• Dutch authorities have hit the third largest bank in the Netherlands with a penalty of more than a half a billion dollars for longstanding failings in nearly every area of its fincrime compliance program, including lax customer risk scoring, shoddy alert investigations and missed reports of potential suspicious activity.
• The Netherlands Public Prosecution Service (NPPS) has settled its probe into Amsterdam-based ABN Amro Bank for 480 million euros, or just less than $583 million, for falling “seriously short” of anti-money laundering (AML) compliance program requirements and being considered “culpable” in aiding criminal groups in cleansing ill-gotten gains.
• The settlement, however, while lifting one specter of uncertainty for a banking group more than 300 years old, still has lingering tethers of risk in one of the most feared arenas of compliance enforcement: individual liability.
• The NPPS stated that the investigation into the individuals responsible is ongoing, but the agency has already identified three former members of the bank’s board of directors as being “effectively responsible” for the AML violations – a detail that should not be lost on top compliance executives, the C-suite and the typically aloof, insulated and protected board members.

By Brian Monroe
bmonroe@acfcs.org
April 28, 2021

Dutch authorities have hit the third largest bank in the Netherlands with a penalty of more than a half a billion dollars for longstanding failings in nearly every area of its fincrime compliance program, including lax customer risk scoring, shoddy alert investigations and missed reports of potential suspicious activity.

The Netherlands Public Prosecution Service (NPPS) has settled its probe into Amsterdam-based ABN Amro Bank for 480 million euros, or just less than $583 million, for falling “seriously short” of anti-money laundering (AML) compliance program requirements and being considered “culpable” in aiding criminal groups in cleansing ill-gotten gains.

To read the full release and related statement of facts and settlement details, click here.

The settlement, however, while lifting one specter of uncertainty for a banking group more than 300 years old, still has lingering tethers of risk in one of the most feared arenas of compliance enforcement: individual liability.

The NPPS stated that the investigation into the individuals responsible is ongoing, but the agency has already identified three former members of the bank’s board of directors as being “effectively responsible” for the AML violations – a detail that should not be lost on top compliance executives, the C-suite and the typically aloof, insulated and protected board members.

Depending on the final tally of evidence gathered, these directors – and others – could be criminally prosecuted for money laundering.

In recent years, the Netherlands – along with other Nordic and Baltic regulators, investigators and watchdog bodies – has become a stronghold of compliance enforcement in Europe, levying historic, U.S.-style penalties against banks in the country, with the 2018 AML action against ING Groep approaching the $1 billion mark.

Investigators stated that between roughly 2014 and 2020 – and even during a massive retooling, restructuring and staffing ramp up of AML in 2019 – ABN Amro fell “seriously short” of the country’s AML rules.

Those prolonged and pervasive failings – throughout foundational areas of AML, including customer due diligence and risk scoring, to the more advanced, arcane and subjective environs of alert investigations and dispositions and filing of reports on suspicious activity – gave carte blanche to “clients engaged in criminal activities…for a long time.”

AML breaches at ABN Amro both ‘serious’ and ‘structural’

Investigators detailed a bevy of weaknesses and “serious shortcomings” in all areas of ABN Amro’s AML program, including:

• Lack of customer diligence, data, documents: With regard to each of the four Business Lines, it was for example determined that client data or documents were missing, or that the source of data in client files was unclear.
• Tanking the risk ranking: ABN AMRO did not properly conduct client due diligence and the related risk assessment and finalized risk classification. That led to the bank assigning risk classifications to a considerable part of its clients in an incorrect manner.
• Automatons running amok: Due to a faulty automated analysis of identity data, some 5.5 million Mass Retail clients were in fact classified in the lowest risk category ‘00 neutral,’ without adequate risk analysis a structural failing due to a lack of due diligence depth. These gaps also bled into risk scoring tied to cash transaction expectations.
• Transaction monitoring, alert investigation, disposition: Investigators found further weaknesses tied to ABN Amro transaction monitoring, including adverse events and changes feeding bank into the original risk ranking – and thus re-tuning the transaction monitoring protocols more tightly to those now higher risk entities.
• Poor ratio of alerts to investigators: The transaction monitoring system structurally generated more alerts than the staff were able to handle. As a result, for several years ABN AMRO struggled with a backlog in handling alerts. There were several instances of late reporting to the country’s financial intelligence unit (FIU).
• When the exit becomes a revolving door: There were shortcomings in ABN AMRO’s exit process, as a result of which it could happen that the bank did not terminate relationships with clients with an ‘unacceptable’ risk classification, or that clients that had been exited were nonetheless able to become clients, once again.

What does ‘culpable money laundering’ mean?

Beyond broad, system-wide failings in AML prongs, programs and processes, investigators also highlighted several specific examples that constituted the foundation of the accusation of “culpable money laundering.”

In short: these include unusual transactions out of scope with the business, nebulous origin of funds, politically-exposed persons, cash and more.

Overall, Dutch investigators highlighted “dozens” of instances where they believe the bank should have picked up on the aberrant activities and reported them to authorities, leading to illicit entities “abusing” accounts for their own purposes.

The failings included a panoply of suspected crimes, from tax finagling to corruption, laundering to fraud.

Here are some of the examples:

A ’low risk’ tax fracas:

One client of ABN AMRO, who had been allocated the lowest risk classification, had opened a total of 192 bank accounts with ABN AMRO for 49 of their companies, between 2014 and 2018.

These accounts were mostly inactive. This client committed fiscal fraud, receiving almost EUR 200,000 from the Tax Authorities on its business accounts. Following transfer to their private accounts with ABN AMRO, most of this money was spent or withdrawn in cash by the client.

