Central Bank of Ireland

Here’s the headline piece:

Enforcement Action

Central Bank of Ireland and Bank of Montreal Ireland plc.

Bank of Montreal Ireland plc. reprimanded and fined €1,246,189 by the Central Bank of Ireland for breach of banking licence condition

On 26 April 2019, the Central Bank of Ireland (the “Central Bank”) reprimanded and imposed a fine on Bank of Montreal Ireland plc. (the “Firm”) for breaching a condition of its banking licence by failing to submit three operational risk returns to the Central Bank, and failing to establish and maintain effective processes and internal controls to ensure compliance with this regulatory reporting condition. The Firm has admitted the breaches in full. This is the Firm’s second reprimand and fine for deficiencies in regulatory reporting.

The Central Bank’s investigation found that the breaches were caused by:

 the Firm’s failure to establish and maintain effective processes and controls to ensure the

submission of operational risk returns;

 an over-reliance on Bank of Montreal group policies; and

 the use of an informal process to comply with its obligation to submit operational risk returns.

The Central Bank determined that the appropriate fine was €1,780,269 which was reduced by 30% to €1,246,189 in accordance with the settlement discount scheme provided for in the Central Bank’s Administrative Sanctions Procedure (“ASP”).

Seána Cunningham, the Central Bank’s Director of Enforcement and Anti Money Laundering, said:

“All firms operating in Ireland must do so in line with their regulatory licence, and all conditions attaching to it. Compliance with licence conditions is not optional, and breaches are treated seriously by the Central Bank as demonstrated in this enforcement action against the Firm.

The licence breach in this case centres on the Firm’s failure to submit three operational risk returns. As the risks facing the financial sector continue to grow and become more complex, it is essential that the Central Bank has a clear line of sight to any potential risks, including operational risks, within regulated firms to ensure effective supervision and to assess the resilience and integrity of all firms and the financial sector as a whole. All firms must ensure the highest standards in identifying, properly managing and monitoring, and reporting on its operational risks in line with the Central Bank’s requirements.

As a result of this investigation, the Central Bank reminds international firms, whether already established or seeking to establish a presence in Ireland, that they must put in place adequate policies, processes and controls necessary to comply with all licence conditions and regulatory obligations specific to their licence conditions to operate in Ireland.”

Link:

Enforcement Action

Financial Sanctions update March 2019

 

The Central Bank of Ireland (“Central Bank”) is responsible for the administration, supervision, and enforcement of relevant aspects of financial sanctions in Ireland. In carrying out this role, the Central Bank publishes updates on its website to assist firms in complying with the relevant regulations. Firms should ensure that they monitor the EU and UN websites and lists on a regular basis for any additional updates. 

The Central Bank maintains the right to delete or modify in part or in full, any information on this site without prior notice.

Frozen Assets Return 2019

The Central Bank requests all regulated financial service providers in Ireland which have identified frozen assets in Ireland under EU Council Regulation relating to financial sanctions to complete the attached Sanctions Return Form to ensure all records maintained by the Central Bank are accurate and up to date. All completed forms must be submitted to sanctions@centralbank.ie by Friday 22nd March 2019. The Sanctions Return Form can be found at the following link.

https://www.centralbank.ie/docs/default-source/regulation/how-we-regulate/international-financial-sanctions/sanctions-return-form.xlsx?sfvrsn=2 

There is a legal obligation on all firms to comply with EU Council Regulations relating to financial sanctions as soon as they are adopted. Once a person or entity has been sanctioned under EU Financial Sanctions, firms are required by law, not to transfer funds or make funds or economic resources available, directly or indirectly, to that person or entity. The Central bank must be notified of any freezing of funds by a regulated financial service provider.

