Op risk data: Europe’s AML drive follows Danske and ING slips

Also: top five losses include mortgage penalty for Citi and reporting fines for Goldman, UBS. Data by ORX News


The largest publicly reported loss in March is a $49 million penalty levied on Citigroup for mortgage failings in the US. The bank denied benefits to mortgage borrowers based on race, colour, national origin or sex, in violation of the Fair Housing Act, according to the Office of the Comptroller of the Currency.

Citigroup provided a loan pricing programme that gave eligible borrowers a credit to closing costs or an interest rate reduction. But due to poor staff training and inadequate review processes, certain customers failed to receive the benefits. The bank self-reported the issue in 2015, and will pay a $25 million fine and $24 million in restitution.

The second largest operational risk loss is a £34.3 million ($45.4 million) fine imposed on Goldman Sachs for failing to accurately report more than 200 million transactions between 2007 and 2017.

The UK’s Financial Conduct Authority found that Goldman breached its duties under European Union rules known as Mifid, in organising and controlling its transaction reporting affairs. The mis-reporting spanned the bank’s change management processes, its maintenance of counterparty reference data and how it tested the accuracy of reports.

In third place is the embezzlement of $40.5 million from CBS Employees Federal Credit Union by one of the firm’s managers. For at least 19 years, Edward Rostohar made payments from the credit union to himself, either online or by forging the signature of a fellow employee on cheques made payable to himself, a Justice Department complaint states.

Prior to working at CBS, Rostohar was an examiner at the credit union regulator, and the experience he gained there had helped him to avoid detection, he said, as he knew what methods of investigation the regulator used. CBS has been forced into liquidation following the announcement of the fraud.

UBS faces the fourth largest loss, in the form of a £27.6 million ($37 million) fine from the FCA for reporting failures under Mifid rules. Similar to the Goldman Sachs loss above, UBS submitted incomplete or inaccurate reports for 140 million transactions between 2007 and 2017. The FCA found errors in UBS’s systems, IT logic and/or reporting processes; weaknesses in change management controls; and weaknesses in controls around the maintenance of reference data.

In an apparent case of customer discrimination, the fifth largest loss sees Brazilian savings bank Caixa Econômica Federal fined 127.4 million reis ($33.4 million) for failing to make branch modifications for disabled customers.

The bank did not meet a 2008 agreement to provide such facilities, and was fined in 2011, at which stage it attempted to negotiate alternative forms of payment, according to local media reports. However, CEF allegedly did not take steps to pay the fines, and now faces a larger penalty.

Spotlight: mutual fund mis-selling

A US regulatory probe has resulted in investment advisers agreeing to repay $125 million to clients, many of them retail investors, for inappropriate mutual fund sales. The Securities and Exchange Commission discovered that advisers had placed investors in mutual fund share classes when lower-cost share classes of the same fund were available. The firms had also failed to disclose conflicts of interest related to the sale of these share classes, such as fees they received. Wells Fargo will make the largest payment, at $17.4 million.

The repayments are part of a 2018 disclosure initiative that encourages brokers and advisers to self-report violations to avoid fines. Another US regulator, Finra, launched a similar scheme in January relating to savings plan share-class recommendations. Like the SEC, Finra will waive fines for firms that self-report relevant supervisory violations by April 1.

The SEC says the initiative allows it to effectively allocate its resources, so it is perhaps possible that other US regulators may follow suit, reflecting a reduced emphasis on direct regulatory action during the Trump era.

In Focus: Europe tightens AML data-sharing

Europe’s main financial supervisors have agreed to standardise the exchange of information relating to anti-money laundering and terrorism financing. The agreement, reached on January 10, will require the approval of the European parliament before it becomes law.

The move follows major AML violations at Danske Bank’s Estonian branch, which triggered calls for an EU-wide AML body, a record €775 million ($900 million) AML-related settlement reached by ING in September 2018, and ongoing high-profile investigations involving Deutsche Bank and Nordic banks Swedbank and Nordea. Moreover, Denmark and Sweden have received criticism over relationships between some high-ranking regulatory staff and bank executives, all of which has called into question the region’s reputation for transparency.

The National Bank of Ukraine also appears to be demonstrating an intolerance of AML violations under its jurisdiction. The central bank fined Ukrsotsbank 30.5 million hryvnia ($1.1 million) in November and Sberbank 94.7 million hryvnia in January 2019 for breaching financial monitoring legislation.

Establishing effective supervision over its financial industry may be part of Ukraine’s bid to join the EU. This year, NBU received the Transparency Award from Risk.net sister publication Central Banking, reflecting significant improvement in internal and external communications, and overall transparency.

Excluding fines, firms have faced high costs to remedy AML failures. Danske has been required to set aside an extra Dkr10 billion ($1.6 billion) in capital, and said it would donate an estimated Dkr1.5 billion of income generated by its Estonian branch to combatting international financial crime. French insurer CNP said improvements to its AML/CTF model would cost €20 million over two years, more than double the €8 million fine it received from French regulators in July.

Editing by Alex Krohn

All information included in this report and held in ORX News comes from public sources only. It does not include any information from other services run by ORX and we have not confirmed any of the information shown with any member of ORX.

While ORX endeavours to provide accurate, complete and up-to-date information, ORX makes no representation as to the accuracy, reliability or completeness of this information.

  • LinkedIn  
  • Save this article
  • Print this page  

You need to sign in to use this feature. If you don’t have a Risk.net account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an indvidual account here: