Swedish regulator fines Swedbank record $390M for AML deficiencies

That conclusion was drawn from parallel investigations conducted by Swedish Finansinspektionen (FI) and Estonian Finantsinspektsioon into parent company Swedbank AB and its subsidiary bank Swedbank AS in Estonia with regard to both banks’ anti-money laundering (AML) practices.

The investigation into Swedbank AB’s governance of AML measures in its Baltic operations was opened in April 2019 and covered the period of 2015 through the first quarter of 2019. According to the FI, the extensive investigation encompassed several “internal reports from the bank’s control functions; meeting minutes from board and management meetings; a number of special investigations conducted by both the bank and external consultants; interviews with staff; and data collection.”

The Swedish investigation regarding the bank’s compliance with Swedish legislation within AML and terrorism financing was initiated in November 2018 and covered the period April to November 2018. That investigation “focused on the business risk assessment; risk classification of customers; policies and instructions; know-your-customer files; transaction monitoring; and reporting of suspicious activities to FIUs (Financial Intelligence Units). The investigation was limited to traditional high-risk customer categories such as politically exposed persons and private-banking customers,” the FI said.

The Estonian investigation was conducted during April through mid-November 2019 and was just as extensive, encompassing the review of a numerous internal documents and “numerous meetings with Swedbank AS’s management, board members, and employees.” Specifically, the Estonian investigation focused on the bank’s AML structure; the activities of management and staff in combatting money laundering and terrorist financing; the identification, analysis, management, and mitigation of risks; and the due diligence measures taken during the establishment of business relationships and the provision of services.

Further, a criminal investigation in Estonia will determine whether money laundering or other criminal acts have taken place, the FI said.

AML deficiencies

The FI found “large deficiencies” in Swedbank AB’s governance of AML measures in its Baltic subsidiaries. “The bank’s awareness of the risk of money laundering and its processes, routines and control systems were insufficient,” FI said. “The Baltic operations were also lacking adequate resources to combat money laundering.”

“Despite several internal and external reports warning about deficiencies in the Baltic subsidiaries and the risk of money laundering, the bank did not take proper and sufficient action,” the FI said. It also found several examples of the bank withholding documentation and information from the FI that “in retrospect reveal the seriousness of the situation. Finantsinspektsioon made the same discovery in the course of its investigation.”

“Our investigation shows that the Swedish management did not efficiently address the risk of money laundering in the Baltics,” said FI Director General Erik Thedéen. “It is also deeply concerning that the bank on a number of occasions withheld information from FI that would have revealed the seriousness and scope of the problems.”

The FI further identified deficiencies in the bank’s “risk classification of customers and its transaction monitoring” and, thus, concluded that “the bank has not lived up to the AML requirements in its Swedish operations.”

Estonian investigation

The Estonian investigation concluded that the Estonian subsidiary also had “severe deficiencies” in its AML risk control systems and that the bank failed to live up to AML requirements. “Swedbank has not invested enough in preventative measures to combat money laundering risks,” said Finantsinspektsioon Chairman Kilvar Kessler. “The banking group made choices that allowed it to service higher-risk clients without proper anti-money laundering systems and controls and without knowing to the fullest extent the money laundering risks posed from servicing these clients.”

Therefore, the Estonian regulator said, Swedbank AS must take “comprehensive measures to properly understand and mitigate the risks it faced in the past and those it faces now. Swedbank AS must also review and amend its organizational framework to manage risks more effectively.” The regulator said it also found several examples of the Estonian subsidiary withholding information “that in retrospect reveal the severity of the problems in the bank.”

“The issue of whether money laundering or other criminal acts took place in the bank are currently being investigated by the Estonian Prosecutor’s Office,” the regulator said. Because double jeopardy is not permitted in Estonia, Finantsinspektsioon terminated its own misdemeanor investigation into Swedbank AS in November 2019 to allow the Office of the Prosecutor General to continue with its criminal investigation.