According to the FCA, between December 2012 and October 2017, Santander “failed to properly oversee and manage its AML systems,” which “significantly impacted” its oversight of approximately 566,000 business banking customers (customers with an anticipated turnover of less than £250,000).
The FCA said it identified six business banking accounts that Santander failed to manage correctly, causing approximately £298 million (U.S. $366 million) in suspicious funds to pass through the bank before the accounts were closed. Approximately £269 million (U.S. $330 million) of this amount was attributable to one customer’s account, according to the FCA’s Dec. 8 final notice.
“Santander’s poor management of their anti-money laundering systems and their inadequate attempts to address the problems created a prolonged and severe risk of money laundering and financial crime,” said Mark Steward, executive director of Enforcement and Market Oversight at the FCA.
Compliance lapses
According to the FCA’s final notice, Santander demonstrated the following compliance lapses:
Lack of effective ownership of money laundering risk: “Various AML functions were divided between different teams, which operated in siloes and did not share information sufficiently, and some functions operated a centralized operational model which prioritized the completion of processes above qualitative assessments,” the FCA said. “As a result, its governance processes failed to ensure that its systems managed AML risks within Business Banking appropriately.”
Onboarding assessment weaknesses: “When establishing new customer relationships and opening bank accounts, Santander UK’s processes failed to ensure that it obtained sufficient information to understand the nature of a customer’s business,” the FCA said. “Unless customers identified, and staff recorded, the business as one which Santander UK assessed as high risk, no verification was conducted to ensure that the customer, in fact, carried on that business.”
No ongoing customer monitoring: From December 2012 to April 2015, “customer risk assessments were not recorded on systems generally used by staff,” which impacted Santander UK’s ability to produce accurate information on its business banking portfolio risks, the FCA said. And business banking customers were not subject to periodic reviews to ensure Santander UK’s understanding of their customers’ businesses and money laundering risks remained current.
Knowing about the “significant weaknesses” in its AML systems and controls, Santander began improvements to its program in 2013. “While these changes resulted in some improvements, Santander concluded that the changes did not adequately address the underlying weaknesses and, in 2017, decided to implement a comprehensive restructuring of its processes and systems,” the FCA said. “Santander UK continues to invest in its ongoing transformation and remediation program.”
Because Santander did not dispute the FCA’s findings and agreed to settle, it qualified for a 30 percent discount. Without the discount, the financial penalty would have been £154 million (U.S. $189 million).
Jaclyn Jaeger is a contributing editor at Compliance Chief 360° and a freelance business writer based in Manchester, New Hampshire.