“Quick Links”

         COMMISSION GUIDANCE NOTE ON THE IMPLEMENTATION OF CERTAIN PROVISIONS OF REGULATION (EU) No 833/2014  

         Improving Global AML/CFT Compliance: On-going Process – 19 October 2018   

         Updated Blocking Statute in support of Iran nuclear deal  

         FATF and High-risk and other monitored jurisdictions  

         The FATF recommendations  

         International best practices targeted financial sanctions related to terrorism and terrorist financing (recommendation 6)  

         EU Sanctions Map  

In order to subscribe to Financial Sanctions alerts please register on the Central Bank website

Other related matters

The Criminal Justice (Money Laundering and Terrorist Financing) (Amendment) Act 2018

The Criminal Justice (Money Laundering and Terrorist Financing) (Amendment) Act 2018 commenced on 26 November 2018. The amended Act includes the insertion of Schedule 4, which sets out a non-exhaustive list of factors suggesting potentially higher risk. This list includes “countries subject to sanctions, embargos or similar measures issued by organisations such as, for example, the European Union or the United Nations; and countries (or geographical areas) providing funding or support for terrorist activities, or that have designated terrorist organisations operating within their country”.

Central Bank AML/CFT Guidelines

The draft Central Bank AML/CFT Guidelines which sets out the expectations of the Central Bank in respect of Firms compliance with their AML/CFT obligations following the enactment of the 2018 Act, together with a public consultation document, were published on 21 December 2018. The public consultation period will close on 5 April 2019.

Should you have any questions regarding this communication, please contact the Central Bank directly at:

Financial Sanctions Unit
Anti-Money Laundering Division
Central Bank of Ireland
New Wapping Street
North Wall Quay
Dublin 1
D01 F7X3

Email: sanctions@centralbank.ie

Financial Sanctions update September 2018

 

There is a legal obligation to comply with EU Council Regulations relating to financial sanctions as soon as they are adopted.  Once a person or entity has been sanctioned under EU Financial Sanctions, there is a legal obligation not to transfer funds or make funds or economic resources available, directly or indirectly, to that person or entity.

 

The Central Bank is responsible for the administration, supervision, and enforcement of relevant aspects of financial sanctions in Ireland. In carrying out this role the Central Bank publishes ‘updates’ on its website to assist with compliance with the relevant regulations. Firms should ensure to check the EU and UN websites and lists on a regular basis.

The Central Bank of Ireland maintains the right to delete or modify in part or in full, any information on this site without prior notice.

 

 

“Quick Links”

The following quick links will be of interest to compliance officers and MLRO’s

·         FATF and High-risk and other monitored jurisdictions  

 

·         FATF’s strategy on combating terrorist financing

 

·         The methods used to launder proceeds of criminal activities and finance illicit activities are in constant evolution. As  the international financial sector implements the FATF standards, criminals must find alternative channels.

 

This research will assist countries in identifying, assessing and understanding the money laundering and terrorist financing risks that they are exposed to. Once these risks are properly understood, countries will be able to implement anti-money laundering and counter terrorist financing measures that mitigate these risks.  

 

·         The FATF recommendations . International best practices targeted financial sanctions related to terrorism and terrorist financing (recommendation 6)

 

·         Consolidated United Nations Security Council Sanctions List

 

·         The consolidated list of persons, groups and entities subject to EU financial sanctions can be downloaded from Financial Sanctions Database – FSF platform  accessible via the following address: https://webgate.ec.europa.eu/europeaid/fsd/fsf

In order to access the FSF platform you are required to have an “EU Login” account.

Please follow the instructions provided on the EU Login page displayed when you click on the above link.

The former links to the sanction files are replaced by the FSF platform. However, to allow a smooth transition, they will still be available up to the 31st of March 2018. Please note this is not a Central Bank website and no questions regarding access should be directed to the Central Bank.

 

  • EU Sanctions Map

In 2017, we saw the introduction of the EU Sanctions Map website by the Estonian Presidency, which in due course will be administered by the Commission. The website provides detailed information and summaries of each of the regimes.

 

  • Iran Regulations

 

To help EU operators with the implementation of the updated Blocking Statute, the Commission published a Guidance Note and supporting documents to facilitate understanding of the relevant legal acts.

 

Commission Implementing Regulation (EU) 2018/1101 of 3 August 2018 setting out the criteria for the application of the second paragraph of Article 5 of Council Regulation (EC) No 2271/96 protecting against the effects of the extra-territorial application of legislation adopted by a third country, and actions based thereon or resulting therefrom.

