Author: Jonathan J. Rusch

On March 28, The Times reported that London Metropolitan Police (Met) Commissioner Cressida Dick has cited money service businesses (MSBs) in London as the means by which drug gangs are exporting “crate-loads of dirty cash out of the country.”

In March 26 testimony before the United Kingdom Parliament’s Home Affairs Select Committee, Commissioner Dick stated that the approximately 9,000 MSBs in London “are not very well regulated. Huge amounts of cash are going through those institutions and most of it straight out of the country on crates.”  She also testified that based on highly targeted testing that the Met had done over the previous three to four months, “[a] huge amount of that cash” appears “to be illegal finance and most of it comes from the drugs trade.”

In a separate statement, a Met spokeswoman said that “’[a]pproximately £2 billion is moved out of the country a month to places like the United Arab Emirates from MSBs and a lot of this is linked to criminality. When officers seize cash, paper trails often lead to MSBs’.”

Although the Met stated “that it had seized a record £95 million in cash last year using a range of tactics including freezing assets,” with the largest cash seizure to date being £1.3 million, Commissioner Dick said “that new laws and better enforcement were needed.”

Note: In formal terms, MSBs in the United Kingdom are already subject to regulation.  Under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017, a variety of MSBs must register with HM Revenue & Customs.  MSBs subject to the Regulations include any business acting as a currency exchange office (i.e., a bureau de change), transmitting money or any representation of money by any means (i.e., money remittance), and cashing cheques payable to a customer (i.e., third-party check-cashing).  In addition, money transmitters must be registered or authorized by the Financial Conduct Authority under the Payment Services Regulations 2009.

In practice, however, law enforcement authorities must deal with a vast number of MSBs across the United Kingdom.  According to the Met, Great Britain alone has approximately 45,000 MSBs, compared to approximately 6,000 in France and 220 in the Netherlands.  The Government is well aware of the money-laundering threat that this multiplicity of MSBs poses.  One joint report by the UK Treasury and Home Office specifically warned about “control of MSBs by organised crime groups”

In light of these connections between MSBs and drug money laundering, AML compliance teams in United Kingdom financial institutions should pay close attention to all MSBs whom their institutions are banking, and see that their customer risk assessment frameworks are fully updated in light of current information about key AML trends.  In particular, they should review their customer risk models on all MSBs they are banking, and be prepared to increase the frequency and the range of enhanced due diligence on any high-risk MSBs.  At a time, when attention to AML enforcement is increasing in the United Kingdom, Europe, and elsewhere – only in part because of the continuing ripple effects of the Danske Bank scandal — no United Kingdom financial institution can afford to bend the rules or relax their oversight for any MSBs that are deemed to be high-risk customers.

On March 29, the U.S. Department of Justice announced that on March 28, a federal grand jury in the Central District of California indicted two senior corporate executives with two corporations on multiple counts for their roles in a scheme involving defective and dangerous dehumidifiers made in China.  Simon Chu and Charley Loh, who served respectively as part owners, chief administrative officer, and chief executive officer of the same two corporations in California, were charged with (1) conspiracy (a) to commit wire fraud, (b) to fail to furnish information under the Consumer Product Safety Act (CPSA), and (c) to defraud the U.S. Consumer Product Safety Commission (CPSC); (2) wire fraud; and (3) failure to furnish information under the CPSA.  The Department indicated this was the first time that any individual had been criminally charged for failure to report under the CPSA.

Under section 15 of the CPSA, a manufacturer, importer, distributor, and/or retailer of consumer products, and an individual director, officer, or agent of such companies, has a legal obligation to immediately report certain types of information to the CPSC, including a defective product that could create a substantial risk of injury to consumers or a product that creates an unreasonable risk of serious injury or death.  Under sections 20 and 21 of the CPSA, failure to fully and immediately report this information may warrant, respectively civil or criminal penalties, including up to 5 years’ imprisonment for a knowing and willful violation.

