|
On 13 September 2022, the Central Bank of Ireland (the Central Bank) reprimanded and fined Danske Bank A/S, trading in Ireland as Danske Bank, €1,820,000 pursuant to its Administrative Sanctions Procedure for three breaches of the Criminal Justice (Money Laundering & Terrorist Financing) Act 2010, as amended (the CJA).
The three CJA breaches stem from the failure by Danske Bank A/S (Danske) to ensure that its automated transaction monitoring system monitored the transactions of certain categories of customers of its Irish branch1, for a period of almost nine years, between 2010 and 2019. The root cause of this failure was historic data filters that were applied within Danske’s automated transaction monitoring system, first implemented in 2005 and rolled out to the Irish branch in 2006. Danske failed to consider the appropriateness of these historic data filters within the system or make any adjustments to the system to take account of the specific requirements of the CJA when it came into force in Ireland in 2010. This led to the erroneous exclusion of certain categories of customers from transaction monitoring, including some customers rated by Danske as high and medium risk, which caused the three breaches of the CJA in this case. In May 2015, Danske became aware, as a result of an internal audit report, of the inadequacies in its transaction monitoring system and the nature of the risks they posed, yet it failed to notify the Irish branch of these issues and to take adequate action for almost four years. It is estimated that between 31 August 2015 and 31 March 2019, 348,321 transactions, equating to approximately one in forty or 2.43% of all transactions processed through the Irish branch were not monitored for money laundering and terrorist financing risk. The Central Bank has determined the appropriate fine to be €2,600,000, which has been reduced by 30%2 to €1,820,000 in accordance with the early settlement discount scheme provided for in the Central Bank’s Administrative Sanctions Procedure (ASP). This is the first penalty that the Central Bank has imposed on a financial institution which is incorporated and supervised outside of Ireland (i.e. in Denmark) but which operates in Ireland as a branch on a passport basis3. The Central Bank has responsibility for Anti-Money Laundering/Countering the Financing of Terrorism (AML/CFT) supervision of Danske’s branch operations in Ireland. The three breaches comprised of failures by Danske under the CJA relating to:
The Central Bank’s Director of Enforcement and Anti-Money Laundering, Seana Cunningham, said: “The importance of transaction monitoring in the global fight against money laundering and terrorist financing cannot be overstated. It is imperative that firms implement robust transaction monitoring controls which are appropriate to the money laundering risks present and the size, activities, and complexity of their business. These controls must be applied to all customers, irrespective of their risk rating, as they enable firms to detect unusual transactions or patterns of transactions and where required apply enhanced customer due diligence to determine whether the transactions are suspicious. The Central Bank recognises that while firms may rely on automated solutions for transaction monitoring, they must ensure that systems employed for this purpose are appropriately monitored, and calibrated correctly to take account of the actual money laundering or terrorist financing risk to which the firm is exposed. In this case, the transaction monitoring system used by the Irish branch was a Danske group wide automated system that had applied historic data filters which operated to erroneously exclude certain categories of customers from being monitored for a period of almost nine years. This led to the serious breaches in this case. This case highlights the requirement for firms, including those operating in Ireland on a branch basis, to ensure that group systems, controls, policies and procedures are compatible with Irish legal requirements and to ensure that their governance framework and risk management measures operate effectively. These should be risk-based and proportionate, informed by firms’ business risk assessment of their money laundering and terrorist financing risk exposure. Danske became aware that its automated transaction monitoring system erroneously excluded certain categories of customers in May 2015 but failed to rectify it or notify the Irish branch or the Central Bank of this issue. It was only in October 2018 when the Irish branch identified the issue that steps were taken to rectify it, which were completed in March 2019. However, the Central Bank was not informed of the issue until February 2019. The failures to rectify the issue and to notify the Central Bank promptly are aggravating factors in this case. The Central Bank expects firms to bring failures to its attention at the earliest opportunity and to act expediently to address identified errors. The Central Bank will hold firms, including those operating in Ireland on a passporting basis, fully accountable