 

 

  • European Union Consolidated Financial Sanctions List

The Consolidated list is updated on a regular basis.  You are required to have a login account as outlined above in order to receive automatic emails regarding updates. 
                                             

  • Consolidated United Nations Security Council Sanctions List

The Consolidated Sanctions List includes all individuals and entities subject to sanctions measures imposed by the Security Council. The inclusion of all names on one Consolidated Sanctions List is to facilitate the implementation of the measures. This does not imply that all names are listed under one regime, nor that the criteria for listing specific names are the same. The lists may not include some entries that are not subject to an asset freeze but  which are subject to additional countermeasures.

 

 

If you have any questions regarding this communication, please contact the Central Bank directly: 

Financial Sanctions Unit
Anti-Money Laundering Division
Central Bank of Ireland
PO Box 559
Dublin 1

Email: sanctions@centralbank.ie

 

Financial Sanctions update Spring 2018

There is a legal obligation to comply with EU Council Regulations relating to financial sanctions as soon as they are adopted.  Once a person or entity has been sanctioned under EU Financial Sanctions, there is a legal obligation not to transfer funds or make funds or economic resources available, directly or indirectly, to that person or entity.

 

The Central Bank is responsible for the administration, supervision, and enforcement of relevant aspects of financial sanctions in Ireland. In carrying out this role the Central Bank publishes ‘updates’ on its website to assist with compliance with the relevant regulations. Firms should ensure to check the EU and UN websites and lists on a regular basis.

 

·         EU Sanctions Map

In 2017, we saw the introduction of the EU Sanctions Map website by the Estonian Presidency, which in due course will be administered by the Commission. The website provides detailed information and summaries of each of the regimes.

 

·         Consolidated list of sanctions

The consolidated list of persons, groups and entities subject to EU financial sanctions can be downloaded from Financial Sanctions Database – FSF platform  accessible via the following address: https://webgate.ec.europa.eu/europeaid/fsd/fsf

In order to access the FSF platform you need to have an “EU Login” account.
Please follow the instructions provided on the EU Login page displayed when you click on the above link.

The former links to the sanction files are replaced by the FSF platform. However, to allow a smooth transition, they will still be available up to the 31st of March 2018. Please note this is not a Central Bank website and no questions regarding access should be directed to the Central Bank.

 

·         FATF High-risk and non-cooperative jurisdictions 

The FATF identifies jurisdictions with weak measures to combat money laundering and terrorist financing (AML/CFT) in two FATF public documents that are issued three times a year. The FATF’s process to publicly list countries with weak AML/CFT regimes has proved effective. As of November 2017, the FATF has reviewed over 80 countries and publicly identified 64 of them. Of these 64, 52 have since made the necessary reforms to address their AML/CFT weaknesses and have been removed from the process (see also, an overview of the jurisdictions currently identified in this process).

 

 

·         EU sanctions measures for 2017. 

Please find below the completed table of EU sanctions measures for 2017. As summarised below, there are 108 different entries (up from 85 in 2016 and 102 in 2015), encompassing 32 separate regimes. 

 

These entailed 175 legal acts as follows: 23 Council Regulations, 73 Commission Implementing Regulations, 50 Council Decisions and 29 Council Implementing Decisions.  

 

·         Two new regimes were introduced Mali (CR 2017/1770) and Venezuela (CR 2017/2063), and no regime was repealed. 

 

·         The most significant new measures introduced were in respect of DPRK, for which there are 17 separate entries including a new parent Regulation, CR 2017/1509. 

 

·         The Al-Qaida / ISIL regime has the most entries, with 22 Commission Implementing Regulations, followed by DPRK (17), Libya (11), Ukraine (Territorial Integrity) (6), Syria (5) and Terrorism – CP931 (5).

 

·         The complete list is available on the ‘Financial Sanctions Updates 2018’ page on the Central bank website.

 

   

 

·         Financial Sanctions Updates 2018

The Central Bank Financial Sanctions Updates 2018 page is now live.

