Money laundering

While some EU jurisdictions have been under the spotlight for lax money-laundering controls, the problem goes much deeper than the headlines, as Anita Hawser reports.  

With a population of just over half a million, Malta has earned itself a reputation as ‘the bad boy of Europe’ following allegations of corruption, money-laundering and cash for passports. When talking about the country’s colourful past, Rick Hunkin, chairman of the Malta Bankers’ Association (MBA), chooses his words carefully. Having previously worked as chief risk officer at Tesco Bank, Northern Rock and RBS, before becoming CEO at Malta’s largest commercial bank, Bank of Valletta, in 2019, he believes that Malta is on a path of correction.

While the country may have had low standards in the past, Mr Hunkin says it is now embracing European best practices. “Malta is fixing its anti-money laundering [AML] shortcomings and is heading in the right direction. Some of these crimes are still going through the judicial system, so what you’re seeing is the remnants of what happened in the past. But what I don’t see being discussed is how far Malta has come [in addressing these issues],” he says.

Malta is fixing its anti-money laundering shortcomings and is heading in the right direction

Rick Hunkin, the Malta Bankers’ Association

In 2019, the Committee of Experts on the Evaluation of AML Measures and the Funding of Terrorism (Moneyval) identified several AML and combatting the financing of terrorism (CFT) shortcomings in Malta, including a lack of financial and human resources to adequately investigate and prosecute money-laundering crimes. But in May this year, Moneyval’s follow-up report concluded that Malta was “fully compliant” with 12 of the 40 Financial Action Task Force (FATF) recommendations and “largely compliant” with the remaining 28 recommendations.

More to do

Despite making headway, on June 25, 2021 the FATF announced that it had placed Malta on its ‘grey list’ for increased monitoring. Malta is the first EU country to have been grey-listed by FATF, which wants to see improved accuracy of information regarding beneficial owners of companies registered in Malta and the use of financial intelligence by the country’s Financial Intelligence Analysis Unit (FIAU) to support criminal tax and money-laundering investigations.

Given the progress Malta had already made in the vast majority of areas, Mr Hunkin says the expectation was that the country would not be grey-listed. “There is a strong commitment on the part of Maltese banks to make sure they are fully compliant with the regulations,” he asserts.

Valeria Pastò, director, financial institutions (Maltese banks) at Fitch, says the banking sector in Malta was already working on risk governance ahead of its grey-listing. “There was a feeling they were doing a lot, but it is also true they had to fill a gap,” she says.

But Mr Hunkin says the MBA feels that other banks in Malta have been unfairly tarred with the same brush as Pilatus Bank, which had its European banking licence revoked by the European Central Bank in 2018 on fraud charges, and Satabank, which suffered a similar fate following the identification of significant AML failings. Both banks are no longer operating, but in some ways they still cast a pall over the country.

Mr Hunkin says the MBA has set up an AML working committee. He also points to significant improvements at the FIAU, which has implemented its goAML platform for regulatory reporting and a new contract business analysis repository database of bank accounts held in Malta, which are described as “crucial tools in the fight against money-laundering”.

So far, the impact of the FATF grey-listing on Malta’s banks has been limited, says Mr Hunkin, except for some overseas banks who have returned payments because they don’t want to accept money from Malta. “It increases processing times and costs, but doesn’t materially impact operations,” he explains.

Francesca Vasciminno, senior director for EU banks at Fitch Ratings, explains: “Some correspondent banks in other countries may be spooked by the grey-listing and may prefer not to bank with Malta, particularly if the grey-listing is prolonged, while other banks can handle the relationship because grey-listing is already priced in.”

AML issues beyond Malta

But it would be a mistake to think that money-laundering in the EU is Malta’s problem alone. Back in the summer when Malta’s grey-listing was announced, Sven Giegold, an MEP and member of the Greens-European Free Alliance, wrote a blog post about the 18 EU member states assessed by FATF in November 2020. “Not one attained a high level of effectiveness with regard to key anti-money laundering indicators. Belgium, Cyprus, Greece, Ireland, Italy, Austria, the Czech Republic, Denmark, Latvia, Lithuania, Malta, Slovakia, Slovenia, Finland, Sweden, Portugal and Hungary were all rated as displaying a moderate or low level of effectiveness when it comes to combating money-laundering,” he wrote.

