Month: September 2018

In an August 30 article with the subdued headline, “Bitcoin and other cryptocurrencies are useless,” The Economist laid waste to several articles of faith within cryptocurrency communities.  After noting the “speculative mania” associated with the extreme fluctuations in Bitcoin prices, it commented, with asperity, that Bitcoin users “must wrestle with complicated software and give up all the consumer protections they are used to. Few vendors accept it. Security is poor. Other cryptocurrencies are used even less.”  It went on to explain why cryptocurrencies “have fallen far short of their ambitious goals”:

Economists define a currency as something that can be at once a medium of exchange, a store of value and a unit of account. Lack of adoption and loads of volatility mean that cryptocurrencies satisfy none of those criteria. That does not mean they are going to go away (though scrutiny from regulators concerned about the fraud and sharp practice that is rife in the industry may dampen excitement in future). But as things stand there is little reason to think that cryptocurrencies will remain more than an overcomplicated, untrustworthy casino.

The article also was largely dismissive of blockchain technology, calling blockchains “overhyped” and asserting that “[b]lockchain advocates have yet to prove that the underlying technology can live up to the grand claims made for it.”

If one looks past the archness that pervades the article, its central criticisms of cryptocurrencies are well-founded.  Even the best-known of cryptocurrencies, Bitcoin, remains extraordinarily volatile in value.  Earlier this week, reports that Goldman Sachs had decided to back away from opening a cryptocurrency trading desk because of uncertainty about regulatory requirements quickly prompted what Fortune described as a “Bitcoin bloodbath”, with sharp price drops for better-known cryptocurrencies such as Bitcoin (more than 12 percent), Bitcoin Cash and EOS (both more than 20 percent), Ethereum (nearly 19 percent), and Ripple (more than 12 percent).

That overall volatility is unlikely to subside soon.  Authorities in the United States and other countries continue to move with extreme caution in expanding the market for cryptocurrency or cryptocurrency-based products without close regulatory control and oversight. In addition, on September 5 Reuters reported that “[t]he market capitalization of crypto assets, such as cryptocurrencies and crypto tokens issued for an ICO, has fallen to around $200 billion in August from a peak of more than $800 billion in January,” with Bitcoin decreasing by approximately 60 percent against the dollar in 2018.  When Warren Buffett says, “I can say with almost certainty that [cryptocurrencies] will come to a bad ending,” only speculators (or extraordinarily patient investors) with nerves of steel and painstaking business intelligence-gathering can afford to deal in cryptocurrencies in the immediate future.

Attractiveness to speculators, however, is the last thing that a true national currency needs.  If, as The Economist correctly observed, a currency must be a medium of exchange, a store of value, and a unit of account, cryptocurrencies fall short in all three respects.  Admittedly, even official national currencies can experience catastrophic volatility, as Iran, Venezuela , and Zimbabwe have lately been experiencing.  But to tie a drastic currency reconversion to a widely discredited so-called “cryptocurrency” (as Venezuela has done) or to propose a national cryptocurrency as a means of evading economic sanctions (as Iran has proposed)), is likely not only to enhance that volatility but to cast further doubt on the reliability of cryptocurrencies for any of those purposes.

One issue that has received little if any attention in the debate over cryptocurrencies is whether the term “cryptocurrency” has outlived its usefulness.  Bitcoin, as The Economist stated, “began life as a techno-anarchist project to create an online version of cash, a way for people to transact without the possibility of interference from malicious governments or banks.”  So long as cryptocurrency advocates cling to the dream of a medium of exchange that can function consistently and reliably for legitimate transactions and that governments cannot track or regulate, the very term “cryptocurrency” will continue to arouse suspicion and deter widespread adoption.  On the other hand, innovation in payment mechanisms and systems whose functions and technology are transparent, and that are operationalized to comply efficiently with diverse regulatory obligations throughout the world, should always be welcome in economic affairs.  The sooner that cryptocurrencies accept those realities, the greater the odds that Warren Buffett – unlikely as it seems – might eventually be proved wrong.

