On February 19, the European Banking Authority (EBA) announced that on February 18, it had opened a formal investigation into a possible breach of European Union (EU) law “by the Estonian Financial Services Authority (Finantsinspektsioon) and the Danish Financial Services Authority (Finanstilsynet) in connection with money laundering activities linked to Danske Bank and its Estonian branch in particular.”
This announcement is the second step in a process that began with a September 21, 2018 letter from Tiina Astola, Director-General of the European Commission (EC) Directorate-General Justice and Consumers, to Andrea Enria, then EBA Chairman. In her letter, Director-General Astola took note of Danske Bank’s September 19, 2018 issuance of its internal investigation into money-laundering activities through its Estonian branch. In that regard, he referred to provisions of the EU’s Fourth Anti-Money Laundering Directive, including Article 48. Article 48 directs EU Member States, in pertinent part, to “require the competent authorities to monitor effectively, and to take the measures necessary to ensure, compliance with this Directive,” and “ensure that the competent authorities have adequate powers, including the power to compel the production of any information that is relevant to monitoring compliance and perform checks, and have adequate financial, human and technical resources to perform their functions.”
Director-General Astola then addressed three principal concerns:
- Finantsinspektsioon: Astola raised questions regarding the extent and depth of Finantsinspektsioon’s inspections of the Estonian branch’s anti-money launder (AML) compliance, and whether “sanctions were applied in an appropriate way”;
- Finanstilsynet: Astola started that “[t] he actions of the Danish [AML] supervisor, as the one responsible for the compliance with group-wide AML/CFT policies and procedures remain unclear and raise questions as to whether the Danish supervisor carried out effective supervision of the Danske Bank group.”
- Finantsinspektsioon-Finanstilsynet Information Exchange: Astola remarked that Finantsinspektsioon “notified their Danish counterparts of the exposure of Danske Bank’s branch to non-resident deposits,” and questioned “whether the exchange of information between the two supervisors was adequate and relevant, given that the AML problems at the Danske Bank Estonian branch did not relate only to non-resident deposits.”
Accordingly, Astola requested that the EBA “investigate this possible breach or non-application of Union law both by the Estonian as well as the Danish supervisors.”
Under Article 17 of the EBA’s founding regulation, Regulation (EU) No 1093/2010 (as amended), upon request of one or more “competent authorities” (e.g., national financial supervisory agencies), “the European Parliament, the Council, the Commission or the Banking Stakeholder Group, or on its own initiative, and after having informed the competent authority concerned, the [EBA] may investigate the alleged breach or non-application of Union law.” Each competent authority in question must provide the EBA, “without delay, . . . with all information which the [EBA] considers necessary for its investigation.” No later than two months after initiating such an investigation, the EBA “may, not later than 2 months from initiating its investigation, address a recommendation to the competent authority concerned setting out the action necessary to comply with Union law.” Thereafter, the competent authority has only 10 working days from receipt of the EBA’s recommendation to inform the EBA “of the steps it has taken or intends to take to ensure compliance with Union law.”
On the basis of its preliminary inquiries into both competent authorities, the EBA notified the EC on February 18 that it had opened a formal Breach of Union Law Investigation under Article 17.
Note: The EBA’s investigation represents a new escalation of the scrutiny to which authorities are subjecting the actions relating to the Estonian branch’s massive channeling of apparently laundered funds. While criminal authorities in Europe and the United States are already conducting criminal investigations of Danske Bank, the EBA’s action indicates that the EU, with EC support, is preparing to hold national AML regulators accountable for their failure to conduct adequate supervision of Danske Bank.
Given the two-month timeframe for the EBA’s recommendations to Finantsinspektsioon and Finanstilsynet and the 10-day timeframe for their responses, Danske Bank watchers can expect significant next steps to be announced by the latter part of April and early May. Depending on the degree of severity of its findings, the EBA’s recommendations could implicate not only the two financial services authorities, but by extension their respective national governments if the EBA concludes that the competent authorities lacked adequate powers and resources to do their jobs effectively.