where they fail to take such actions. Anti-money laundering and countering the financing of terrorism compliance is, and will remain, a key priority for the Central Bank. This case demonstrates our willingness to pursue enforcement actions and impose sanctions where firms fail in their anti-money laundering/countering the financing of terrorism compliance.” Background Danske is a credit institution incorporated in Denmark and authorised there by the Danish Financial Supervisory Authority (the Danish FSA). It is the largest bank in Denmark serving personal, business, corporate and institutional clients and operates in a number of other countries via a branch network. Danske’s Irish branch operates on a ‘freedom of establishment’ basis i.e. because Danske is established and authorised in Denmark, it is entitled to ‘passport’ in to Ireland and establish a branch here. The Irish branch is not a separate legal entity to Danske, and it is for this reason that Danske is the named party in the enforcement action. Supervision of the Irish branch sits predominantly with the Danish FSA (as home regulator) but the Central Bank (as host country) regulates it for conduct of business rules and is responsible for supervision of compliance by Danske’s branch operations in Ireland with AML/CFT obligations under the CJA. Danske’s Irish branch predominantly provides banking services to large corporate and institutional customers including the public sector in Ireland4. Consequently, transaction volumes through the Irish branch, including cross-border funds transfers, are substantial. The Irish branch utilises a group wide automated transaction monitoring system that is implemented and managed by Danske from Denmark. The Legislative Framework The CJA requires a credit and financial institution to monitor any business relationship that it has with a customer to the extent reasonably warranted by the risk of money laundering/terrorist financing (ML/TF). ‘Transaction Monitoring’ forms part of a broader system of interconnected elements that comprise a firm’s defence against ML/TF and is an important method which assists firms in identifying high risk situations which may require enhanced due diligence on a customer. Firms are also required to adopt and maintain a system of policies, procedures and controls in relation to AML/CFT, and to monitor compliance with those policies, procedures and controls. Such policies, procedures and controls include, inter alia, those dealing with the monitoring of transactions for the identification and scrutiny of any complex, large or unusual patterns of transactions. The Investigation The Central Bank’s investigation confirmed serious inadequacies within Danske’s automated transaction monitoring system. Historic filters were applied to Danske’s automated transaction monitoring system which erroneously excluded certain categories of customers from transaction monitoring. This led to Danske being in breach of certain obligations under the CJA which gave rise to the three breaches in this case (see below under Prescribed Contraventions for further detail). The investigation found that the exclusion of certain categories of customers from transaction monitoring was first identified in a May 2015 internal audit report. The May 2015 internal audit report also identified inadequacies with Danske’s transaction monitoring policies for certain categories of customers. However, these internal audit findings were not communicated by Danske to either its Irish branch or the Central Bank. Steps were only taken to monitor the transactions of these customers in October 2018 when the Irish branch became aware of the issue, which were completed by the end of March 2019. The Central Bank was not informed of this issue until February 2019. To illustrate the scale of the failure to monitor, it is estimated that, during the period from 2015 to 2019 when Danske was aware of the issue, 348,321 transactions, equating to approximately one in every forty or 2.43% of all transactions processed through the Irish branch were not monitored. Danske has confirmed to the Central Bank that by the end of March 2019 it had fully deactivated the erroneous historic filters which gave rise to the breaches in this case. Danske has also confirmed that by April 2020, it completed a third party review exercise for the period 2016 to 2019. Danske has advised that the outcome of the review showed that the risk of suspicious transactions amongst those examined was very low. Prescribed Contraventions The Central Bank's investigation identified three breaches of the CJA, as set out below. Breach by failure to conduct transaction monitoring Between 15 July 2010 and 31 March 2019 Danske breached sections 30B(1)(a), 35(3) and 36A(1) (as applicable) of the CJA by failing to monitor the transactions of certain categories of customers for money laundering and terrorist financing risk. The failure meant that the Irish branch was not in a position to:
