January 27, 2017: NY DFS, FCA Fine Deutsche Bank for AML Failures

The New York Department of Financial Services (NY DFS) fined Deutsche Bank $425 million and the UK’s Financial Conduct Authority (FCA) fined them an additional 163MM GBP. The DFS News Release:


Press Release

January 30, 2017

Contact: Richard Loconte, 212-709-1691

DFS FINES DEUTSCHE BANK $425 MILLION FOR RUSSIAN MIRROR-TRADING SCHEME

The Bank Allowed Traders to Engage in a Money-Laundering Scheme Using “Mirror Trades” That Improperly Shifted $10 Billion Out of Russia

DFS Directs Bank to Hire an Independent Monitor to Review and Report on Its Existing Compliance Programs, Policies and Procedures

Financial Services Superintendent Maria T. Vullo today announced that Deutsche Bank AG and its New York branch will pay a $425 million fine and hire an independent monitor as part of a consent order entered into with the New York State Department of Financial Services (DFS) for violations of New York anti-money laundering laws involving a “mirror trading” scheme among the bank’s Moscow, London and New York offices that laundered $10 billion out of Russia. DFS’s investigation found that the bank missed numerous opportunities to detect, investigate and stop the scheme due to extensive compliance failures, allowing the scheme to continue for years. DFS worked closely on the investigation with the Financial Conduct Authority. 

“In today’s interconnected financial network, global financial institutions must be ever vigilant in the war against money laundering and other activities that can contribute to cybercrime and international terrorism,” Superintendent Vullo said. “This Russian mirror-trading scheme occurred while the bank was on clear notice of serious and widespread compliance issues dating back a decade. The offsetting trades here lacked economic purpose and could have been used to facilitate money laundering or enable other illicit conduct, and today’s action sends a clear message that DFS will not tolerate such conduct. DFS is pleased to work with the Financial Conduct Authority on this matter. We also appreciate the bank’s forthrightness and timeliness in conducting its internal review and cooperation in our investigation.”

In addition to today’s action, Superintendent Vullo has led DFS enforcement actions for violations of AML laws against Intesa Sanpaolo S.p.A., which was fined $235 million; Agricultural Bank of China, which was fined $215 million; and Mega Bank of Taiwan, which was fined $185 million.

Today’s action further highlights the importance of DFS’s new risk-based anti-terrorism and anti-money laundering regulation, which became effective on January 1, 2017. DFS’s regulation requires regulated institutions to maintain programs to monitor and filter transactions for potential BSA/AML violations and prevent transactions with sanctioned entities. It also requires regulated institutions to submit an annual board resolution or senior officer compliance finding confirming the steps taken to ascertain compliance with the regulation. In addition, DFS has proposed a first-in-the-nation cybersecurity regulation, which will be effective March 1, 2017, requiring DFS regulated institutions to establish and maintain a cybersecurity program designed to protect consumers and ensure the safety and soundness of New York’s financial services industry.

DFS found that Deutsche Bank and several of its senior managers missed key opportunities to detect, intercept and investigate a long-running mirror-trading scheme facilitated by its Moscow branch and involving New York and London branches. Operating through the equities desk at Deutsche Bank’s Moscow branch, certain companies that were clients of the Moscow equities desk issued orders to purchase Russian blue chip stocks, always paying in rubles. Shortly thereafter, sometimes on the same day, a related counterparty would sell the identical Russian blue chip stock in the same quantity and at the same price through Deutsche Bank’s London branch. The counterparties involved were always closely related, often linked by common beneficial owners, management or agents. The trades were routinely cleared through the bank’s Deutsche Bank Trust Company of the Americas (DBTCA) unit. The selling counterparty was typically registered in an offshore territory and would be paid for its shares in U.S. dollars. At least 12 entities were involved, and none of the trades demonstrated any legitimate economic rationale.

DFS’s investigation uncovered violations that included the following:

  • The bank has conducted its banking business in an unsafe and unsound manner, failing to maintain an effective and compliant anti-money laundering program. The bank failed to maintain and make available true and accurate books, accounts and records reflecting all transactions and actions.
  • When contacted by a European financial institution about contradictory information about one of the companies involved in the trading scheme, a senior compliance employee who supervised special investigations at the DBTCA never responded. In addition, the senior compliance employee did not take any steps to investigate the basis for the European Bank’s inquiry, later explaining that the employee had “too many jobs” and “had to deal with many things and had to prioritize.”
  • The bank’s Know Your Customer (KYC) processes were weak, functioning merely as a checklist with employees mechanically focused on ensuring documentation was collected, rather than shining a critical light on information provided by potential customers. Virtually all of the KYC files for the companies involved in the scheme were insufficient, and a Moscow employee who oversaw the illicit mirror trading was also actively involved in the onboarding and KYC documentation of companies involved in the scheme. In addition, certain staff members experienced hostility and threats on several occasions when it appeared they had not moved quickly enough to facilitate transactions.
  • The bank failed to accurately rate its country and client risks for money laundering throughout the relevant time period and lacked a global policy benchmarking its risk appetite, resulting in material inconsistencies and no methodology for updating the ratings. Deutsche Bank was not in line with peer banks, which rated Russia as high risk well before Deutsche Bank did in late 2014.
  • The bank’s anti-financial crime, AML and compliance units were ineffective and understaffed. A senior compliance staffer repeatedly stated that he had to “beg, borrow, and steal” to receive appropriate resources, leaving existing personnel scrambling to perform multiple roles. At one point, an attorney who lacked any compliance background served as the Moscow branch’s head of compliance, head of legal, and as its AML Officer – all at the same time.

