Fincrime Briefing: Dutch banks struggle to attain, retain AML talent, investors sue Danske on laundering failings, stock drop, Iran update, new cyber resource, and more

By Brian Monroe
bmonroe@acfcs.org
January 4, 2020

Quote of the Day: You must take action now that will move you towards your goals. Develop a sense of urgency in your life.” – H. Jackson Brown, Jr.

In today’s briefing, Dutch banks struggle to capture, keep top fincrime compliance pros, more irate investors sue Danske on heels of laundering scandal, will Iran unleash more cyberattacks after general’s killing, U.K. agency offers charity cybersecurity resource, and more.

Please enjoy this unlocked story, part of the many benefits of being an ACFCS member.

Want to talk about industry trends, story ideas or get published? Feel free to reach out to ACFCS Vice President of Content Brian Monroe at the email address above. Now, on to more sweet sweet content!

REGIONAL COMPLIANCE FOCUS - NETHERLANDS

Many Dutch banks struggling to recruit, retain staff to check for money laundering in ramp up tied to Danske scandal: FD

Dutch banks are struggling to recruit hundreds of money laundering experts to beef up their financial crime compliance departments, the Financieele Dagblad said on Friday, a likely response to the still-smoldering Danske Bank scandal.  

So desperate have banks become that they are advertising for school leavers with no experience and offering starting salaries of €3,000 plus a “focus on personal growth,” the paper said.

But despite the best efforts of recruitment firms to make the jobs seem exciting, most of the junior level “customer due diligence” work is dull and nothing to do with “catching crooks,” the paper points out.

Hence, job hopping is common and companies struggle to keep hold of the staff they have.

Banks are only just realizing that checking for money laundering has become a key activity, CDD expert Jaan-Jan Deverschot told the paper, and they are now putting more effort into keeping staff on board.

Rabobank, for example, is setting up its own CDD training academy and the other banks are investing in training and coaching, he said. Banks are also looking abroad, to England, Spain and eastern Europe to bring in new recruits.

Despite technological advances, checking for money laundering still needs human input.

“The big switch to automation will only happen when more IT systems are linked,” Erik Schut of interim management consultancy Eiffel told the paper. “At the moment, there is no serious alternative to the battle to recruit new staff,” (via Dutch News).

Monroe’s Musings: This is a somewhat expected aftershock of the Danske Bank money laundering scandal, where some $230 million in suspect Russian funds flowed through the now-shuttered Estonian branch of Danske Bank.

The tendrils of the scandal have been uncovered in a bevy of banks, including Swedbank, Deutsche bank and others and has caused a general upheaval in banking, regulatory and investigative practices in the Nordic and Baltic regions and at the highest levels of the European Union.

Now what happens, you ask, in the wake of a massive money laundering scandal, predated by broad and longstanding anti-money laundering (AML) compliance failures at banks in these regions?

First, the investigators come in and try to find institutions with concrete connections to the offender banks. Then the regulators come in and more aggressively examine said institutions to see how far-reaching the AML failures.

Then other regional regulators follow their lead. Finally, Nordic and Baltic banks on the hot seat and others about to be placed on the grill start searching far and wide for experienced AML staff to bring their program up to a level that will pass muster with examiners – teams with new marching orders to take a hasher look at everything.

ENFORCEMENT

More investors sue Danske Bank for alleged money laundering after scandals, compliance failures

About 60 investors have sued Danske Bank for 1.5 billion crowns ($224 million) over alleged money laundering, their lawyers said on Friday, the third such case to hit Denmark’s biggest lender – bringing the total number of investors to nearly 300 and funds sought to more than $1 billion.

Danske Bank said it would defend itself against the lawsuit and that it had no information about the timing of the case.

Danske Bank is under investigation in several countries including the United States over 200 billion euros ($220 billion) of payments through its branch in Estonia between 2007 and 2015, many of which the bank has said were suspicious.

“We will defend ourselves against the demands and deal with any development in collaboration with the bank’s lawyers,” Danske said in a statement.

Danish law firm Nemeth Sigetty said it had filed the latest suit at the District Court of Copenhagen on behalf of a group of about 60 international investors.

The investors, including pension funds, insurance companies and asset managers from at least 12 countries, are represented by the International Securities Associations and Foundations Management Company for Damaged Danske Investors (ISAF-Danske).

The lawsuit claims Danske violated Danish Capital Market Laws by deliberately misleading and keeping investors in the dark for years, ISAF-Danske said in a statement.

It said the bank did not disclose that “its financial income statements and retained earnings included significant earnings from known illegal high-risk money laundering activities.”