On September 4, the editorial board of the Financial Times published an editorial that calls for a central anti-money laundering body for Europe.  The foundation for the editorial was the extensive and growing series of media reports about money laundering through the Estonian branch of Danske Bank, the largest bank in Denmark.

Since September 2017, when Danske Bank initiated what it termed “thorough and comprehensive investigations into the non-resident portfolio of the Estonian branch,” estimates of the scope and scale of alleged money laundering through that branch have continued to rise:

• In May 2018, the Danish Finanstilsynet (Financial Supervisory Authority (FSA)) issued a report to the bank’s Board of Directors and Executive Board that while it recognized “that the bank has made various improvements in the AML and compliance areas in recent years,” it was issuing eight orders and eight reprimands relating to the Estonian branch activity. In particular, the FSA found that the branch “had high earnings on Russian and other non-Baltic customers (non-resident customers), whose total volume of payments through the branch was very considerable. For example, 35% of the profit in the branch in 2012 was generated by Russian customers, who made up 8% of the customer base.”
• In July 2018, the Danish newspaper Berlingske reported that as much as $8.3 billion may have been laundered through the Estonian branch from 2007 to 2015.
• Most recently, on September 3 the Financial Times reported that an independent investigation commissioned by the bank found “that as much as $30 billion (€26 billion) of Russian and ex-Soviet money moved through the Estonian branch” in 2013. A draft report of the investigation, by the financial consulting firm Promontory Financial, also disclosed that the $30 billion was reflected in nearly 80,000 transactions, and that after 2013, the volume began to decrease and accelerated its decline after the Estonian Financial Services Authority began its own investigation.
• UPDATE: On September 7, the Wall Street Journal reported that Danske Bank is now examining $150 billion in transactions that moved through the Estonian branch between 2007 and 2015.

The Financial Times editorial referred to the $3 billion as “an eye-popping volume for a small branch operation [that] suggests serious gaps in the bank’s safeguards, and in Europe’s efforts to combat money-laundering.”  It also pointedly remarked that “US officials — who have repeatedly, and embarrassingly, proved better able to police European money laundering than Europe’s own authorities — have not confirmed whether they are probing Danske themselves, but said they are ‘following the case closely’.”

Noting that the Danske Bank case had “highlighted again the patchwork nature of Europe’s anti-money laundering supervision,” it concluded:

While the European Central Bank scrutinises banks’ business models and governance, policing criminal financial flows is still a national competence. An EU-wide anti-money laundering body is sorely needed to harmonise and enforce rules, and direct additional resources to where they are most needed. EU institutions and member states need to find the political will to close what is a gaping hole in the continent’s regulatory framework.

Note: The Financial Times editorial understandably paints with a broad brush.  In doing so, it fails to take into account the existence of the current European Union AML legal framework, including the 4^th and 5^th Anti-Money Laundering Directives, or of other multinational governmental bodies such as the European Banking Authority or the Financial Action Task Force, which has played a highly influential role in setting standards and promoting effective implementation of AML and terrorist-financing measures.  But broadbased compliance failures at leading European financial institutions such as Danske Bank and ING indicate that the current structure of national and supranational AML regulation in Europe is falling short in timely identification of and response to significant instances of AML noncompliance.

In that respect, the Financial Times editorial is a welcome call to action — albeit one to which the European Union so far is not responding with any dispatch.  According to Reuters, a preliminary EU plan to enhance AML  “acknowledges that “there may be gaps in the EU’s supervisory framework” to counter money laundering, but pushes back any meaningful action to late next year or beyond.

