Five AML Fines and Lessons

What Companies Can Learn From 5 Recent Fines by Global Regulators for Alleged Money Laundering

Alleged breaches of Anti-Money Laundering regulations are leading to increasingly large fines against companies, as we have shown over the course of this AML Risk series. In this blog, we dive deeper into five recent enforcement actions by regulators around the world to find lessons all companies can learn to improve their compliance and better manage money laundering risk.

1. Take a risk-based approach to due diligence powered by global data

Last year, the UK’s Financial Conduct Authority fined a bank more than £1.5 million for allegedly failing to conduct sufficient checks on customers in countries with a higher risk of money laundering and terrorist financing, or to undertake the correct checks on customers classed as Politically-Exposed Persons (PEPs). One example given was an apparent failure to collect the correct information for a company based in the Middle East.

This should remind all companies to power their due diligence with authoritative data on all third parties and customers which covers their activities around the world. In particular, it should carry out enhanced due diligence checks on companies operating in jurisdictions where there is a higher risk of money laundering, or for customers (like PEPs) who are more likely to be exposed.

2. Regularly review your AML programme to comply with developing legislation

A bank in Pakistan was fined $55 million by a US regulator last year for alleged AML compliance failures, including failure to maintain an “effective risk management programme or controls”. This related to the bank’s activities in a branch in the US.

This fine reflects the increasingly stringent regulatory requirements on companies operating internationally. All companies must ensure they understand and follow AML laws and regulations in any jurisdiction in which they operate. Companies should not simply take a ‘box-ticking’ approach to compliance by meeting the regulatory requirements to the letter, because regulatory changes may soon render their processes obsolete. Instead, they should future-proof their compliance by following best practices around the use of data and technology.

3. Seek as much information as possible on customers and third parties

Earlier this year, UK regulators announced that they had seized over USD$7 million from a bank account which was apparently implicated in laundering money under different company names as part of the Operation Car Wash corruption scheme in Brazil.

This action is a warning for companies about the difficulty of uncovering the beneficial owners behind opaque corporate structures such as shell companies. In this case, a number of different companies were allegedly set to hide the origin of the funds. The lesson for compliance officers is to seek as much information as they can about higher risk third parties and customers. Company data from a platform like Nexis Diligence+ can help to piece together the full picture of a company and its network.

4. Properly resource and train your compliance team

Germany’s financial regulator fined a digital bank €4.25 million fine in late 2021. Among the issues it identified were alleged deficiencies in the bank’s IT monitoring and customer due diligence. The regulatory said the bank must ensure it has adequate personnel and technical expertise to comply with its AML obligations.

The banking sector, like the economy as a whole, has endured a turbulent few years and many firms have sought to cut costs and reduce their staff count. But a large fine like this, and the reputational damage it caused for the bank among prospective customers, far outweighs the cost of a well-resourced compliance team. The lesson is clear: resource your compliance team, and train all your staff for the signs of money laundering to look out for.

5. Act quickly to correct compliance deficiencies

US regulators fined a German bank $186 million in July 2023 for allegedly failing to sufficiently address problems in their AML controls. The issues had previously been flagged by the authorities in actions in 2015 and 2017, and the regulator deemed that they had still not been properly addressed.

The lesson is clear: when a company identifies a potential money laundering issue, it must make it a priority to act on the problem and remediate it by improving its compliance process for the future. Regulators will punish a slow response to alleged money laundering failures.

Counting the costs of AML fines

The fines covered above are just the tip of the iceberg, as global companies paid billions of dollars to settle regulatory investigations into money laundering in 2023. There is, then, a clear financial and legal risk to companies if they fail to put in place adequate AML procedures, including an effective risk-based due diligence programme.

What’s more, these fines forced companies to divert senior management’s time and effort into responding to the allegations and remediating any breaches, rather than focusing on growing the business. They also caused reputational damage due to damaging headlines in media outlets, which in turn can damage the trust of prospective customers and third parties.

What should firms do to limit their regulatory risk?

Investing in AML and due diligence can help companies to avoid costly fines. It can also offer a return on investment because surveys suggest that more and more consumers, investors and employees want to buy from, invest in and work for companies that are committed to ethical business practices.

Technology platforms like Nexis Diligence+ can help firms by screening third parties and customers against comprehensive news, legal, company, ESG and other data sources. It can provide a risk score for each entity, and update this with any new information that arises over time. This reduces the need for time-consuming manual due diligence searches and frees up compliance officers to perform higher value work.