On Sept. 13, the CBI announced that it fined Danske over the bank’s failure “to ensure that its automated transaction monitoring system monitored the transactions of certain categories of customers of its Irish branch for a period of almost nine years, between 2010 and 2019.”
According to the CBI, the “root cause” of this failure was “historic data filters” Danske applied within its groupwide automated transaction monitoring system that led the bank to exclude certain categories of customers from monitoring, “including some customers rated by Danske as high and medium risk,” the CBI stated. These compliance failures constituted violations of Ireland’s Criminal Justice (Money Laundering and Terrorist Financing) Act (CJA).
A May 2015 internal audit report alerted Danske to the inadequacies in its monitoring system and the nature of the risks they posed, and yet Danske failed to notify the bank’s Irish branch or the CBI of this issue and take action until nearly four years later. Between August 2015 and March 2019, an estimated 348,321 transactions (approximately 2.43 percent of all transactions) processed through the Irish branch were not monitored for money laundering and terrorist financing risk, according to the financial regulator.
It was not until October 2018, when the Irish branch identified the issue, that steps were taken to rectify the compliance gaps, according to the CBI. Those remedial measures were completed in March 2019.
“However, the Central Bank was not informed of the issue until February 2019,” said CBI Director of Enforcement and Anti-Money Laundering Seana Cunningham. “The failures to rectify the issue and to notify the Central Bank promptly are aggravating factors in this case.”
The CBI determined the appropriate fine against Danske to be €2.6 million (U.S. $2.6 million) but reduced the fine by 30 percent for Danske’s early cooperation.
Danske Statement
In a statement, Danske said it “acknowledges the seriousness of the issues identified in the CBI’s investigation” and that it “deeply regrets and apologizes” for them.
Danske said it arranged for a third party to carry out a “lookback” review of transactions for the period 2016 to 2019, the outcome of which showed a “very low” financial crime risk for those transactions, “giving rise to only one Suspicious Transaction Report (STR) in relation to Irish branch customers,” the bank stated.
Additionally, Danske said it has allocated “significant resources to ensure successful financial crime prevention, including 3,600 full-time employees dedicated to fighting financial crime.” Danske further noted, between 2018 and the end of this year, it will have spent approximately 12 billion Danish kroner (U.S. $1.61 billion) on maintaining and improving its overall financial crime risk management framework, including AML controls.
Wider Compliance Lessons
“The importance of transaction monitoring in the global fight against money laundering and terrorist financing cannot be overstated,” Cunningham said. “It is imperative that firms implement robust transaction monitoring controls that are appropriate to the money laundering risks present and the size, activities, and complexity of their business.”
“These controls must be applied to all customers, irrespective of their risk rating, as they enable firms to detect unusual transactions or patterns of transactions and where required apply enhanced customer due diligence to determine whether the transactions are suspicious,” he added.
Cunningham continued, “The Central Bank recognizes that, while firms may rely on automated solutions for transaction monitoring, they must ensure that systems employed for this purpose are appropriately monitored and calibrated correctly to take account of the actual money laundering or terrorist financing risk to which the firm is exposed.”
He concluded by stating that CBI “expects firms to bring failures to its attention at the earliest opportunity and to act expediently to address identified errors” and further warned that AML/CFT compliance “will remain a key priority for the Central Bank,” and that the financial regulator will not hesitate to pursue enforcement actions and impose sanctions where firms fail in their AML/CFT compliance obligations. 
Jaclyn Jaeger is a contributing editor at Compliance Chief 360° and a freelance business writer based in Manchester, New Hampshire.