On September 4, the Netherlands Openbaar Ministerie (Public Prosecution Service) (NPPS) announced, in English and Dutch, that ING Bank N.V. (ING), a global financial institution headquartered in Amsterdam, had accepted and paid a settlement of  €775,000,000 (equivalent to US$900 million) to resolve an investigation focused on violation of the Dutch Wet ter voorkoming van witwassen en financieren van terrorisme (Anti-Money Laundering and Counter Terrorism Financing Act) (Wwft) by ING’s business unit ING Bank Netherlands (ING NL).  The NPPS specified that ING NL’s Wwft violation had occurred “for many years and on a structural basis”, and took note of ING NL’s culpable money laundering involving its failure “to prevent bank accounts held by ING clients in the Netherlands between 2010 and 2016 from being used to launder hundreds of millions of euros.”  The settlement consisted of a fine of €675,000,000, disgorgement of €100,000,000, and compliance and remediation measures.

Because of the size of the criminal resolution and the NPPS’s inclusion of both a detailed summary of the case and a detailed statement of facts, in the manner of the U.S. Department of Justice and the UK Serious Fraud Office, the NPPS announcement warrants a detailed review.  According to the NPPS summary (ING NL) ”did not properly fulfil its role as gatekeeper of [the Dutch] financial system, as outlined in the [Wwft], which requires financial gatekeepers to conduct client due diligence and report unusual transactions to the Dutch Financial Intelligence Unit (FIU).  The NPPS found ING to be “seriously deficient in this respect,” allowing ING NL clients to use accounts held with ING NL for criminal activities for many years, “virtually undisturbed.”  The NPPS also criticized ING NL for having wrongly taken insufficient action, as “ING NL should have seen that certain cash flows through bank accounts held by ING NL clients were possibly the result of crime.”

The investigation by the Dutch Fiscale inlichtingen- en opsporingsdienst (Fiscal Information and Investigation Service (FIOD), which began in early 2016, focused on suspicions “that ING NL was not sufficiently investigating clients, was insufficiently monitoring bank accounts and did not report unusual transactions, or reported them too late.”  The FIOD became concerned that ING NL had structural shortcomings that included (1) the absence of or insufficient conduct of client due diligence, (2) misclassification of clients that could lead to high-risk clients being subject to less stringent anti-money laundering measures, (3) insufficient monitoring of client relationships and bank accounts (and, when necessary, failure to terminate such relationships and accounts in a timely manner, (4) understaffing and inadequate training of the compliance department, (5) establishment of a transaction-monitoring system that generated only a limited number of money laundering signals, and (6) irregular or late reporting of unusual transactions to the FIU.

The summary also cited four specific cases it examined in detail as illustrative examples of actual misuse of bank accounts by ING NL clients.  One was an “international telecom provider” – unnamed in the summary, but named as Vimpelcom (now VEON) in the statement of facts — that transferred bribes worth tens of millions of dollars via its ING NL accounts to a company owned by Gulnara Karimova, the daughter of the then-president of Uzbekistan.  Another was an unnamed

The NPPS further noted that De Nederlandsche Bank N.V. (the Dutch Central Bank) (DNB) had warned ING NL on multiple occasions and taken unspecified “formal measures,” and was consulted by the NPPS when the NPPS decided to approach ING NL’s conduct as criminal activity.  According to a Reuters article, Dutch prosecutors said that the DNB “had warned ING as early as 2008 that its procedures were insufficient, but lead prosecutor Margreet Frohberg told Reuters that it had failed to act in earnest until 2016.”

Ultimately, the NPPS decided to attribute the offenses in question to the organization as a whole, and not to pursue individuals for criminal prosecution for two reasons.  The first was the fractured structure of ING NL’s compliance risk management.  As the NPPS explained, “The responsibility for compliance with the AML/CTF Act rests with three different divisions of the bank. None of these divisions oversaw the whole picture. This in part explains why senior management was not fully aware of the seriousness of the shortcomings, and their persistence.”  The second was the standard of proof that Dutch courts require for prosecutions of individuals in such a setting:

Many individual persons are responsible for part of the culpable behaviour. The offences are therefore not individually attributable to specific persons, not even the management at ING NL. The Supreme Court (Hoge Raad) sets a high bar for prosecuting individuals for directing criminal offences. In this case, not only must awareness be proven, but also that those persons consciously instigated criminal offences or deliberately failed to stop them. The ING NL investigation did not demonstrate that this was the case.