Despite the various signals and doubts that existed within ABN AMRO regarding this client, the risk classification remained low. The bank did not report unusual transactions to the FIU until the start of the criminal investigation into the client.

Gambling with the devil

Another client of ABN AMRO, also with a low-risk classification, was employed in the financial department of a wholesaler. The client had a gambling addiction, had debts, and his account was constantly overdrawn. ABN AMRO was aware of these problems.

The client adjusted the details of the funds of his employer’s debtors, which resulted in these funds being transferred to his own bank account at ABN AMRO. Over a nine-month period, an amount in excess of EUR 4.3 million was transferred to the personal bank account of the client.

That money was then almost entirely spent gambling away.

ABN AMRO hardly performed client due diligence on this client, the client file turned out to be incomplete and the deviations from the usual transaction pattern did not generate any alerts in the transaction monitoring system.

Negative news corrupts completely

Another example relates to two Dutch companies that held bank accounts with ABN AMRO. In the period 2010 through to 2017, payments passed via the accounts of these two companies totalling several tens of millions.

A corruption case in which these companies were supposedly involved was widely covered in national and international media since 2015. Nonetheless, it took ABN AMRO until March 2019 to first report to the FIU.

It was also found that there were shortcomings in the client due diligence regarding these two companies.

What does ‘culpable money laundering’ mean?

Beyond broad, system-wide failings in AML prongs, programs and processes, investigators also highlighted several specific examples that constituted the foundation of the accusation of “culpable money laundering.”

In short: these include unusual transactions out of scope with the business, nebulous origin of funds, politically-exposed persons, cash and more.

Overall, Dutch investigators highlighted “dozens” of instances where they believe the bank should have picked up on the aberrant activities and reported them to authorities, leading to illicit entities “abusing” accounts for their own purposes.

The failings included a panoply of suspected crimes, from tax finagling to corruption, laundering to fraud.

Here are some of the examples:

A ’low risk’ tax fracas:

One client of ABN AMRO, who had been allocated the lowest risk classification, had opened a total of 192 bank accounts with ABN AMRO for 49 of their companies, between 2014 and 2018.

These accounts were mostly inactive. This client committed fiscal fraud, receiving almost EUR 200,000 from the Tax Authorities on its business accounts. Following transfer to their private accounts with ABN AMRO, most of this money was spent or withdrawn in cash by the client.

Despite the various signals and doubts that existed within ABN AMRO regarding this client, the risk classification remained low. The bank did not report unusual transactions to the FIU until the start of the criminal investigation into the client.

Gambling with the devil

Another client of ABN AMRO, also with a low-risk classification, was employed in the financial department of a wholesaler. The client had a gambling addiction, had debts, and his account was constantly overdrawn. ABN AMRO was aware of these problems.

The client adjusted the details of the funds of his employer’s debtors, which resulted in these funds being transferred to his own bank account at ABN AMRO. Over a nine-month period, an amount in excess of EUR 4.3 million was transferred to the personal bank account of the client.

That money was then almost entirely spent gambling away.

ABN AMRO hardly performed client due diligence on this client, the client file turned out to be incomplete and the deviations from the usual transaction pattern did not generate any alerts in the transaction monitoring system.

Negative news corrupts completely

Another example relates to two Dutch companies that held bank accounts with ABN AMRO. In the period 2010 through to 2017, payments passed via the accounts of these two companies totalling several tens of millions.

A corruption case in which these companies were supposedly involved was widely covered in national and international media since 2015. Nonetheless, it took ABN AMRO until March 2019 to first report to the FIU.

It was also found that there were shortcomings in the client due diligence regarding these two companies.

Ratings agencies not rattled on bank after penalty

While penalties, remediation and reputational costs for AML failings can feel costly, ratings agencies didn’t pillory ABN Amro, but instead pulled out bright spots seemingly hidden among all of the bad news.

For example, even though the “identified deficiencies are serious,” they “largely relate to the period before the 2019 launch of the bank’s detecting financial crime comprehensive plan,” according to Fitch Ratings.

As part of the mandated remediation and company-wide AML upgrades, ABN Amro strengthened its IT infrastructure, centralized AML-related controls and hired a large number of full-time employees, expected to surge to 4,200 this year, double of what it was just a year ago, at a cost of more than $500 million.

With the settlement now finalized, the sentiment from industry and outside reviewers is that Dutch authorities have assessed the bank’s program, expected to be fully operational and finalized next year, to “be sufficient to restore compliance with the law.”

As well, on the plus side, the investigation “did not find evidence that the bank was systematically involved in suspicious transactions or pursued high-risk customers,” according to analysts.

In all, Fitch notes that the penalty will “cause a small loss in 1Q21.”

But, don’t fret, the seemingly hefty and statement-making settlement “will be comfortably absorbed by the bank’s annual operating profit, which we expect to recover to about EUR1 billion in 2021 from close to break-even in 2020.”

Only time will tell if the bank is able to execute on its promises of improvement to craft a “culture of compliance” that can, as the regulators want, put all the various pieces together.

But, at the very least, the institution is working on another aspect of compliance much ballyhooed in the United States and internationally, a “tone from the top.”

“As a bank we do not merely have a legal, but also a moral duty to do our utmost to protect the financial system against abuse by criminals,” ABN Amro CEO Robert Swaak said.

“In fulfilling this duty, we aim to make a meaningful contribution to a safer society,” he said. “Regretfully, I have to acknowledge that in the past we have been insufficiently successful in properly fulfilling our important role as gatekeeper. This is unacceptable and we take full responsibility for this.”