Deutsche Bank, its New York branch, and Deutsche Bank Trust Company America have agreed to pay $150 million in penalties under a consent order with the New York State Department of Financial Services for “significant compliance failures” regarding three separate matters: its former relationship with accused child sex trafficker Jeffrey Epstein, and its correspondent-banking relationships with Danske Bank Estonia and the Federal Bank of the Middle East.

“Banks are the first line of defense with respect to preventing the facilitation of crime through the financial system, and it is fundamental that banks tailor the monitoring of their customers’ activity based upon the types of risk that are posed by a particular customer,” said NYDFS Superintendent Linda Lacewell in a press release Tuesday. In each of these cases, Deutsche Bank “failed to adequately monitor the activity of customers that the bank itself deemed to be high risk,” she said.

According to the NYDFS, the agreement with Deutsche Bank marks the first enforcement action by a regulator against a financial institution for dealings with the late Epstein, an accused child sex trafficker. With respect to Epstein, the bank failed to properly monitor account activity conducted on behalf of Epstein, despite ample information that was publicly available concerning the circumstances surrounding his earlier criminal misconduct, the NYDFS said.

Consequentially, the bank processed hundreds of transactions totaling millions of dollars, including:

  • Payments to individuals who were publicly alleged to have been Epstein’s co-conspirators in sexually abusing young women;
  • Settlement payments totaling over $7 million, as well as dozens of payments to law firms totaling over $6 million, for what appear to have been the legal expenses of Epstein and his co-conspirators;
  • Payments to Russian models, payments for women’s school tuition, hotel and rent expenses, and (consistent with public allegations of prior wrongdoing) payments directly to numerous women with Eastern European surnames; and
  • Periodic suspicious cash withdrawals—in total, more than $800,000 over four years.

“Whether or to what extent those payments or that cash was used by Mr. Epstein to cover up old crimes, to facilitate new ones, or for some other purpose are questions that must be left to the criminal authorities, but the fact that they were suspicious should have been obvious to bank personnel at various levels,” the consent order stated. “The bank’s failure to recognize this risk constitutes a major compliance failure.”

The NYDFS said this “substantive failure was compounded by a series of procedural failures, mistakes, and sloppiness in how the bank managed and oversaw the Epstein accounts.” For example, certain conditions imposed upon the Epstein accounts by a reputational risk committee “were not transmitted to the majority of the account relationship team” and “were misinterpreted by a compliance officer in a way that resulted in very little actual change in how the monitoring of the accounts occurred.”

“Throughout the relationship, very few problematic transactions were ever questioned, and even when they were, they were usually cleared without satisfactory explanation,” the NYDFS added.

Other ‘compliance failures’

In the cases of Danske Estonia and the Federal Bank of the Middle East (FBME), the NYDFS concluded that “Deutsche Bank failed to properly monitor the activities of their foreign bank clients concerning their correspondent and dollar clearing business. Danske Estonia, which is at the center of one of the world’s largest money laundering scandals, suffered from inherent control failures that resulted in large quantities of money being moved on behalf of Russian oligarchs.”

Over the course of the years-long relationship between Deutsche Bank and Danske Estonia, Deutsche Bank was repeatedly put on notice of these failings and of the fact that few improvements were undertaken by Danske Estonia. Despite Deutsche Bank assigning Danske Estonia its highest possible risk rating, Deutsche Bank “failed to take appropriate action to prevent Danske Estonia from transferring billions of dollars of suspicious transactions through Deutsche Bank accounts in New York,” according to the NYDFS.

Regarding Deutsche Bank’s relationship with the FBME, even though Deutsche Bank considered the FBME to be a high-risk client that required annual enhanced anti-money laundering checks, there was “little evidence that FBME improved the quality of its controls over several years,” the NYDFS said. Eventually, the bank’s failings resulted in the U.S. Treasury Department’s Financial Crimes Enforcement Network mandating all banks operating in the United States stop doing business with the FBME. By that point, Deutsche Bank was the last major Western bank with a correspondent banking relationship with the FBME.

In a letter to employees Tuesday, Deutsche Bank CEO Christian Sewing acknowledged that onboarding Epstein as a client in 2013 was “a critical mistake and should never have happened.” He also pointed to the “far-reaching transformation” that Deutsche Bank began a year ago, “the likes of which we have not seen in two decades,” he said.

“It was and still is our goal to make Deutsche Bank sustainably profitable, competitive, and once again more relevant for our clients and society as a whole,” Sewing added. “To achieve this, we also need to further strengthen our controls and processes and always keep our integrity at the forefront of our minds.”