In its statement of facts, the NPPS identified five factors that led to its decision to offer a resolution to ING:

1. “ING NL publicly acknowledges and regrets the mistakes made;”
2. “ING NL cooperated in the criminal investigation and investigated the matter internally and the outcomes have been reported to the NPPS;”
3. “ING NL will continue to actively allow the NPPS to investigate possible criminal offenses arising from shortcomings in the FEC [Customer Due Diligence] policy to which the settlement relates;”
4. “ING NL, under the supervision of DNB, has developed and implemented a remediation plan. ING NL also provided the NPPS with insight into the progress of this remediation plan throughout the criminal investigation;”
5. “As part of this settlement, ING NL is taking responsibility for criminal offenses committed over a period of several years.”

On the same day, ING issued a press release regarding the settlement.  The release, which it also submitted to the U.S. Securities and Exchange Commission (SEC) via a Form 6-K, stated that ING “has fully cooperated” with the NPPS investigation, but added that that investigation and its own internal investigation “established serious shortcomings in the execution of policies to prevent financial economic crime (FEC) at ING Netherlands in the period investigated (2010-2016),” with specific reference to the six NPPS-identified defects listed above.  It also said that ING “sincerely regrets that as a result of the above shortcomings ING Netherlands did not adequately fulfil its role as gatekeeper to the financial system, helping fight financial crime.”

As part of its remediation response, ING noted that it has initiated measures – including “holdbacks of variable remuneration and suspension of duties” – “against a number of (former) employees in senior management positions who had a broader responsibility for the safeguarding and execution of FEC CDD policies and procedures in the Netherlands. In addition, the members of the Executive Board of ING Group, in consultation with the Supervisory Board, agreed “to forego their variable remuneration over 2018.”

Moreover, ING listed various initiatives it was taking at ING NL to strengthen compliance risk management: (1) an enhancement program to ensure compliance with “know your customer” (KYC) and “client activity monitoring” requirements; (2) centralization and simplification of operational KYC activities into a single “KYC Centre” across divisions; (3) establishment of Client Risk Committees across business units, to decide “on client on-boarding and exit escalations to ensure KYC risk mitigation”; (4) an engagement program “to strengthen the internal compliance culture and awareness by better enabling employees to act in both the letter and the spirit of the law”; and (4) active involvement in and contribution to the Financieel Expertise Centrum (FEC)-raad (Council) taskforce, in which “Dutch authorities that have supervisory, control, prosecution or investigation tasks cooperate with financial sector actors to strengthen the integrity of the sector.”

Finally, ING expressed its hope that based on the settlement agreement with the NPPS, the U.S. Securities and Exchange Commission, with whose information request ING had been cooperating, would take no further action and not require “further payment or the imposition of further conditions.”

Postscript:  In a September 5 release, ING stated that it “has received a formal notification from the SEC that it has concluded its investigation. In the letter the Division of Enforcement states that, based on information as of this date, it does not intend to recommend an SEC enforcement action against ING.”

On August 27, Larry D. Thompson, the Independent Compliance Auditor (ICA) for the so-called “VW Defendants” (VW), issued the first annual report on compliance by the VW Defendants (including Volkswagen AG (VW)) with their injunctive relief obligations stemming from federal and state consent decrees regarding VW’s emissions cheating (Report).  (N.B.: The Report, dated August 17, addresses only the VW Defendants’ civil obligations pursuant to the consent decrees.  Thompson has separate duties as Independent Compliance Monitor under the Plea Agreement in United States v. Volkswagen AG, No. 16-cr-20394-SFC (E.D. Mich.), and the Monitor’s Plea Agreement reports are not comparable to the ICA’s annual reports, in part because “the Plea Agreement reports include a broader evaluation of the ‘effectiveness’ of the overall compliance program of Volkswagen AG and its subsidiaries and affiliates” (Report, p. 4).)