Breach in relation to enhanced customer due diligence measures Between 14 June 2013 and 31 March 2019 Danske breached section 39 of the CJA on the basis that by failing to conduct transaction monitoring on certain categories of customers, it did not take into consideration an important part of due diligence i.e. transaction monitoring data, which is necessary to identify and assess ML/TF risks specific to those customers and identify whether additional measures were required on these certain categories of customers. Breach in adopting ML/TF policies and procedures Between 15 July 2010 and 31 March 2019, Danske breached sections 54(1), 54(2) and 54(4) of the CJA on the basis that the policies, procedures and controls that were in place did not operate to identify the erroneous exclusion of certain categories of customers from transaction monitoring as set out above. The May 2015 internal audit report identified inadequacies with Danske’s transaction monitoring policies for certain categories of customers and Danske took some steps in 2015 to address this by introducing a new AML/CFT policy. Nonetheless, certain categories of customers continued to be excluded from transaction monitoring in the Irish branch. Penalty Decision Factors In deciding the appropriate penalty to impose, the Central Bank had regard to the Outline of the Administrative Sanctions Procedure, dated 2018 and the ASP Sanctions Guidance, dated November 2019. It considered the need to impose a level of penalty proportionate to the nature, seriousness and impact of the contraventions. The following particular factors are highlighted in this case: The Nature, Seriousness and Impact of the Contraventions Two of the breaches were ongoing for almost nine years, and the other was ongoing for almost six years. The breaches represent serious weaknesses in Danske’s internal AML/CFT controls. Monitoring transactions, ensuring that an important part of due diligence is taken into consideration to identify where additional measures are required, and having effective policies, procedure and controls are critical parts of a firm’s internal AML/CFT framework. Danske’s failures in this regard in respect of certain categories of customers that transacted through its Irish branch reveal serious weaknesses in these controls. From its May 2015 internal audit report, Danske became aware of the inadequacies in its transaction monitoring system, the nature of the ML/TF risks that they posed and that it was at risk of non-compliance with legal requirements. Despite this, Danske failed to take adequate action for almost four years or to inform the Irish branch of these internal audit findings. The breaches of the CJA after this point were reckless. The Central Bank considers that the breaches in this case represent a serious departure from the required standard. Two Aggravating Factors Failure to Report and Failure to Remediate promptly Danske was on notice of the inadequacies in its transaction monitoring system which erroneously excluded certain categories of customer from the time that they were uncovered in the May 2015 internal audit report but it did not report the matter to the Central Bank until February 2019, almost four years later. Furthermore, Danske continued to exclude certain categories of customers from transaction monitoring until March 2019. The Central Bank views both of these failures as particularly aggravating given the context of increased supervisory engagement it initiated in July 2018 with Danske following media reports of AML/CFT concerns in other jurisdictions in relation to Danske. Both of these failings are serious aggravating factors in this case. Other Considerations The following were also taken into consideration when determining the appropriate sanction:
1 This included a range of customers, including those categorised by Danske as banks, insurance, stockbrokers and specialised lending customers. 2 Further information is available on the Early Discount Scheme at point 4 of the Notes section. 3 In this case, Danske is “passporting in” to Ireland i.e. it uses an authorisation obtained in Denmark to sell its products or services in Ireland. The legal entity remains in Denmark, and it operates in Ireland by way of a ‘branch’. Further information on ‘passporting’ is available at point 8 of the Notes section. 4 This includes the Central Bank. Notes
0 Comments
20210730 - Anti-money laundering expert sentenced for allowing criminal money to be sent abroad30/7/2021 Anti-money laundering expert sentenced for allowing criminal money to be sent abroad