According to the indictment in this case,

as early as September 2012, Chu, Loh, and their companies received multiple reports that their Chinese dehumidifiers were defective, dangerous, and could catch fire. They also allegedly knew that they were required to report this product safety information to the CPSC immediately. Despite their knowledge of consumer complaints of dehumidifier fires and test results showing problems with the dehumidifiers, the indictment alleges that Chu and Loh failed to disclose their dehumidifiers’ defects and hazards for at least six months while they continued to sell their products to retailers for resale to consumers.

The indictment also alleges

that as part of their scheme, Chu and Loh deliberately withheld information about the defective and dangerous Chinese dehumidifiers from the retail companies that bought the dehumidifiers; the insurance companies that paid for damage caused by the fires resulting from the dehumidifiers; and the CPSC. Loh and Chu allegedly continued to sell the Chinese dehumidifiers to retailers with false certifications that the products met safety standards; caused a company employee to solicit materials that would falsely portray to an insurance company that the dehumidifiers were safe and not defective; and sent an untimely report to the CPSC that falsely stated that the dehumidifiers were not defective or hazardous.

Note:  This indictment is significant for consumer products-related companies because the Justice Department has chosen for the first time to indict individuals under the CPSA’s “failure to report” provisions.  Although the merits of the case have yet to be decided, chief compliance officers at companies that manufacture, import, distribute, or retail consumer products should use this case to remind company executives (including officers and directors) and employees, as well as outside agents, of their companies’ obligations to comply with the CPSA’s reporting requirements.  Because the lack of prior criminal enforcement of those requirements may have made some companies less than attentive to them, corporate compliance teams should also review the elements of their CPSA compliance program, to ensure that processes are in place to identify situations that may require CPSA reporting and that employees will follow those processes to prepare and submit such reports promptly as appropriate.

On March 31, The Times published an extensive article on a United Kingdom criminal network that reportedly obtained an estimated £8 billion from value-added tax (VAT) and benefit fraud, as well as additional money from mortgage and credit card fraud, and allegedly sent £80 million, to al-Qaeda in Pakistan and Afghanistan.

The article, based on leaked police and intelligence files, said that the network – consisting of British Asians based in London, Buckinghamshire, Birmingham, northwest England, and Scotland – conducted the VAT and benefit frauds over more than two decades.  It also reported that the network, which has ties with to the July 7, 2005 terrorist suicide bombings in London — sent 1 percent of its income, approximately £80m, to al-Qaeda, where it funded madrasahs, training camps, and other terrorist activities in Pakistan and Afghanistan.

HM Revenue & Customs (HMRC) and the United Kingdom Special Branch first learned in 1995 from an informant that members of the network “were engaged in mortgage fraud with the help of corrupt banking agents and mortgage brokers.  The informant reportedly said that “Asian customers are coming in with carrier bags full of cash on a regular basis,” and asserted “that the money was placed in bank accounts under false names before being ‘sent out of the country by an Asian solicitor for terrorist or drugs purposes’.”

The investigation ultimately concluded that the network “was using a network of factories and companies and exploiting their workers for identity and benefit frauds, the sale of counterfeit goods, car crash scams and mortgage and credit card frauds.”  HMRC investors learned that the network “used ‘hijacked or altered national insurance numbers to create false records’ and exploited ‘illegal immigrant labour’ before laundering the cash ‘through bogus offshore companies’.”

The Times also reported that it was unable to reveal the identities of certain specific network members because of court orders dating back nearly 10 years.  While certain members of the network were defendants in a series of related trials on charges that included fraud and money laundering, judicially imposed reporting restrictions at the start of the first trial “prevent the identification of any of the gang because several kingpins fled the UK before they could be arrested. . . . The Crown Prosecution Service (CPS) continues to insist that nothing can be reported until the masterminds have been returned to the UK to face trial.”

One network member who could be identified was Afra Syab Ilyas.  Ilyas, an accountant in England, reportedly left for Afghanistan in the late 1990s to fight for the Taliban, and was killed in an artillery shelling near Kabul.  Laptops that Central Intelligence Agency and MI6 officers found in Afghanistan after the 2001 9/11 terrorist attack later established that Ilyas was a part of the network in the United Kingdom and “a key source of funding” that flowed to al-Qaeda before 9/11.