One of the biggest money-laundering scandals to have rocked the EU followed revelations brought to light by a whistleblower, involving €200bn worth of transactions, which passed through Danske Bank’s Estonian branch from 15,000 non-resident customers in the period between 2007 and 2015. A CEO, chair and several managers and employees have since left the bank and its Estonian operations were terminated, but so far none of its top executives have faced criminal charges. Penalties imposed against Danske Bank by different authorities for AML failings could eventually total billions, but S&P Global Market Intelligence estimates the bank could absorb fines of $3.3bn and still achieve its management common equity Tier 1 ratio target of 16%.

Danske Bank’s AML woes are far from over. An October 2021 assessment by the Swedish financial supervisory authority, Finansinspektionen, concluded that the bank “is taking too long to implement measures” in Sweden, and gave it until June next year to rectify the deficiencies.

Other Nordic banks and their Baltic operations have also come under scrutiny. Sweden’s Swedbank was hit with a $386m fine in 2020 for “serious deficiencies” in its AML controls, involving its Estonian branch. Latvia’s third largest bank, ABLV, went into voluntary liquidation in 2018 after it was labelled an “institution of primary money-laundering concern” by the US Financial Crimes Enforcement Network (FinCEN).

In fact, the FinCEN files, which were leaked to journalists in September 2020, revealing hundreds of thousands of suspicious activity reports (SARs) filed between 1999 to 2017 covering transactions worth $2tn, highlighted European banks’ susceptibility to “dirty money from corrupt officials and oligarchs in eastern and central Europe”. Mr Giegold described the FinCEN leak as a “wake-up call” for EU authorities to take urgent action to unify AML supervision and enforcement because the system in its current form is broken.

Governance ‘spaghetti’

Six EU AML directives (AMLDs) and counting: where has Europe’s seemingly watertight approach to fighting financial crime and money-laundering gone wrong? “At the national level, AML has not been a priority,” says Karel Lannoo, CEO of the Centre for European Policy Studies (CEPS), a think tank and forum for debate on EU affairs, and general manager of the European Capital Markets Institute (ECMI). He says money-laundering is a problem in a number of EU countries.

However, Carolin Gardner, acting head of the AML/CFT unit at the European Banking Authority (EBA), does not believe Europe has an AML compliance problem. “When it comes to the banking or financial sector in general, of course there are some bad apples,” she says. “But the majority are trying to do the right thing in complying with their legal obligations protecting us from financial crime.”

Carolin Gardner

Carolin Gardner, European Banking Authority 

But it is not just EU banks in the spotlight. The competent authorities that supervise EU banks have also attracted increased scrutiny in the wake of the Danske Bank scandal. In 2019, the EBA launched an investigation into a possible breach of EU law by the Estonian Financial Services Authority and the Danish Financial Services Authority for their failure to prevent money-laundering activities linked to Danske Bank and its Estonian branch.

Although the investigation found that the competent authorities did not do enough to ensure compliance with AML regulations, the EBA board of supervisors, which is made up of representatives from the EU member states’ national supervisory authorities (including those under investigation), rejected a breach of EU law recommendation. The European Commission (EC) did not accept the EBA’s decision, but so far has not taken any further action.

“The EU’s AML/CFT law is not very specific and is implemented differently in different member states,” Ms Gardner explains. “This has created gaps in the EU’s defences. What is more, at the time when a lot of the very serious money-laundering cases took place, we were still operating under the third AMLD before we moved to a risk-based approach to AML/CFT, and before the EBA issued common standards and guidelines to financial institutions and supervisors on tackling money-laundering and terrorist financing risk effectively.”

AML was frequently tackled in isolation, says Ms Gardner. “Competent authorities in the same member state or across member states responsible for the supervision of the same group didn’t communicate or exchange notes, so they didn’t pick up on things that should have been obvious. What’s more, supervisors in different member states interpreted EU law differently, which resulted in some entities being unsupervised for AML.” She says some national supervisory authorities did not even communicate with national financial intelligence units (FIUs). “It was a completely siloed mentality, which is unacceptable but, unfortunately, prevailed for many years,” she says.

