn, a Stockholm-based PSP, €1.2 million for similar violations, and penalized Lansforsakringar Bank, a small cooperative lender, €8 million.

Martin Walker, head of financial services in Sweden for PA Consulting, said the enforcement actions track with the FSA’s publicly stated focus on smaller banks and fintechs, and also serve as a “wake up call” for PSPs that offer online merchants alternative payment channels.

“It shows that even when you’re just providing the payment rails, you’re not exempt from AML and know-your-customer rules [on the underlying customers],” Walker said. “That’s a common theme in the local market, so it wouldn’t be a huge surprise if we saw similar fines in the future.”

Denmark’s FSA does not have the power to assess fines autonomously, but took the rare step last year of recommending a criminal investigation into Jyske Bank, the country’s third-largest lender, after discovering serious and widespread AML weaknesses.

After issuing no AML-related penalties in 2020 and 2021, the Central Bank of Ireland fined the local affiliate of Denmark’s Danske Bank €1.8 million for processing more than 350,000 transactions without screening them for signs of illicit finance from 2015 to 2019.

Polish regulators issued 32 AML-related enforcement actions and assessed almost €6 million in penalties, including a record €4.7 million against ING. The Dutch lender also drew a €650,000 fine from the Polish Financial Supervision Authority.

Malta’s Financial Intelligence Analysis Unit, or FIAU, assessed 32 fines against corporate services providers, accountants, banks and other financial institutions for a combined €3 million in total outlays, after assessing 30 fines for a record total of €12 million in 2021.

The FIAU’s penalty haul is set to fall again this year after Malta’s highest court ruled in March 2022 that the agency’s decision to fine a local payment processor absent a “fair” hearing violated constitutional principles. The ruling marked the latest in a series of legal outcomes that threaten to upend AML enforcement on the island.

AML penalties in Spain dropped by more than a third after regulators assessed 17 fines and completed 13 remediation orders last year.

Colby Adams, Kieran Beer, Junko Nozawa, Larissa Bernardes, Leily Faridzadeh and Silas Bartels contributed to this article.

Topics : Anti-money laundering , Counterterrorist Financing , Sanctions , Cryptocurrencies
Source: United Kingdom , United Kingdom: Financial Conduct Authority , United Kingdom: National Crime Agency , United Kingdom: HM Revenue & Customs , France , Germany , Switzerland , Sweden , Denmark , Malta
Document Date: May 5, 2023