This site is subject to change from time to time. While the Central Bank of Ireland attempts to assure the correctness and timeliness of all material posted on the site, it takes no responsibility for errors or omissions which may be the result of technical causes, or otherwise. Further, the Central Bank of Ireland specifically disclaims all responsibility for damage or loss arising as a result of use of information provided herein.   

 

The Central Bank of Ireland maintains the right to delete or modify in part or in full any information on this site without prior notice.

 

·         European Union Consolidated Financial Sanctions List

The Consolidated list is updated on a regular basis.  Ensure you have a login as outlined above in order to receive automatic emails about updates.

                                                

·         Consolidated United Nations Security Council Sanctions List

The Consolidated Sanctions List includes all individuals and entities subject to sanctions measures imposed by the Security Council. The inclusion of all names on one Consolidated Sanctions List is to facilitate the implementation of the measures, and implies neither that all names are listed under one regime, nor that the criteria for listing specific names are the same.

 

·         To subscribe to Financial Sanctions alerts please register on the Central Bank website

 

 

Intesa Sanpaolo was fined for the following deficiencies in their AML program:

 Risk assessment: assessment of money laundering/terrorist financing (‘ML/TF’) risks specific to its business.

 Customer due diligence: policies and procedures for conduct of enhanced customer due diligence (‘ECDD’) on customers who were politically exposed persons (‘PEPs’).

 Suspicious transaction reports: procedures for reporting suspicious transactions to An Garda Síochána and the Revenue Commissioners without delay.

 AML/CFT policies and procedures: incorporation of a mechanism for regular review.

Interestingly enough, the investigation started in 2014 when Intesa notified the Central Bank that an independent third party had found its program deficient.

Some of the deficiencies found:

Until June 2011, the Firm had not completed an assessment of its ML/TF risk. Furthermore, between June 2011 and April 2014, the Firm’s purported assessments were inadequate as they failed to identify and assess the ML/TF risks relevant to the Firm by reference to the appropriate risk categories (such as country/geographic risk, customer risk, industry risk, product risk and channel/distribution risk).

And:

The CJA 2010 specifies that ECDD is required in respect of non-resident PEPs. The Central Bank identified the following failings in relation to Intesa’s policies and procedures, under Section 54 of the CJA 2010, for ECDD on PEPs:

 The application form for new customers incorrectly excluded PEP customers resident in Italy and Slovakia from Intesa’s requirement to self-identify as PEPs for the purpose of Irish AML/CFT laws.

 Intesa failed to adopt policies and procedures that required senior management approval of PEP customer relationships.

and:

Intesa failed to incorporate a review mechanism in its policies and procedures. Consequently, the Firm did not review its AML Policies in February 2012 when the Department of Finance published core guidelines on the CJA 2010 for the financial services industry or, in September 2012, on publication of industry guidance for the life assurance sector. It commenced a review in November 2013 of its AML Policies following the enactment of the Criminal Justice Act 2013 (which amended the CJA 2010) A review mechanism was incorporated into the AML Policies in April 2015.

And these are the factors that the Central Bank considered in meting out its penalty:

 The seriousness with which the conduct is viewed, particularly given Intesa’s status as Ireland’s largest insurer operating on a cross border basis and the increased risk of exposure to PEPs.

 The extended period of time over which the breaches occurred.

 The need to impose an effective and dissuasive sanction on regulated entities.

 The co-operation of Intesa during the investigation and in settling at an early stage in the

Central Bank’s Administrative Sanctions Procedure.

Link:

Central Bank of Ireland Enforcement Notice

The fine was 2,275,000 EUR for the following AML failures – AIB failed to:

 

  •   Report suspicious transactions without delay to An Garda Síochána and the Revenue Commissioners.

  •   Conduct customer due diligence (‘CDD’) on existing customers who had accounts prior to May 1995 (‘Pre95 customers’) when the first Irish laws on anti-money laundering and countering the financing of terrorism (‘AML/CFT’) became effective

 

  1. The Central Bank also identified breaches in respect of AIB’s AML/CFT policies and procedures in a number of areas, including the above, and its trade finance business. 