The former chairman of a UK group that represents the payment services industry has been sentenced today for an offence in connection with the laundering of the proceeds of an investment fraud worth £850,000 and involving more than 60 victims. Dominic Thorncroft, 56, was sentenced to 18 months' imprisonment suspended for 18 months at Southwark Crown Court of one count of failing to alert the authorities to money laundering, one count of breaching money laundering regulations and four counts of retaining a wrongful credit. Thorncroft was the former Chair of the Association of UK Payment Institutions who worked with lawmakers and financial regulators providing anti-money laundering advice and training. Thorncroft held himself out as a money laundering expert whose role was to protect members of the public and businesses from economic crime. However, he was a professional enabler to fraudsters, allowing his business to transfer their criminal proceeds abroad. An investigation by the Metropolitan Police, which began in 2016, found evidence that linked Thorncroft to an investment fraud which took place in 2014. This investigation revealed that Thorncroft had allowed his Money Service Bureau business to be used by the fraudsters to transfer money to Hong Kong and China. The CPS and the police were able to prove that Thorncroft should have known or suspected that the money passing through his business’s bank accounts was criminal property. Despite his substantial knowledge and expertise of money laundering, Thorncroft failed to alert the authorities to the suspicious activity and allowed it to continue. Stephane Pendered of the CPS said: “Dominic Thorncroft did not commit the fraud himself. However, his actions have allowed £850,000 defrauded from 60 individuals to be dispersed across the world. “Thorncroft promoted himself as an anti-money laundering expert but failed to live up to the standards he set for others, so when his business was clearly being used to launder criminal property, he failed to follow his own advice and report what was happening to the authorities.” The CPS is committed to continue to work alongside law enforcement to bring prosecutions where professional enablers are seen to assist criminals in this way. The CPS is also committed to working more widely with banks, businesses, charities and beyond, to help educate others so that they can avoid becoming victims of economic crime. This case was prosecuted by the Specialist Fraud Division of the CPS, a dedicated prosecuting team which deals with the most serious, complex, and difficult economic crime cases, including corruption and money-laundering. Notes to editors
https://www.ft.com/content/9418b322-ea5b-4220-af79-f061931ede50 https://www.cps.gov.uk/cps/news/anti-money-laundering-expert-sentenced-allowing-criminal-money-be-sent-abroad As bizarre customer care exchanges go, one we featured on this page last week between a reader and Revolut is hard to top. You may recall that our reader had Ryan as his surname and it led to him being contacted by his virtual bank and repeatedly asked – without anything by way of an explanation – if he was related to Eamon Ryan, the Green Party leader.
Mystified, our Ryan refused to answer what he believed to be a pointlessly random question and as a result his account was locked. Unable to get any kind of resolution, he mailed us and we mailed Revolut. It told us that it was merely doing what it was legally obliged to do under EU anti-money laundering rules. It said it was obliged to perform what it said was “enhanced due diligence” on so-called “politically exposed persons” and legally required to establish “whether a customer is a close relative or a close associate of a politically exposed person”. The statement said that our reader – and its customer – shared a name with a relative of an Irish politician and “on that basis the customer was asked whether he was related to that politician”. Revolut was right about having to follow the rules but even as we were writing the story, we realised it was asking more questions that it was answering. What is a politically exposed person(PEP)? How far down the political food chain does it reach? How did Revolut know our reader shared a first name with a relative of Eamon Ryan? What would have happened if he had answered the question with a yes? Or what if he had simply said no? Are other people similarly impacted? How do other banks deal with this EU directive? And that was just for starters. So we set about trying to answer some of the questions. First things first. The EU Anti-Money Laundering Directive was transposed into Irish law in 2018 as an amendment to the Criminal Justice (Money Laundering and Terrorist Financing) Act of 2010. The law says that a “politically exposed person” is an individual “who is, or has at any time in the preceding 12 months, been entrusted with a prominent public function”. ‘Due diligence’ This includes a “head of state, head of government, government minister or deputy or assistant government minister”. TDs, members of the “supreme court, constitutional court or other high level judicial body whose decisions, other than in exceptional circumstances, are not subject to further appeal” also feature as do members of a court of auditors or the board of a central bank, ambassador, chargé d’affairs or high-ranking officers in the armed forces. The Central Bank has said banks are obliged to carry out “enhanced customer due diligence” in relation to “politically exposed persons” as well as their immediate families and known close associates. “That’s because people who hold – or have held – a high political profile can pose a higher money-laundering risk to firms as their position may make them vulnerable