Danske Bank is already facing two lawsuits in the United States, including one by 232 pension funds and other investors claiming damages of nearly $800 million, (via Reuters).

Monroe’s Musings: These moves by investors are not uncommon for high-profile AML failures, but were almost a guarantee involving banks tied to the Danske scandal, and of course Danske itself – the epicenter of the scandal, when the stock prices of the institutions plummeted after news became public.

Yet another reason that banks need to have strong financial crime compliance teams, lest they may face the same fate from irate regulators, investigators – and fuming and furious investors. 

CYBERSECURITY/TERROR FINANCE

In wake of U.S. strike killing top general, Iran could be preparing to launch cyberattacks on very short notice, expert says

Iran’s Supreme Leader Ayatollah Ali Khemanei vowed “harsh retaliation” against Washington, in response to the assassination of top General Qassem Soleimani, with some believing that could mean attacks beginning in the short term in the virtual world.

Intelligence experts say cyber warfare could be a primary focus, given Tehran’s vastly improved capabilities.

The country has invested heavily in its development of cyber warfare, since the destructive “Stuxnet” malware crippled Iran’s nuclear capabilities back in 2010, with large U.S. and international banks frequent targets for the Islamic Theocracy due to the ability to both steal funds and exact a measure of vengeance against longtime foe, America.

That has drastically reduced its response times to attacks, putting it on the same level as the U.S., according to Tom Warrick, a Non-Resident Fellow at The Atlantic Council and former Deputy Assistant Secretary for Counterterrorism Policy at the Department of Homeland Security.

“It’s quite possible, as we sit here right now that Iranian cyber attacks may be launched against American targets, whether they be banks oil companies, academic institutions,” said Warrick, speaking to Yahoo Finance’s On The Move. “It’s certainly clear that Iran has the capability to launch attacks on very short notice from cyber.”

Warrick says that stands in stark contrast to the near three years it took for Iran to carry out a number of retaliatory attacks on control systems across the world back in 2010.

Since Stuxnet, Iran has been suspected of unleashing the “Shamoon” virus that erased nearly three quarters of Saudi Aramco’s corporate PCs, halted the website of Qatari natural gas firm RasGas, and shut down servers and wiped hard drives at the Sands Casino in Las Vegas.

US banks were also targeted between 2011 and 2012, causing major disruptions from Bank of America to Wells Fargo, (via Yahoo Finance).

Monroe’s Musings: What jumped out at me in this story is something I already knew to be true: U.S. banks are frequent targets of cyber assassins and could be even more of a target as Iran looks to seek vengeance, in the real and digital worlds, against the United States.

I would also add that if Iran, or its proxies in Turkey and other Middle Eastern countries with a propinquity to regions known to have strong Iranian influence, attempt to move funds to support some attack, that might create new alerts for banks in their AML transaction monitoring systems.

So some institutions with an extensive presence near Iran should also consider retuning their systems, or prime their fincrime analysts, that an uptick in certain money movements to certain regions or operations attempting to move funds, particularly if they don’t have a firm risk grasp of the company or individual or they are new, could be the precursor to a terror attack. 

NEW RESOURCE - CYBERSECURITY

U.K. cyber defense agency offers resource to protect organizations from most common types of cybercrime with ‘Small Charity Guide,’ covering preventing malware infection, avoiding phish hooks

The United Kingdom’s top cyber defense agency has issued a new resource to help more diminutive firms already dependent on the kindness of strangers to improve cyber security defenses – quickly, easily and at a relatively low cost.

The National Cyber Security Centre (NCSC) has released a 20-page “Small Charity Guide,” to help charitable organizations large and small to strengthen cyber defenses in a range of critical areas, from baking in backing up data to better inoculating systems and users against virulent malware, and more.

The guide covers five key topics, with further links in each section for additional resources:

  • Backing up data
  • Not falling for miscreant malware
  • Avoiding getting hooked in a phishing scheme
  • Safeguarding tablets and smart phones
  • More aggressive use of passwords, and making them harder to crack

Moreover, if a charity, or any business for that matter, wants to improve their company’s cybersecurity further, the NCSC offers certification under the Cyber Essentials scheme, which has the benefit of demonstrating to your supporters, donors and beneficiaries that you take the protection of their data seriously.

As well, for larger charities or corporates at large that may face a greater risks from cyber crime, the agency offers the 10 Steps to Cyber Security  resource, which offers more extensive steps to counter digital brigands and secure virtual vaults, (via the U.K. National Cyber Security Centre).