Statement on inspection in Swedbank, branch of Swedbank AB (publ), Sweden (money laundering area)
In April 2021, the Danish Financial Supervisory Authority carried out an inspection of Swedbank, a branch of Swedbank AB (publ), Sweden (the branch). The inspection was an investigation of the money laundering area. The inspection included the company’s risk assessment, policies, procedures and internal controls
In addition, the inspection included the company’s customer knowledge procedures and the company’s monitoring of customers. Finally, the inspection included the company’s inspection, listing, notification and storage obligations.
Risk assessment and summary
Swedbank has activities internationally, e.g. in the Baltics and in the Nordic countries, including in the Danish branch. The bank’s Danish branch mainly offers financial services in the form of salary and savings accounts as well as housing and consumer loans and business accounts.
The Danish Financial Supervisory Authority assesses that the company’s inherent risk of being used for money laundering or terrorist financing is normal to high assessed in relation to the average of financial companies in Denmark.
The Danish FSA’s assessment is i.a. based on branch size, business model, products and customers. On the one hand, the branch has only a limited product range as well as a limited number of customers as well as customer types. On the other hand, the customers are to a large extent Øresund commuters who have been onboarded via Swedbank in Sweden, and which the branch has thus not itself onboarded. In addition, the branch offers banking products, which are generally considered to have a high risk, to both private and business customers.
Based on the inspection, there are a number of areas that give rise to supervisory reactions.
The branch has been instructed to prepare sufficient business procedures in a number of areas where there are currently insufficient business procedures. The branch’s business procedures must include all relevant risk areas in the branch.
The branch has been instructed to verify identity information on the basis of documents, data or information obtained from a reliable and independent source when the branch establishes a business relationship with a business customer.
The branch has been instructed to implement reasonable measures to clarify the ownership and control structure for business customers when establishing business relationships with them.
The branch has been instructed to ensure that it adequately assesses and, where appropriate, obtains information about the customer’s purpose and intended nature when establishing a business relationship.
The branch has been ordered to carry out stricter customer due diligence procedures in the corporate customer relationships, where the branch has assessed that there is an increased risk of money laundering and terrorist financing.
The branch has been instructed to ensure that the branch’s monitoring system covers and can apply changes in customer behavior and deviations from the branch’s knowledge of the customer to generate alarms.
The branch has been instructed to ensure that the branch conducts adequate investigations into alarms from the branch’s surveillance.
Finally, the branch has been ordered to record and store the results of the investigations of suspicious transactions carried out in accordance with the duty to investigate, just as the branch has been ordered to document the results of the investigation on the case.