News & Press: ACFCS News

Daily Briefing: Former Danske CEO charged, watchdog chides UK on owner registry loopholes, and more

Thursday, May 9, 2019   (0 Comments)
Posted by: Brian Monroe
Share |

By Brian Monroe
May 9, 2019

Quote of the Day: “Wealth after all is a relative thing since he that has little and wants less is richer than he that has much and wants more.” – Charles Caleb Colton

In today’s ACFCS Fincrime Briefing, Danske Bank’s former CEO farces charges in laundering scandal, London has loopholes in its beneficial ownership registries, new Finra AML guidance, and more.

Please enjoy this unlocked story, part of the many benefits of being an ACFCS member.

Want to talk about industry trends, story ideas or get published? Feel free to reach out to ACFCS Vice President of Content Brian Monroe at the email address above. Now, on to more sweet sweet content!

Money laundering

Ex-Danske CEO Borgen charged over money laundering case: report

In a major twist sure to make top bank executives quake, Danish prosecutors have charged Thomas Borgen, former chief executive of Danske Bank, over his involvement in one of the world’s biggest money laundering scandals, newspaper Borsen reported on Tuesday, citing his lawyer.

Borgen is the first person to be charged in a case that involves suspicious transactions of some 200 billion euros ($224 billion) that passed through Danske Bank’s Estonian branch between 2007 and 2015.

Denmark’s biggest bank is being investigated by authorities in several other countries including the United States, where it could face major fines.

Borgen, who had been in charge of Danske Bank’s international operations, including Estonia, between 2009 and 2012, resigned in September after an investigation revealed the scale of the suspicious payments.

Prosecutors raided Borgen’s home on March 12, the report quoted the lawyer as saying.

Borsen also cited unnamed sources as saying the Danish prosecutor had charged at least two other former managers at Danske Bank in relation to the money laundering case, but did not give any names.

Denmark’s state prosecutor filed preliminary charges against Danske Bank itself in November for alleged violations of the country’s anti-money laundering act in relation to its Estonian branch. The prosecutor said at the time he would clarify whether individuals could be held responsible.

The money laundering scandal has spread to Sweden where Swedbank in March dismissed its chief executive over allegations its Baltic accounts were used to launder money, (via Reuters).

Along with Borgen, Danish prosecutors charged an additional nine former Danske Bank managers over their suspected involvement in one of the world’s biggest money laundering scandals, newspaper Berlingske reported on Wednesday, citing unidentified sources.

No current or former members of Danske Bank’s board - which appoints the management team and sets strategy - have been charged, according to the Berlingske report, (via Reuters).

Danske hires new top AML talent to repair program, reputation

Danske has also made a high-profile hire to rebuild and repair its tattered AML regime, adding Satnam Lehal, who will join Danske Bank as Head of Financial Crime in July, a unit responsible for supporting the institution in preventing money laundering, terrorist financing, fraud, bribery and corruption and ensuring strict adherence to sanctions and embargoes requirements. 

Lehal, aged 41, joins Danske Bank from Morgan Stanley in London where he has worked since 2009, most recently as Managing Director responsible for Financial Crime across EMEA and Asia. 

He will report directly to Philippe Vollot, Danske Bank’s Chief Compliance Officer who is also a member of the Executive Board, (via Danske Bank).

Monroe’s Musings:

With the pressure building for federal authorities in Denmark to make a significant move to save face and show it has a strong enforcement ethos in the wake of one of the world’s largest money laundering scandals, the news of top Danske officials essentially becoming heads on a platter is almost expected.

But for many banks, and financial crime compliance professionals in the United States, the news is still somewhat shocking.

The country has seen federal and state regulators and investigators levy massive penalties for AML and sanctions missteps – with BNP Paribas paying a record $9 billion for dealing with blacklisted regimes and entities.

And while in the wake of some fincrime penalties some AML compliance officers resigned or were moved to other parts of the bank, CEOs seemed to be made of Teflon. But that is not the case in the Nordic and Baltic regions.

Swedbank booted its CEO in the wake of its version of the Danske scandal, and now the bank at the center of the blackhole is looking at its top officials facing both professional besmirching and potentially even formal financial crime charges.

Look for these moves to spur other CEOs with exposure to the scandal, and those trying to insulate themselves and their banks from getting caught in the expanding net due to the inherent interconnectedness of the global financial system, to – all of a sudden! – realize that financial crime compliance is worthy of added budgets, resources, systems and attention.