And these are the factors that the central bank used in setting the penalty:

 

  •   Seriousness with which the conduct is viewed, particularly given AIB’s central role in the financial services system and the high risk nature of retail banking business in terms of ML/TF.

  •   The extended period of time over which the breaches occurred, spanning the period from 15 July 2010 to 8 July 2014.

  •   The co-operation of AIB during the investigation and in settling at an early stage in the Central Bank’s Administrative Sanctions Procedure.

  •   The actions taken by AIB to remediate the breaches. 

Link:

Central Bank of Ireland Settlement Agreement

The fine was 3,150,000 EUR for the following AML program failures:

 

For the year 2012, the Firm’s risk assessment was inadequate as the risk rating for certain categories of customers, products and channels was not included in every instance although that information was identified as necessary for the evaluation of risk for those categories. Furthermore, for the years 2012 and 2013, BOI did not address geographical and sectoral risks in its risk assessments. 

and: 

 

The Central Bank identified a number of failures in BOI’s policies and procedures, under Section 54 of the CJA 2010, for the reporting of suspicious transactions:

  •   BOI failed to have adequate checking processes for internal escalation and submission of suspicious transaction reports in circumstances where BOI’s group internal audit function indicated such deficiencies.

  •   BOI failed to ensure that relevant senior management received adequate management information on the volume and duration of alerts awaiting investigation.

    In addition and significantly, BOI failed to report six suspicious transactions to An Garda Síochána and the Revenue Commissioners as soon as practicable, as required by Section 42 of the CJA 2010. 

And: 

 

  •   BOI failed to document the respective AML/CFT responsibilities with one correspondent banking party when providing banking services to one non-EU bank, as required by Section 38(1)(e).

  •   BOI failed to adopt policies and procedures, under Section 54 of the CJA 2010, to ensure that enhanced CDD would be applied to correspondent banking relationships with non-EU banks. 

And:

 

  •   BOI failed in its procedures to document the inherent ML/TF risks specific to the trade finance business (including identifying potentially suspicious activity i.e. ‘trade finance red flags’) and the specific operational controls to mitigate and monitor those risks.

  •   BOI failed to provide sufficient specific training on suspicious activities relevant to the trade finance business. 

And:

 

  •   BOI provided banking services to one non-resident PEP customer without applying the enhanced CDD measures, set out in Section 37(4)(b) of the CJA 2010, which required BOI to determine the customer’s source of funds (‘SOF’) and source of wealth (‘SOW’).

  •   BOI failed to adopt policies and procedures, under Section 54 of the CJA 2010, to ensure that information and supporting documents in respect of SOF and SOW were routinely: (i) requested from new non-resident PEP customers, and (ii) monitored when such customers were periodically reviewed.

  •   BOI failed to adopt policies and procedures, under Section 54 of the CJA 2010, to have in place robust controls to ensure any exceptions to the standard CDD process were fully documented.

  •   BOI failed to adopt procedures, under Section 54 of the CJA 2010, to comply with Section 33(8) of the CJA 2010 where customers had not provided the required CDD information or documentation. 

And:

 

  1. The Central Bank identified that BOI failed to satisfy the conditions set out in Section 40(4) by relying on a third party to conduct CDD for 178 corporate customers where BOI’s contractual arrangements did not satisfy the conditions set out in Section 40(4) of the CJA 2010. 

The amount of the fine was determined based on the following factors:

 

  1. In deciding the appropriate penalty to impose, the Central Bank considered the following matters:

    •   The seriousness with which the conduct is viewed, particularly given BOI’s central role in the financial services system and the high risk nature of retail banking business in terms of ML/TF.

    •   The extended period of time over which the breaches occurred, spanning the period from 15 July 2010 to 18 December 2015. 

  •   The co-operation of BOI during the investigation and in settling at an early stage in the Central Bank’s Administrative Sanctions Procedure.

  •   The actions taken by BOI to remediate the breaches. 

Link:

Central Bank of Ireland Settlement Agreement