Month: July 2019

On June 28, Finanstilsynet, the Norwegian Financial Supervisory Authority (FSA), ordered a subsidiary of Spanish bank Santander, Santander Consumer Bank, to pay a fine of Kr. 9 million (approximately US$1 million) for violating the Norwegian Money Laundering Act.  In particular, the FSA stated  that Santander Consumer Bank warranted a financial penalty for defects in the operation of its electronic monitoring system “to detect suspicious transactions related to money laundering and terrorist financing.” (Note: All translations of language in the FSA order are informal.)

According to the FSA order, section 38 of the Money Laundering Act requires that banks, mortgage companies, and finance companies have electronic monitoring systems to identify issues that may indicate money laundering and terrorist financing.  The Act also requires that monitoring be conducted on an ongoing basis, and that a bank investigate transactions for which there are indications of money laundering or terrorist financing.  The order further stated that “[a]n effective and fast implementation of investigations and reporting suspicious matters is central to achieving the purpose of the Money Laundering Code.”  When the suspicion about a transaction is not rejected, it is to be reported to Økokrim, the Norwegian National Authority for Investigation and Prosecution of Economic and Environmental Crime, which functions as both a police agency and a public prosecutors’ office with national authority.

The FSA observed that in December 2018, Santander Consumer Bank brought to the FSA’s attention that the bank had discovered an error in the operation of that electronic monitoring system.  The bank informed the FSA that that error had resulted in approximately 1,260,000 transactions not being subject to money laundering review for more than four years, from October 30, 2014 to December 6, 2018.

After further internal review and correction of the error, the bank found that approximately 1.6 million transactions, involving 303,415 customers, had not been verified under the Money Laundering Act.  Reuters reported that a bank spokesperson attributed said the error was connected to the integration of old and new IT systems, and added that it “has fully cooperated with and kept the FSA fully continuously informed.”

In response, the FSA stated that it considered all factors for assessing a financial penalty under section 50 of the Money Laundering Act.  Those factors include the gravity and duration of the offense; the offender’s degree of guilt; the financial offender’s ability; the reporting entity’s risk assessments and processes; benefits that have been achieved or could have been achieved by the violation; whether third parties have suffered losses; the degree of cooperation with the authorities; and any previous violations of the Act or regulations pursuant to the Act.

With regard to those factors, the FSA stated that “the offense has been going on for a long time, and applies to many transactions and customer relationships.”  It also opined “that the error in the system could and should have been uncovered and directed far earlier than was actually the case.”  The FSA specifically stated that “it is particularly aggravating that the bank was, or should have been, aware that there must be errors in the system without the matter being prioritized.”  It also assumed “that the bank have not had sufficient resources and attention on the weaknesses of the system and the error that led to the offense.”  All of these factors, in the FSA’s view, “are relevant during the assessment of the gravity of the violation and duration, the offender’s level of guilt, and the assessment of what benefits Santander Consumer Bank has achieved or could be achieved by the violation.”

The FSA acknowledged that the bank had correctly reported the error and had contributed to the FSA’s inquiry.  Even so, it cited section 46 of the Norwegian Public Administration Act as the source of “a number of factors that can be taken into account in cases concerning administrative sanctions.”  The FSA’s assessment was that “the incident in the bank is of such a nature that it speaks for sanctioning, taking into account both general preventive and individual preventive considerations.”  It found that “the bank did not have enough resources in the fulfillment of its legal requirements, and that the management did not implement the necessary measures even when it knew, or should have known, that there were errors in the systems.”  In the FSA’s view, “it is important that suspicions about system errors and non-compliance with the [money laundering] law lead to a quick follow-up from the reporting party, even where it has to demand more resources and attention from management.”

Note:  The FSA order provides a detailed example of the factors that the FSA weighs in determining whether to penalize financial institutions for failure to comply with the Norwegian Money Laundering Law.  It also provides yet another reminder to financial institutions’ AML compliance teams that their review of AML internal controls must include periodic checks on the completeness, timeliness, and accuracy of their AML electronic monitoring systems.  Other financial institutions have paid a substantial price when their AML compliance failures included failures or gaps in their transaction monitoring systems, and regulators in the United States and the European Union can be expected to reinforce that message in future enforcement actions.