It sounds like a classic case of what Mr Lannoo and his CEPS-ECMI colleagues referred to in a January 2021 report on AML in the EU, called ‘Time to get serious’, as “AML governance spaghetti”. Their report talks about a “confused AML risk management framework” in the EU and “unease among prudential supervisors to use their far-reaching powers against money-laundering”. Prudential and conduct supervisory authorities, tax authorities and law enforcement are organised differently across the EU, the report explains, which makes consistent application of AML/CFT challenging.

Even AML officers within banks were treated differently across EU member states, says Ms Gardner. “Some have a direct line to the board, while in other member states, officers are very junior and didn’t have the ear of senior management. A lot of AML compliance officers [within banks] are very knowledgeable, but in some cases are prevented from investigating and reporting suspicious transactions because of profit considerations or because a customer is a personal friend of the CEO, which needs to be addressed,” she explains.

A pan-EU AML authority

The EBA recently published draft guidelines setting out clear expectations of the role, tasks and responsibilities of an AML/CFT compliance officer and how they interact with senior management, including at the group level. “We’re trying to develop a more consistent approach and highlight the important role of AML/CFT officers within an organisation,” says Ms Gardner. But one of the upsides of the AML scandals that have rocked the EU, she adds, is that AML is now enjoying its moment in the sun, which has helped move things along more quickly.

Maira martini

Maíra Martini, Transparency International

In July 2021, the EC announced a raft of new AML legislative proposals to strengthen the bloc’s AML/CFT rules. One of the biggest changes under the proposals is the establishment of an entirely new pan-EU AML authority, referred to as Amla, which will take supervisory authority for AML away from EU member states. “The new proposals will be quite revolutionary,” says Monsur Hussain, senior director, enhanced analytics – financial institutions (EU banks) at Fitch Ratings.

“Acting as a single supervisor in charge of sharing and co-ordination between FIUs, having a regulation in place to replace directives, means you’re not going to have divergences between member states. No national legislation will be required for rules on counterparties, which will reduce holes in the current directive-led approach,” says Mr Hussain. However, he adds that it will be some time before these measures take effect. Amla will be operational from 2024, but only supervising high-risk financial institutions from 2026.

“The reason why the EC is setting up a new agency is because the EBA didn’t do its job,” observes Mr Lannoo. But he still believes it would have made more sense to give the EBA more powers, rather than setting up a new authority. Mr Hunkin says only time will tell the extent to which Amla will provide banks with more focused, easier implementation advice and guidance. “There are a lot of regulatory bodies banks need to comply with already, so we need to be careful not to create yet another overhead for banks,” he says.

Maíra Martini, who leads Transparency International’s research and policy on beneficial ownership transparency and AML, says the new EU measures are a step in the right direction. But there are a couple of elements that could be improved, she adds, because the current package does not protect the weakest link: smaller financial institutions, which are unlikely to fall under the new authority’s direct supervision. “Cases in the past few years have highlighted how smaller banks in smaller member states are vulnerable,” she says.

Roland Papp, senior policy officer at Transparency International’s liaison office to the EU focusing on illicit financial flows, says he is cautiously optimistic with respect to the new EU AML regulations. The new measures also mean that the EU will maintain its own black and grey lists, reflecting the FATF listing. It will also be able to list countries which are not listed by FATF, but that it considers pose a threat to the EU’s financial system based on its assessment. “The AML list for non-co-operative countries, wasn’t that strong before,” Mr Papp explains. “Now they will add to the list of third countries.”

But for a real change to occur, Ms Martini says there needs to be consequences for the banks that fall foul of the regulations. “In past AML cases, none of the individuals from banks were prosecuted,” she explains. “It just goes to show you how powerful the banks are.”

PLEASE ENTER YOUR DETAILS TO WATCH THIS VIDEO

All fields are mandatory

The Banker is a service from the Financial Times. The Financial Times Ltd takes your privacy seriously.

Choose how you want us to contact you.

Invites and Offers from The Banker

Receive exclusive personalised event invitations, carefully curated offers and promotions from The Banker



For more information about how we use your data, please refer to our privacy and cookie policies.

Terms and conditions

Join our community

The Banker on Twitter