Within 60 days of the consent order, the bank must engage an independent monitor, approved by DFS, to conduct a comprehensive review of the bank’s existing BSA/AML compliance programs, policies and procedures that pertain to or affect activities conducted by or through its DBTCA subsidiary and the New York branch.

Within 30 days of the selection of the independent monitor, the bank, DBTCA and the New York branch must submit to DFS for approval an engagement letter than provides for the independent monitor to review and report on, among other things:

  • The elements of the bank’s corporate governance that contributed to or facilitated the improper conduct and permitted it to go on;
  • Relevant changes or reforms to corporate governance that the bank has made since the time of the improper conduct and whether those changes or reforms are likely to significantly enhance the bank’s BSA/AML compliance going forward; and
  • The thoroughness and comprehensiveness of the bank’s current global BSA/AML compliance programs.

In addition, the bank must submit a written action plan to improve and enhance its current global BSA/AML compliance programs that pertain to or affect activities conducted by or through DBTCA and the New York Branch.

The FCA News Release:

 

FCA fines Deutsche Bank £163 million for serious anti-money laundering controls failings

The Financial Conduct Authority (FCA) has today fined Deutsche Bank AG (Deutsche Bank) £163,076,224 for failing to maintain an adequate anti-money laundering (AML) control framework during the period between 1 January 2012 and 31 December 2015. This is the largest financial penalty for AML controls failings ever imposed by the FCA, or its predecessor the Financial Services Authority (FSA).

Deutsche Bank exposed the UK financial system to the risks of financial crime by failing to properly oversee the formation of new customer relationships and the booking of global business in the UK. As a consequence of its inadequate AML control framework, Deutsche Bank was used by unidentified customers to transfer approximately $10 billion, of unknown origin, from Russia to offshore bank accounts in a manner that is highly suggestive of financial crime. 

Mark Steward, Director of Enforcement and Market Oversight at the FCA, said:

“Financial crime is a risk to the UK financial system. Deutsche Bank was obliged to establish and maintain an effective AML control framework. By failing to do so, Deutsche Bank put itself at risk of being used to facilitate financial crime and exposed the UK to the risk of financial crime.”

“The size of the fine reflects the seriousness of Deutsche Bank’s failings.  We have repeatedly told firms how to comply with our AML requirements and the failings of Deutsche Bank are simply unacceptable. Other firms should take notice of today’s fine and look again at their own AML procedures to ensure they do not face similar action.”

The FCA found significant deficiencies throughout Deutsche Bank’s AML control framework. The FCA specifically found that, during the relevant period, Deutsche Bank’s Corporate Banking and Securities division (CB&S) in the UK:

  • performed inadequate customer due diligence
  • failed to ensure that its front office took responsibility for the CB&S division’s Know Your Customer obligations
  • used flawed customer and country risk rating methodologies
  • had deficient AML policies and procedures
  • had an inadequate AML IT infrastructure
  • lacked automated AML systems for detecting suspicious trades
  • failed to provide adequate oversight of trades booked in the UK by traders in non-UK jurisdictions

As a result of these failings Deutsche Bank failed to obtain sufficient information about its customers to inform the risk assessment process and to provide a basis for transaction monitoring. The failings allowed the front office of Deutsche Bank’s Russia-based subsidiary (DB Moscow) to execute more than 2,400 pairs of trades that mirrored each other (mirror trades) between April 2012 and October 2014.

The mirror trades were used by customers of Deutsche Bank and DB Moscow to transfer more than $6 billion from Russia, through Deutsche Bank in the UK, to overseas bank accounts, including in Cyprus, Estonia, and Latvia. The orders for both sides of the mirror trades were received by DB Moscow, which executed both sides at the same time.

The customers on the Moscow and London sides of the mirror trades were connected to each other and the volume and value of the securities was the same on both sides. The purpose of the mirror trades was the conversion of Roubles into US Dollars and the covert transfer of those funds out of Russia, which is highly suggestive of financial crime.

A further $3.8 billion in suspicious “one-sided trades” also occurred. The FCA believes that some, if not all, of an additional 3,400 trades formed one side of mirror trades and were often conducted by the same customers involved in the mirror trading. 

As a result, Deutsche Bank breached Principle 3 (taking reasonable steps to organise its affairs responsibly and effectively, with adequate risk management systems) of the FCA’s Principles for Businesses. In addition, Deutsche Bank also breached Senior Management Arrangements, Systems and Controls (SYSC) rules 6.1.1 R and 6.3.1 R.

The FCA emphasises the importance of having a strong AML control framework through its proactive supervisory programmes on AML. Firms are regularly reminded of the importance of safeguarding the UK financial system from financial crime and how to comply with AML requirements.

Deutsche Bank agreed to settle at an early stage of the FCA’s investigation and therefore qualified for a 30% (stage 1) discount. This discount does not apply to the £9.1 million in commission that Deutsche Bank generated from the suspicious trading, which has been disgorged as part of the overall penalty meaning that the firm has received no financial benefit from the breach. Were it not for the 30% discount the financial penalty would have been £229,076,224.

Deutsche Bank was exceptionally cooperative with the FCA during this investigation and has committed significant resources to a large scale remediation programme to correct the deficiencies in its AML control framework and customer files.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Links:

NY DFS News Release

Consent Order

FCA Press Release

FCA Final Order

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s