Danske Bank recently took a major hit from a money laundering scandal, calling fresh attention to compliance, and risk governance.
An investigation into allegations that the bank’s Estonian branch washed some $7 billion in dirty money from questionable Eastern European customers, some alleged to be involved in drugs, cybertheft, etc., has turned out to be a huge debacle for Danske Bank.
The failure of the bank to prevent money laundering in its Estonian branch has cost some executives who have bailed out, investors who were spooked — and especially, its formerly sterling reputation, with the company now earning the opprobrium of Danes who once saw the bank as one of their nation’s greatest institutions.
One lesson from the Danske Bank story is that even institutions with top anti-money-laundering programs can be exposed to money laundering. Businesses without the substantial resources of a Danske Bank are sitting ducks for even more esoteric scams, like transaction laundering, which occurs when an undisclosed business uses an approved merchant’s payment credentials to process payments for unknown products and services, typically illicit or illegal.
Danske Bank had oversight systems in place that could indicate money laundering, as required by AML statutes. In this case, the failure of bank employees to follow up on the initial alarms may end up costing the company as much as $670 million. The bank concluded in its own investigation that “it was major deficiencies in controls and governance that made it possible to use Danske Bank’s branch in Estonia for criminal activities such as money laundering.”
Over time, the EU has seen the need create and adhere to clear regulations that apply across borders. Denmark was reprimanded last year in a report by the Financial Action Task Force, an international organization that monitors compliance with global regulations, for its inadequate money laundering efforts. The report specifically cited that Danske had “extensive shortcomings, including no coordinated plans and insufficient resources.”
For most organizations, protection against advanced forms of money laundering such as Transaction Laundering, are likely nonexistent, which means they don’t even know what to look for.
The only way to begin attacking a problem like that is with the incorporation of advanced, automated systems that can detect compliance issues and illegal activity. Then it’s up to businesses to stay updated and follow up on any problems.
And when it comes to harder-to-detect schemes, like transaction laundering, these organizations need the proper tools and technology to detect them before the alarms sound. Digital problems require digital solutions. Maintaining a comprehensive risk management process is the best way to avoid the ire of authorities, customers and investors — and a tremendous loss of reputation.