Another identified connection to the network was Shehzad Tanweer, one of the terrorists involved in the July 7 London bombings.  Although HMRC intelligence officers found that link at least two years before the attack, “senior HMRC officials declined to use the intelligence to mount prosecutions and take the gang out of operation until after the bombings.”

Note: Chief Compliance Officers and their financial crimes teams should review this article, as well as a related Times article describing the types of criminal activity in which the network engaged, for the details it provides about documented relationships between organized criminal networks and terrorist financing.  This information should also be included in internal briefings and training of executives and employees as a prominent examples of the linkages between, fraud, money laundering, and terrorist financing.

In a March 26 article in Les Echos, Clara Le Stum reported on the general absence of exposure to new technologies, such as artificial intelligence (AI) and blockchain,  in French legal studies.   As Professor Bruno Dondero of the Sorbonne Law School/Paris 1 stated, “It is remarkable that when I ask an amphitheater of 300 third-year students who has previously heard the term “legaltech” . . . only one student raises their hand.”

Although legal professionals agree that legal technologies are too little discussed in French law schools, Le Stum noted that “justice is moving fast towards digital technology and the new technologies strongly impact the uses, the practice, and the professions of the law.”  She rightly recognized that law students must be sensitized to technological developments “without becoming computer experts.”  Professor Dondero’s approach is “to make as many references as possible to new technologies in his classes. In his words, “Teachers and students have a duty to be vigilant about what becomes possible with new technologies.”

Another approach that Le Stum highlights is the “LAB,” a project of the Paris School of Law (EFB) that offers “a mandatory module for all new promotions to make them aware of the digital transformation of their profession.”  As Alexis Deborde, LAB’s pedagogical manager, explained, “We help future lawyers to adopt digital tools so that they are better and more productive, we put them back in the 21st century.” But Deborde also recognizes that “it is only at the end of their law studies, when they are about to be a lawyer, that they are given keys to practice in another way.”

In general, American law schools appear more attuned to the need to integrate information about new technologies into their curricula.  For example, at the law school where I teach, Georgetown University Law Center, the curriculum for J.D. students addresses AI in multiple courses on the law of AI and robotics, and addresses blockchain in multiple courses about derivatives law and regulation, technology policy, and FinTech law.  Georgetown is hardly alone in that respect.  Duke Law School, for example, not only has several courses on AI on the law and a Law & Policy Lab on blockchain, but a university-wide Blockchain Lab in which students, professors, and professional participate.

In one branch of the curriculum, however, law schools everywhere need to ensure that law students are introduced to new technologies.  That branch is courses and seminars dedicated to corporate-compliance issues.  Many courses that focus on key areas of compliance, such as anti-money laundering, bribery and corruption, and sanctions, are taught by practitioners who provide excellent coverage of the legal, policy, and ethical issues associated with those areas.  But they often do not do enough to inform students about the roles that new technologies play in corporate compliance, or to sensitize them to the ethical and compliance issues that those technologies can pose.

Once they graduate, many students will enter private law firms or consulting firms, in which they may soon be called on to assist in representing corporate clients with serious compliance issues.  To function effectively as lawyers in those environments, they must know how AI and other digital systems need to be designed and operate to meet compliance, legal, and ethical obligations.

For that reason, law schools here and abroad should review their compliance-related courses and seminars, and prevail on professors teaching those courses to include specific information about new technologies in those courses.  At law schools such as American, Columbia, Harvard, and Stanford, law students are already demonstrating the keenness of their interest in new technologies by forming student associations dedicated to AI, blockchain, FinTech, and legal technology, and by supporting law school websites dedicated to such topics.  The earlier in their law school careers that law students can integrate legal, ethical, and technological knowledge and understand the real-world implications of that collective knowledge, the better equipped they will be as lawyers to meet the increasingly complex needs of their clients.