to corruption such as accepting bribes or contributions to election campaigns and political parties in return for advantages”, the director general for financial conduct Derville Rowland said some time ago. The piece we carried about reader Ryan and Eamon Ryan prompted others who have had similar experiences when dealing with Revolut. Three of them stood out. First we heard from the daughter of an ex-county councillor in the west of Ireland who described a “truly bizarre situation”. She said her father had lost his seat in 2014 elections but Revolut still “badgered me through multiple messages asking was I related to [her father]. When I finally gave in and said yes, he’s my dad, they wanted to know what was his political affiliation, does he still hold those views, do I agree with them, will he go for a higher political position in the future and so on. A bit mental considering he was only a local councillor. They made me feel so uncomfortable I just cancelled the application, will stick with good old AIB.” Then there was the former minister’s son who said Revolut asked if he was related to the minister in question. “They just blocked my account with no explanation and I was really taken aback,” he said. “It was so bizarre and concerning. I asked them why they asked me about dad and they said they couldn’t disclose that information. It seems very irregular for a bank to ask for such information,” he said. His account remains blocked. We also heard from a former TD and Senator’s brother who was asked by Revolut if he was any relation. “I answered truthfully yes. I was informed that it was due to EU money laundering regs. My account is now frozen, I loaded up some documents, proof of savings but they now want to see proof of my employer’s account where my payslip wages come from. I don’t have the authority to give third-party details to anyone let alone Revolut. It looks like I am going to have to walk away from Revolut over this because I don’t wish to load confidential info up to an app to God knows who.” We highlighted these stories to Revolut. A spokesman stressed that all financial institutions “are required to identify immediate family members or close associates of PEPs using their products”. He said while such “questions may appear intrusive to those unfamiliar with regulatory requirements, establishing whether someone is a PEP is a legal obligation for all financial institutions. In relation to the daughter of the former councillor from the west of Ireland, the Revolut spokesman said it could “not locate any questions about the political affiliations of the individual’s father, his views, or his political future”. He said such questioning did not form part of its screening processes. The brother of the TD’s account was indeed limited until he supplied the requested documentation which Revolut said was its legal requirement. Similarly with the son of the former minister, the spokesman said the company was legally obliged to “verify his source of funds”, adding that it “should have explained to our customer that we are required by law to establish whether or not he was connected to a PEP. As made clear previously, we are updating our processes to ensure that this obligation is made clear in the future.” Humans not computers We also contacted Rachel Woolley, the global director of financial crimes at Fenergo, a company which among other things develops compliance software for financial institutions. She questioned Revolut’s approach as outlined by our readers although she stressed that all banks are obliged to follow anti-money laundering legislation. Anyone who opens a bank account will be asked for a lot of information and many application forms now have a section to declare if you are a politically exposed person or related to someone who is. Answering yes is not a bad thing, Woolley stresses, and not a black mark “but it does mean the account is monitored more closely”. The names of existing account holders, Woolly says, can also be thrown up as potential matches to PEPs or their friends and family through routine trawls of third- party software. “It is an ongoing process and if my mother becomes a politician that would come up as part of routine screening. Then an enhanced level of scrutiny would be applied to my account to confirm the source of funds and the source of wealth.” For a virtual bank such as Revolut, the source of the funds is typically another bank account and the source of the wealth is, more likely than not, a job. “Generally speaking this can be confirmed via a written statement or even an email but it should be an uncomplicated process,” she says. “It is not impossible to ask for pay- slips but it is certainly uncommon.” She says that financial institutions need to be compliant but should not be asking “completely out-of-context questions. This needs to be done in a sensible way and that is not always by trusting what the computer tells you to do. You always need a human at the end of the process to establish if this makes sense”. Central Bank says firm failed to report suspicious transactions promptly.