Corporate Transparency

U.K. government failing in oversight, enforcement of beneficial ownership registries, opening the door to criminals, launders

More than 300,000 companies in the United Kingdom have taken advantage of gaping loopholes and weak regulatory oversight to evade rules on detailing their flesh and blood beneficial owners, making it easier for criminals and the corrupt to hide illicit controlling interests, according to an international transparency watchdog operation.

Those are just some of the findings from a report by London-based Global Witness, which uncovered that 336,224 corporations have reported to the U.K. Companies House they have no beneficial owner to declare, a jump of 335,010 from the prior year, with thousands of these firms also replete with the red flags of corruption and money laundering.

“UK companies and partnerships have been at the heart of some of the worst money laundering scandals of recent years involving hundreds of billions of pounds - not least at Danske Bank in Estonia and the Troika Laundromat,” according to a blog posting by the group.

“While the Government led the world when it created the first fully open register of the real owners behind companies in 2016, it hasn’t finished the job by ensuring the information is checked and that the rules are enforced.”

Here are some snapshots from the report:

  • 336,224 companies simply say they have no beneficial owner - which is allowed if no individual holds more than 25% of the shares of the company
  • 6,711 companies are controlled by a beneficial owner who themselves control over 100 companies, suggesting likely nominees
  • 487 companies are part of circular ownership structures, where they appear to control themselves
  • 8,872 companies name another foreign company as their ultimate owner which is unlikely to be listed on a recognized stock exchange (and therefore be compliant with the rules) 

In tandem, the inability of the corporate regulatory body to better review, update and enforce laws around ownership accuracy and transparency has allowed a slew of domestic and foreign risky groups to control firms for potentially illicit ends.

The report highlighted that:

  • 2,083 company owners are disqualified directors - people who previously failed in their responsibilities and are banned from being a director in future
  • 1,519 company officers or beneficial owners are politicians - who as a result of their public positions may be at greater risk of corruption
  • 136,682 officers or beneficial owners are based in secrecy jurisdictions e.g. British Virgin Islands
  • 228,295 companies are registered at a company factory or mailbox address, with little or no connection to the actual place of business or owner

The U.K. is under even more pressure to improve the accuracy and depth of corporate data and keep the information updated with global money laundering and “laundromat” scandals further demonstrating the craftiness and creativity of criminal and terror groups – always looking for a weak link in the counter-crime chain.

“Continued foot dragging by Government will only risk UK companies being implicated in the next major money laundering scandal, and do nothing to address the UK's reputation as an enabler of global corruption.  While the flaws of the company register are serious, the UK Government has every opportunity to fix these now,” (via Global Witness).

Monroe’s Musings:

Anonymous beneficial ownership structures can hide all manner of ills, including criminals, money launderers, fraudsters, corrupt oligarchs, terrorists, tax evaders and more.

So it was with great fanfare that the United Kingdom took the lead in requiring corporates to capture beneficial ownership details and put them in a database to make them available for key parties.

But even as this historic and herculean effort came together, there were rumblings, as if done by a soothsayer, whispering how will the U.K. review the accuracy of the data, keep it up to date and enforce these requirements when companies attempt to game the system or purposely give weak or useless information.

Exactly what watchdog groups feared, according to Global Witness, has broadly come to pass. The U.K. is a world leader in financial crime and compliance rules, essentially “gold plating” the international standards of the Paris-based Financial Action Task Force (FATF).

But strong laws, including those to stamp out opaque ownership structures, without requisite oversight and enforcement for scofflaws will never reach their full potential.

Although it will be a challenge, U.K. authorities need to devote more resources, both human and machine, to set up a system where it can check submitted beneficial ownership information, check it against available open source information, and hold the company – and individuals – accountable to make statement-making penalties dissuasive enough to ensure beneficial ownership accuracy, transparency and timeliness.

Drugs/crypto/money laundering

DOJ, Europol shut down darknet marketplaces selling illicit drugs, in one case after moderator leaks backend credentials in failed blackmail plot

International authorities have indicted the administrators of DeepDotWeb for money laundering tied to link kickback scheme to drive sales of fentanyl, heroin and a bevy of other illicit goods, such as stolen credit data and hacking tools on the darknet – the second major darknet takedown in less than a week.

Federal prosecutors say the administrators referred hundreds of thousands of users to darknet marketplaces, profiting in the millions of dollars from individuals buying hundreds of millions of dollars worth of drugs, guns and other blacklisted items. Authorities have seized the site.

“This is the single most significant law enforcement disruption of the Darknet to date,” said U.S. Attorney Scott Brady. “While there have been successful prosecutions of various Darknet marketplaces, this prosecution is the first to attack the infrastructure supporting the Darknet itself.”