Since February, leading Swedish bank Swedbank has experienced a spate of adverse media coverage relating to the Danske Bank money-laundering scandal.  That coverage built gradually, then surged with particular intensity in the past week, culminating in today’s firing of Swedbank’s Chief Executive Officer, Birgitte Bonnesen:

February: Swedish Television (SVT) reported that “50 of Swedbank’s customers that show several risk indicators of suspected money laundering have funneled a total” of US$5.8 billion through Swedbank.

March 22: Swedbank released the results of a third-party audit, which it had quickly commissioned after the February SVT reporting. The heavily redacted audit report said that Swedbank “has cut ties with an undisclosed number of customers who are at the center of money-laundering allegations” against the bank.  Swedbank executives told the Wall Street Journal that the report “shows that the bank has taken the necessary steps to sever relationships with customers deemed suspicious by its internal monitoring systems.”

The immediate public reaction to the audit was highly unfavorable.  Investors, government ministers and money laundering experts all criticized the audit report “as insufficient and damaging to confidence in the Swedish lender’s board and management.”  The Financial Times reported that “most of the key findings such as how many of the Danske clients were also customers of Swedbank were redacted, leaving investors none the wiser as to how grave the potential money laundering problems at the bank are.”

March 26: The Financial Times reported that according to updated SVT reporting, approximately €135 billion of money flowed “through a Swedbank unit dealing mostly with Russian clients in Estonia over a 10-year period, according to an internal report seen by Swedish public TV.” (FT noted that the €135 billion figure “refers to the gross transactions by the customers — mostly Russians — and not to suspicious money flows.”)

The draft report, by a former deputy chief of Norway’s economic crime authority, referred to “[m]ajor breaches of AML (anti-money laundering) obligations identified in Swedbank Estonia,” and “identified a number of failings including accepting customers posing a high risk of money laundering ‘despite the lack of information regarding beneficial owners, corporate structure, source of funds and the real nature and purpose of the business relationship’.”  It also concluded that ““A significant number of the HRNR (high-risk, non-resident) customers should never have been onboarded.”

SVT also reported that in 2016, “Swedbank’s top management withheld information from American investigators about suspicious customers and transactions. In addition, bank transactions show that Donald Trump’s former campaign chairman Paul Manafort received nearly one million dollars in black money through Swedbank.”  When SVT confronted her with the information, Bonnesen reportedly replied, “It sounds incredibly strange that we would have had any intention of covering things up.  That is not at all consistent with the way we work, or how we’ve done things throughout the years.”

In response to the FT/SVT story, Swedbank stated that it “had made the report ‘available’ to regulators” and to consulting firm Forensic Risk Alliance, which was conducting a review of some of Swedbank’s anti-money laundering efforts.  It also said that it “was continuing to conduct a deeper analysis of the information and working with external partners and authorities in investigating the money laundering allegations.”

Swedbank’s response evidently satisfied no one.  For example, Swedish pension fund management firm Alecta, which holds a stake of approximately 5 percent in Swedbank, said that “it was not satisfied with the board’s handling of the money-laundering investigation and called on it to increase transparency as soon as possible.” In addition, in advance of Swedbank’s annual general meeting, Alecta and another pension-fund manager, AMF, issued statements ahead of Swedbank’s annual general meeting on 28 March, “calling for significant changes to the board” in the wake of the money laundering scandal.

March 27: The Swedish Economic Crime Authority conducted a search of Swedbank’s Stockholm headquarters, amid reports that U.S. authorities are now investigating Swedbank.

March 28: Swedbank announced that its Board had fired Bonnesen because of concerns over the continued money-laundering allegations.

Note:  In its report on Bonnesen’s firing, The Economist puckishly asked: “One for Wallander [the fictional Swedish detective]?”  Scrutiny of Swedbank’s actions during the past month will not require exceptional detective skills to determine that Swedbank and its senior management poorly handled its response to the initial SVT reporting.

The underlying suspected criminal money-laundering, on the other hand, will require sustained and patient investigation.  If they have not already done so, the U.S. Department of Justice and the Securities and Exchange Commission, as well as European regulators, are likely to expand their investigations of Danske Bank to include Swedbank.  Swedbank, under a new CEO, will need quickly to demonstrate its commitment to full-blown cooperation with authorities and to prompt and thorough remediation.