Bank of Ireland has been fined €3.15 million by the Central Bank for breaches to laws aimed at countering money laundering and terrorist financing, including the failure to report six suspicious transactions to the Garda and Revenue Commissioners promptly. According to the Central Bank: "The high volume and range of breaches uncovered as part of the Central Bank's investigation into Bank of Ireland point to significant weaknesses in the strength of Bank of Ireland's implementation of anti-money laundering and counterterrorist financing legislation. “Such behaviour is unacceptable and falls far short of the standard expected of one of Ireland’s largest retail banks.” It marks the second-largest penalty issued by the Central Bank in relation to the Criminal Justice (Money Laundering & Terrorist Financing) Act, 2010. Ulster Bank was fined €3.325 million last November and AIB was ordered last month to pay €2.275 million for similar violations. Bank of Ireland’s admitted to breaches between July 2010 and December 2015. These include not carrying out adequate assessments of risks of accounts being used for money laundering or terrorist financing and putting in proper mitigating systems and controls, according to the regulator. Money laundering and terrorist financing have become a key area of focus for regulators globally recently, with authorities from South Africa to Canada levying multimillion euro fines in the past year for weak anti-money laundering and counterterrorism controls. “The fine . . . in this case relates to control breaches and not actual money laundering or terrorist financing activities,” a spokesman for Bank of Ireland said. Due diligence The Central Bank found Bank of Ireland failed to carry out sufficient due diligence on an unnamed bank outside the EU, which used it for financial transactions locally. This type of activity, known as correspondent banking, carries a high risk as the domestic bank has limited information on the purpose of financial services it has agreed to carry out for an overseas lender. The regulator’s investigation also uncovered failings in relation to Bank of Ireland’s requirement to know its customers. Specifically, the bank, which remains 14 per cent State owned after the financial crisis, did not apply sufficient customer checks on an overseas “politically exposed person” to determine their source of funds and wealth. A politically exposed person can be defined as an individual who is, or has at any time in the preceding year, been entrusted with a prominent public function. A spokeswoman for the regulator and spokesman for the bank declined to identify the individual in this instance. Bank of Ireland said it takes its regulatory obligations seriously and regrets that these issues arose.
AIB has been fined €2.275 million by the Central Bank for failing to report potentially suspicious monetary transactions promptly to the Garda and Revenue.
The financial regulator found AIB guilty of six breaches of anti-money laundering laws and legislation to ensure funding doesn’t make its way to terrorist organisations. It said the breaches were the result of “significant failures” in AIB’s controls, policies and procedures. This is the biggest fine levied against AIB by the Central Bank and follows a €3.325 million fine issued last year to Ulster Bank for similar breaches.
The Central Bank has reprimanded Ulster Bank Ireland and announced fines of more than €3.3m.
The fines are in respect of anti-money laundering and terrorist financing failures, under the Criminal Justice Act. A Central Bank investigation found the bank had had left itself vulnerable to money-laundering and terrorist financing. The breaches, which occurred over a six-year period, have been admitted by Ulster Bank Ireland. The fine is the biggest ever issued by the Central Bank for breaches of the Criminal Justice (Money Laundering & Terrorist Financing) Act 2010, and brings the total number of fines it has issued this year to various financial institutions to €7.5m, writes Noel Baker. Ulster Bank Ireland admitted the breaches and settled for the fine of €3.325m, with the Central Bank stating that all matters were concluded last Thursday. It has emerged that the breaches at the bank were linked to outsourcing and occurred over a six-year period, beginning in 2010. The Central Bank launched its probe into the problems last year and the resulting fine is the second time in recent years it has reprimanded Ulster Bank. In November 2014, Ulster Bank was hit with a record €3.5m fine for a serious IT systems failure in June and July 2012, which left 600,000 customers without essential and basic banking services over a 28-day period. In explaining the issuing of the latest fine, the Central Bank said its investigation had identified a number of areas of non-compliance with regulations and Central Bank director of enforcement Derville Rowland lambasted Ulster Bank over its failings. “Ulster Bank Ireland’s breaches are especially concerning as they point to unacceptable weaknesses in key aspects of its anti-money laundering framework, systems and controls over an extended period of time,” she said. “As one of the largest retail banks in Ireland, Ulster Bank Ireland provides a gateway to the financial system for more than one million customers through its extensive network of branches, online and telephone banking. “Therefore, it is imperative that it vigorously applies the highest levels of anti-money laundering compliance in order to protect, not only itself, but its customers and the wider financial system.” Ulster Bank has 1.1m customers, and since July 2010, has been required to comply with the CJA 2010. However, the Central Bank’s investigation identified eight breaches, including “two significant failings”: that it failed to put an outsourcing policy in place from July 15, 2010, for 11 months, and that it failed to put a service level agreement in place for 19 of the 25 outsourced activities when the outsourcing commenced. The Central Bank also said Ulster Bank failed to conduct an assessment of the ML/TF risks of its business for a period of over two years and that until April 2014, its risk assessment was inadequate as it failed to provide “any quantitative and/or qualitative evaluation of its exposure to the identified risk factors”. The probe also found that the bank provided new products to 64,900 customers without completing customer due diligence in circumstances where a relevant section of the CJA applied. There was also inadequate training for non-executive directors on CJA 2010 until 2013. This is the Central Bank’s seventh settlement in 2016 and brings the total amount of fines imposed this year to just over €7,45m. It is the 104th enforcement case concluded by the Central Bank, with the amount of fines imposed to date totalling over €49.72m.