Court documents say that since October 2013, Tal Prihar and Michael Phan owned and operated DDW, hosted at and also accessible on the Darknet at DeepDot35Wveyd5.onion.

Federal prosecutors say DDW provided users with direct access to cabal of online darknet marketplaces, not accessible through traditional search engines,  at which vendors offered for sale illegal narcotics such as fentanyl, carfentanil, cocaine, heroin, and crystal methamphetamine, firearms, including assault rifles, malicious software and hacking tools; stolen financial information and payment cards and numbers; access device-making equipment and other illegal contraband. 

Prihar and Phan received kickback payments, representing commissions on the proceeds from each purchase of the illegal goods made by individuals referred to a Darknet marketplace from the DDW site. 

These kickback payments were made in virtual currency, such as bitcoin, and paid into a DDW-controlled bitcoin “wallet.”

To conceal and disguise the nature and source of the illegal proceeds, totaling over $15 million, Prihar and Phan transferred their illegal kickback payments from their DDW bitcoin wallet to other bitcoin accounts and to bank accounts they controlled in the names of shell companies.

According to the indictment, Darknet marketplaces operated on the “Tor” network, a computer network designed to facilitate anonymous communication over the Internet. 

Because of Tor’s structure, a user who wanted to visit a particular Darknet marketplace needed to know the site’s exact .onion address. DDW simplified this process by including pages of hyperlinks to various Darknet marketplaces’ .onion addresses.

Further, the indictment alleges that users who visited DDW were able to click on the hyperlinks to navigate directly to the Darknet marketplaces. 

Embedded in these links were unique account identifiers, which enabled the individual marketplaces to pay what they referred to as “Referral Bonuses,” to DDW. 

Kickbacks in the form of referral bonuses, paid in virtual currency, were a percentage of the profits of all of the activities conducted on the marketplace by any user who made purchases on the marketplace by using DDW’s customized referral link. 

Through the use of the referral links, DDW received kickbacks from Darknet marketplaces every time a purchaser used DDW to buy illegal narcotics or other illegal goods on the marketplace.

During the time period relevant to this Indictment, DDW’s referral links were widely used by users in the Western District of Pennsylvania and elsewhere to access and then create accounts on many Darknet marketplaces, including AlphaBay Market, Agora Market, Abraxas Market, Dream Market, Valhalla Market, Hansa Market, TradeRoute Market, Dr. D’s, Wall Street Market, and Tochka Market. 

When AlphaBay was seized by law enforcement in 2017, it was one of the largest Darknet markets that offered illegal drugs, fraudulent identification materials, counterfeit goods, hacking tools, malware, firearms, and toxic chemicals. 

Nearly a quarter, 23.6 percent, of all orders completed on AlphaBay were associated with an account created through a DDW referral link, meaning that DDW received a referral fee for 23.6 percent of all orders made on AlphaBay.

“Websites like DeepDotWeb pose global threats that require global partnerships,” said FBI Special Agent in Charge Jones.  “The efforts of federal and international law enforcement should send the message that we are coming after the operators of these dangerous websites.”

To read the DOJ release, click here. To read the Europol release, click here.

This is the third major darknet site takedown for authorities in recent days.

Last week, Europol and other U.S. and international authorities took down two prolific dark web marketplaces in simultaneous global operations: the Wall Street Market and the Silkkitie, known as the Valhalla Marketplace.

Authorities also arrested those responsible for the world’s second largest illegal online market in the dark web, Wall Street Market, in Germany, and agents in the U.S. as well arrested two of the highest-selling suppliers of narcotics.

Finnish authorities shut down Silkkitie earlier this year. When the same traders moved their activities to another illegal trade site on Tor, German authorities brought their illegal activities to an end.

The online marketplace Wall Street market was the world's second largest dark web market, enabling the trade in drugs (including cocaine, heroin, cannabis and amphetamines), stolen data, fake documents and malicious software, according to Europol.

The illegal platform was exclusively accessible via the Tor network in the so-called Darknet and aimed at international trade in criminal goods. In some media reports, one of the site’s own moderators leaked login credentials that could have aided authorities in a bid to get some of the more than $13 million in virtual currency stolen by the site’s administrators.

Most recently, more than 63, 000 sales offers were placed on the online marketplace and more than one million customer accounts and more than 5,400 sellers registered.

For payment, the users of the online marketplace used the crypto currencies Bitcoin and Monero. The alleged marketplace officials are said to have received commission payments of two to six percent of the sales value for the settlement of illegal sales of the platform.

To read the Europol release, click here.