The Report includes sections on the following:

• VW Defendants’ Reporting of Violations (pp. 6-8): The VW Defendants identified and reported two violations of the injunctive relief provisions: failure to add certain questions to employee survey “managers’ guides”, and failure to give 10 days’ notice (per the California Consent Decree) to the California Air Resources Board (CARB) of testing using the Portable Emissions Measurement System (PEMS) (Report, pp. 6-7).
• General Obligations under the Consent Decrees (pp. 8-9): This section included the following issues:
  • VW Defendants’ cooperation with the ICA: On this issue, the Report stated that the Volkswagen Project Management Office “has cooperated with the ICA,” but that
    • “[o]ccasionally, the ICA has contended with the VW Defendants’ reluctance to share certain information. This reluctance has included the VW Defendants’ use of redactions in documents provided to the ICA, based on claims of attorney-client privilege, attorney work-product, and data privacy. . . . The ICA has discussed this issue with VW Defendant personnel on numerous occasions throughout the reporting period, and has documented its concerns. With respect to the VW Defendants’ assertions of privilege and work-product, the ICA has disagreed with some of the VW Defendants’ assertions. The VW Defendants have promised further improvements in their provision of information, and increased the frequency of discussions with the ICA regarding this topic. The ICA is committed to working with the VW Defendants to resolve all redaction issues and other withholding of information.” (P. 8)
  • Appointment of an Environmental Compliance Officer.
  • The VW Defendants’ submission of their first Annual Report to the Justice Department and California authorities.
• Recommended Actions to Achieve Compliance (pp. 9-10): This section sets forth the ICA’s seven recommendations to the VW Defendants to achieve compliance with the consent decrees, including:
  • Designing and implementing additional, ongoing monitoring and auditing procedures to assess compliance by the VW Defendants with their obligations under the Consent Decrees (p. 9);
  • Preparing and providing a comprehensive written analysis of the implementation of the so-called “Golden Rules” (i.e., a set of thirteen mandatory processes, supported by a total of 109 “minimum requirements” that prescribe the implementation of certain controls and best practices to optimize the operation of the Internal Control System in the VW Defendants’ product development process) (pp. 9-10).
• Injunctive Relief Obligations Related to the Product Development Process (pp. 11-27). This section reports on obligations pertaining to segregation of duties between product development and certification testing (pp. 11-15), establishment and maintenance of Group Steering Committees for monitoring and complying with U.S. laws regarding vehicle certification and vehicle emissions (pp. 15-17), PEMS testing (pp. 17-20), definition of managers’ responsibilities (pp. 21-22), and implementation of the “Golden Rules” (pp. 22-27).
• Efforts by the VW Defendants to Establish and Maintain a Whistleblower System (pp. 27-30).
• Efforts by the VW Defendants Regarding the Employee Survey and Managers’ Guides (pp. 30-32).
• Efforts by the VW Defendants Regarding Codes of Conduct (pp. 32-35): This section reports on the VW Defendants’ efforts to ensure that their corporate Codes of Conduct included provisions regarding both environmental protection and responsibility for compliance.
• Efforts by the VW Defendants Regarding Third-Party and Internal Audits (pp. 35-46).

Note: The most critical language in the ICA report, as quoted above, is with regard to the VW Defendants’ resistance to information-sharing and redaction of documents.  In a joint news conference on August 27, Thompson and Hiltrud D. Werner, a member of Volkswagen’s board who is responsible for integrity, reportedly said “they were trying to work out differences over access to documents amicably.”  Nonetheless, it should be noted that – allowing for the fact that devising and implementing effective compliance measures in any large organization takes significant amounts of time and effort – the ICA report is devoid of any indication that Thompson regards the VW Defendants as having made substantial progress toward compliance with its civil obligations.

Due to the Labor Day holiday, there will be no DTG post today.  DTG will resume tomorrow, September 4.