The Central Bank of Ireland has reprimanded and fined the Dublin-based life assurance arm of Swiss bank UBS after it failed to comply in a timely manner with anti money-laundering legislation introduced in 2010.
The CBI said it had fined UBS International Life Limited (UBSIL) 65,000 euros ($81,900) for failing to instruct its staff on changes to the law embodied in the Criminal Justice Act 2010. This is the Central Bank’s first administrative sanction for non-compliance by a regulated firm with anti-money laundering and counter terrorist financing laws which came into force in July 2010 said Peter Oakes, the Central Bank of Ireland's top investigator and enforcer. The law, which came into force in July 2010, is designed to protect Ireland's financial system from exposure to money laundering and terrorist financing, the CBI said. The CBI also said UBSIL had failed to show it was adequately checking information on policy holders provided by third parties, thus failing to comply fully with "know your customer" requirements. UBSIL had also failed to adopt adequate written policies and procedures for identifying and reporting suspicious transactions, the CBI said. "The breaches identified related to delays by UBSIL in implementing certain requirements of the act after it was implemented on 15 July, 2010," said UBS in a statement, adding that it had dealt with all the control weaknesses identified. A spokesman for UBS said UBSIL had worked closely with the CBI to redress the control weaknesses, and had received a near 30 percent discount on the fine originally proposed as a result, adding that UBSIL had not committed any contraventions in doing business. The Central Bank of Ireland also issued a general comment from Director of Enforcement, Peter Oakes: “This is the Central Bank’s first administrative sanction for non-compliance by a regulated firm with anti-money laundering and counter terrorist financing laws which came into force in July 2010. Firms must adopt robust and effective policies and procedures to prevent and detect money laundering and terrorist financing including ensuring that policies, procedures and business practices are updated in timely manner on foot of changes to regulatory requirements. Furthermore, such policies and procedures must be appropriate to the nature of, and risks associated with, a firm’s operations, including its local and international distribution models as well as the types of financial services and products sold or distributed. Firms are reminded that AML/CTF requirements must have, like other important governance issues, a home on the boardroom agenda. We have said previously that we have identified many instances where firms do not appear to have comprehensively reviewed their business models to assess the impact of the CJA 2010 on their businesses nor devised or deployed effective implementation plans. It is important for the integrity of the Irish regulated market and the international fight against financial crime that both European and global money laundering and terrorist financing obligations are complied with. Where the actions of a firm undermine the Central Bank’s achievement of local statutory and international obligations the firm should expect that enforcement action will follow, especially where the breach falls within our stated Enforcement Priorities and Enforcement Strategy, to which we attach high priority”. https://www.centralbank.ie/docs/default-source/news-and-media/legal-notices/settlement-agreements/public-statement-relating-to-settlement-agreement-between-the-central-bank-of-ireland-and-ubs-international-life-limited.pdf?sfvrsn=6 |
AuthorOn this page you will find a selection of links to articles useful for AFC training. Archives
September 2025
Categories
All
|
RSS Feed