Monroe’s Musings:

These cases about U.S., European and other authorities teaming up to find the obscure, darknet entities behind illicit darkweb marketplaces, and any related sites making it easier for criminals to sell their illicit booty, should make groups think twice about starting similar initiatives.

Why? These cases clearly reveal that multiple countries are tag-teaming to more aggressively, quickly and completely put together the diffuse and scattered pieces of a puzzle to uncover the humans involved in investigations that these countries may not have been able to crack by themselves.

In the last few years, U.S. federal investigators have taken down many of the largest darkweb marketplaces, so are getting more creative in crafting new tools, both human and technology-driven, to follow the money in both the real and virtual worlds.

Seemingly anonymous Tor networks are no longer the impenetrable shield holding back authorities from taking down these sites and those behind them, so current operations should think twice about continuing – lest they find themselves raided, arrested and facing justice in multiple jurisdictions. 


Finra issues new AML guidance for trading sector heightening scrutiny on depth, accuracy of CDD, red flags in deposits, trading, funds flows

The chief self-regulatory body of the country’s securities sector Monday issued new financial crime compliance guidance to better sensitize broker dealers in all areas of the trading chain about red flags for potential illicit activity at the beginning of a customer relationship, and when funds and stocks move – a prescriptive, detailed document formally putting the industry on notice.

The 12-page notice, which covers some familiar territory trod in prior notices and borne out in anti-money laundering (AML) enforcements, details some of the tenets of aberrant behavior in five over-arching categories and one catch-all general category to help determine when to file a suspicious activity report (SAR):

  1.  Potential Red Flags in Customer Due Diligence and Interactions with Customers
  2.  Potential Red Flags in Deposits of Securities
  3.  Potential Red Flags in Securities Trading
  4.  Potential Red Flags in Money Movements
  5.  Potential Red Flags in Insurance Products
  6.  Other Potential Red Flags

Finra states that not every red flag will immediately lead to fraud or money laundering cases but that “upon detection of red flags through monitoring, firms should consider whether additional investigation, customer due diligence measures or a SAR filing may be warranted.

Here are some snapshots:

Potential Red Flags in Customer Due Diligence and Interactions With Customers

·       The customer provides the firm with unusual or suspicious identification documents that cannot be readily verified or are inconsistent with other statements or documents provided.

·       The customer is reluctant or refuses to provide the firm with complete customer due diligence information, including information regarding the nature and purpose of the customer’s business, prior financial relationships, anticipated account activity, business location and, if applicable, the entity’s officers and directors.

·       The customer refuses to identify a legitimate source of funds or information is false, misleading or substantially incorrect.

Potential Red Flags in Deposits of Securities

·       A customer opens a new account and deposits physical certificates, or delivers in shares electronically, representing a large block of thinly traded or low-priced securities.

·       A customer has a pattern of depositing physical share certificates, or a pattern of delivering in shares electronically, immediately selling the shares and then wiring, or otherwise transferring out the proceeds of the sale(s).

·       Seemingly unrelated clients open accounts on or at about the same time, deposit the same low-priced security and subsequently liquidate the security in a manner that suggests coordination.

Potential Red Flags in Securities Trading

·       The customer, for no apparent reason or in conjunction with other “red flags,” engages in transactions involving certain types of securities, such as penny stocks, Regulation “S” stocks and bearer bonds, which although legitimate, have been used in connection with fraudulent schemes and money laundering activity.

·       There is a sudden spike in investor demand for, coupled with a rising price in, a thinly traded or low-priced security.

·       The customer’s activity represents a significant proportion of the daily trading volume in a thinly traded or low-priced security, (via Finra).

Monroe’s Musings:

The guidance is clearly a move by Finra leadership to help securities firms with one of the most-oft cited failings in fincrime compliance penalties: the depth and accuracy of the AML customer risk assessment at the outset of a relationship, the expertise and decision-making of analysts and the shepherding and escalating of hits from transaction monitoring systems to become SARs.

Finra has also made a very direct statement to all of the parties involved in what can be a very attenuated securities trading chain, with introducing brokers, and clearing brokers and some brokers working for multiple operations.

The bottom line: depending on the structure it can be multiple people dealing with one customer on AML, so in recent compliance history, that leads to a pass the buck mentality where everyone thinks the other person is responsible for doing customer risk assessments, or monitoring, or reviewing alerts and escalating alerts.

In the case of Finra, the regulator has soundly in a resounding way said examiners won’t put up with that any more. They want each entity to clearly take care of their piece of the AML puzzle and ensure that information moves up the chain so nothing is missed. Consider all parties, no matter the AML structure, put on notice.

©2018 Association of Certified Financial Crime Specialists
All Rights Reserved