On June 27, the U.S. Department of Justice announced that on June 26, a federal grand jury in the District of Columbia returned an indictment against Eghbal “Eddie” Saffarinia, former Assistant Inspector General for Management and Technology in the U.S. Department of Housing and Urban Development Office of Inspector General (HUD-OIG).  The indictment charged Saffarinia with concealing material facts, making false statements, and falsifying Office of Government Ethics (OGE) annual financial disclosure forms, in connection with his allegedly disclosing confidential internal government information to a friend (“Person A”) who was the owner and chief executive officer of a Virginia information technology company (“Company A”) and undertaking efforts to steer government contracts and provide competitive advantages and preferential treatment to Company A.

According to the Indictment, between early 2012 and mid-2016, Saffarinia, while serving as an Assistant Inspector General at HUD-OIG, was HUD-OIG’s Head of Contracting Activity.  In that capacity, he “oversaw procurement review and approval processes, including IT contracts; had access to contractor proposal information and source selection information; and participated personally and substantially in IT procurements.”

Saffarinia and Person A allegedly “were friends who emigrated from the same country, went to college together in the early 1980s, and socialized with each other on a regular basis.”  They also had a long-standing financial relationship, in which Saffarinia owed a total of $80,000 to Person A.  During the period when Saffarinia was receiving payments and loans from Person A, he allegedly “steered significant government business to Company A and its business partners, he disclosed confidential and internal government information to Person A, he gave competitive advantages and preferential treatment to Person A and Company A, and he caused and attempted to cause HUD-OIG to increase the amount of work and hours awarded to Person A and Company A.”

As one consequence of Saffarinia’s alleged efforts, Company A received approximately $1,065,520 for subcontractor work performed under an information technology (IT) services contract with another company.  In addition, Saffarinia allegedly caused HUD-OIG to recompete that IT services contract, and caused another company to form a business partnership with Person A and Company A for the recompete contract, in which Company A was expected to receive approximately $9 million.

Note:  Although there is no plea or conviction yet in this case, ethics and compliance officers in public- and private-sector entities can use the facts as alleged in this case to brief and train executives and employees, to underscore the importance of strict compliance with conflict-of-interest requirements.

This case should also indicate that government agencies and companies cannot simply rely on self-disclosures by their employees to conduct effective monitoring and oversight on compliance with conflict-of-interest requirements.  In this case, the evidence against Saffarinia apparently includes numerous meetings over lunches and dinners, during Saffarinia’s tenure at HUD-OIG, in which they discussed business opportunities for Person A and Company A and the IT services contract, as well as communications between Saffarinia and Person A that included Saffarinia’s forwarding of internal HUD-OIG emails and contract-related materials to Person A.

On July 1, according to NL Times, two Ministers in the Dutch Cabinet – Minister of Finance Wopke Hoekstra and Minister of Justice and Security Ferdinand Grapperhaus — sent to the Dutch Parliament a set of anti-money laundering (AML) measures that include:

• Prohibiting cash payments of more than €3,000;
• Regulating cryptocurrencies, reportedly “to limit the risks associated with cryptocurrencies”;
• Calling for the €500 euro banknote to be taken out of circulation;
• Increasing the capacity of the Dutch Financial Intelligence Unit, FIU Nederland, “and other investigative authorities;”
• Encouraging banks “to share information about suspicious clients”; and
• “Advocat[ing] for the establishment of a European regulator on money laundering.”

In addition, the government reportedly government is “looking into a ‘black list’ where banks can register clients they suspect are involved in money laundering.”

Finance Minister Hoekstra stressed the importance of interagency cooperation, saying that the government, regulators, the FIU, the Dutch Public Prosecution Service, the Fiscal Information and Investigation Service (the Dutch anti-fraud agency), the financial sector, and accountants are “now joining forces to ensure that criminals cannot get a foothold in our financial system.”  Justice Minister Grapperhaus added that through this joint effort, “we want to take the approach against money laundering to a higher level. The Netherlands must be among the international leaders in tackling money laundering.”

Note: Dutch authorities have known for some time that criminals have been seeking to exploit Dutch financial institutions for money laundering.  The Ministers stated that an estimated €16 billion is laundered every year in the Netherlands, and the Organized Crime and Corruption Reporting Project reported that nearly €1 billion was laundered through the Netherlands by a single operations moving billions of euros out of Russia.  That latter report apparently prompted Dutch prosecutors to examine possible Dutch involvement with Russia-related money laundering.

These proposed measures indicate that the Dutch Government, while supportive of enhanced European Union-wide AML oversight authority, is not waiting for EU action to initiate its own national-level AML action plan.   Because the European Central Bank has emphasized that the €500 notes still in circulation will continue to be legal tender, even after all EU Member States had ceased issuing new €500 notes, it is not clear whether the Ministerial proposal on withdrawing the €500 note is intended to deny those notes legal tender status.