Well what a week!
DISCLOSURE: I have had some contact from Howard Wilkinson (the Danske Bank whistle-blower) although I am not going to reveal how or any of the details, other than to say that he has been very supportive of my efforts to shine a light on these extraordinary events.
So what has emerged that we were not hitherto aware of prior to these hearings?
Mr Wilkinson’s appearance at both the Danish Parliamentary and European Parliamentary hearings has added a fair bit of intrigue to the story and done nothing to improve the standing of Danske Bank, the Danish FSA or the correspondent banks who cleared on Danske’s behalf.
Just about the only organisation to emerge with any credit (at least from Mr Wilkinson’s point of view) was the post 2014 Estonian regulator which appears to have acquired both expertise and teeth at that point in time.
So what were the headlines?
- Mr Wilkinson was subjected to a stringent Non-Disclosure Agreement which he was pretty much obliged to sign if he was going to walk away with any money in his pockets (and he had a wife and family to worry about so who can blame him). He was also told to his face, by a senior manager, that the money laundering problem would be sorted
- Even though Danske has provided him with a limited release from some of the terms (he can now publish relevant extracts) he is still to some degree constrained by the NDA and by broader GDPR legislation from naming banks and other entities outside of Danske itself (even when everyone knows who he is talking about – more on that later). There are also elements that he is aware of from his time at the bank that he still cannot reveal. Hopefully more will follow.
- He worked harder than previously understood to bring these matters to senior managers’ attention only to be told by one that “I don’t care in the slightest what happens in Estonia, my job is to protect Danske Bank”.
As an aside, whenever I talk to senior management about difficult decisions I always use as my yardstick “Would you defend what you are about to say in public, in front of regulatory or legal enforcement officers?” and if the answer is remotely close to “I wouldn’t want to do that” it’s the wrong decision.
- There’s an email in which Danske says that “The FSA has helped the bank in a critical situation. They are now very worried…” – I’ve got to be honest, I can’t imagine the FCA here in the UK ever writing that in an email
- Of the three banks responsible for clearing all this money, one (the US branch of a European Bank) was by far the major clearer accounting for an estimated 75% ($150bn) of the total flow.
Let’s look at that in a bit more detail.
At both the Danish and European hearings, Mr Wilkinson went out of his way to point out the role of the correspondents in the story.
Although he didn’t name them it is well known that they are J P Morgan, Bank of America and Deutsche Bank. Of the three, Deutsche Bank (or, as he refers to them, the US subsidiary of a large European Bank, probably fare worst.
He identifies them as an existing clearer back in 2007/08 when it all started and last to leave at the end of 2015.
To be fair to Deutsche Bank, they have put out a statement minimising their involvement but, to be honest, it is a little bizarre and I’m not sure it entirely withstands more detailed scrutiny.
In an article by Reuters (https://www.reuters.com/article/us-danske-bank-moneylaundering/danske-money-laundering-whistleblower-labels-uk-structures-a-disgrace-idUSKCN1NQ0LK) Sylvie Matherat (Chief Regulatory Officer) is quoted as saying “the [..] bank had acted once it noticed suspicious transactions”, but declined to comment on the volume of payments. And again in BusinessDay (https://www.businesslive.co.za/bd/companies/2018-11-21-deutsche-bank-plays-down-role-in-danske-bank-scandal/) that the bank only had a “limited role” as a correspondent and that it was “in the second line, not in charge of checking the clients”.
It said that “controls are limited because you don’t have access to their client base” and that “On our side, we look at the transactions coming from that [client] bank and when you fear something is wrong you must file a ‘suspicious’ report. That’s what we do.” Matherat also added “Deutsche carries out transactions amounting to “between 450-billion and 500-billion [worldwide] in terms of dollars only” each day, contrasting that figure with the $150bn of suspicious transactions over eight years at Danske.”
But let’s look at that in a bit more detail.
In an article by Der Spiegel (http://www.spiegel.de/wirtschaft/deutsche-bank-und-danske-bank-geldwaescheskandal-weitet-sich-aus-a-1240106.html) “their risk systems have repeatedly sounded the alarm when British letterbox companies(i.e. shell companies) attempt to transfer money from Danske to Deutsche Bank accounts. According to the Organised Crime and Corruption Reporting Project, the Azerbaijani regime around President Ilkham Aliyev has been using mailbox companies like LCM and Hilux to launder money and influence Western politicians.”
In his evidence, Mr Wilkinson made clear that there were numerous UK LLPs, all operating out of 175 Darkes Lane, Potters Bar that were sending and receiving payments between each other in a manner which is highly indicative of the layering process. And, presumably, this is what was being picked up on. It is clear that the underlying payment files carried detailed of the sending and receiving entities accounts so there was an opportunity to be far more assertive about the underlying nature of these payments.
I know from having reviewed some of the Danske Estonia bank statements from back in 2008/09 that, even then, there was a huge number of payments moving between different LLPs, again all of which were located at the same address (although at this time it was a rather lovely mansion flat located in Earls Court because… why not?) so this wasn’t something new or different and must have been going on throughout the entirety of the $200bn flow.
One could reasonably ask “If they caught and rejected some, why not more?”
Clearly, at least part of the response is based on the quote relating the total flow out of Estonia over the seven or eight year period of the alleged money laundering (of which around $150bn was attributed to Deutsche Bank clearing) compared to their $450 – $500bn daily total clearing).
Which is all well and good but surely context is also required here. It’s not just how much you clear but the location of the dollars you are clearing.
If you average out $150bn over the seven or so years they cleared for (2008-2015) it equates to roughly $20bn a year which is also, roughly, the average GDP for Estonia during the same period.
Now supposing that Deutsche were providing clearing for a London based foreign bank (in the same way they were for Danske in Talinn). That would mean they would be clearing the equivalent of $2.75tn (trillion) annually. Wouldn’t you expect a correspondent bank to take notice of such a high level of clearing for a foreign bank, especially in a location not exactly noted for its financial services sector.
London is a major global financial player but, even so, I’m sure any bank clearing $2.75tn a year for, let’s say Handelsbanken or ING Bank’s London Branch would think it worthy of investigation.
True, it is only with the arrival of the Fourth Anti-Money Laundering Directive that correspondent banking has acquired stringent mandatory rules but in all my time working in the field, correspondent banking has been appreciated to be much higher risk for exactly the reasons quoted above (lack of a direct relationship with the underlying clients, reliance on the respondent bank’s KYC etc) making it even more important to mine the information you do receive in the payment files to check for suspicious activity.
I think that, hitherto, those checks have related more to the sums involved than the likely veracity of the underlying entities responsible for either paying or receiving the funds but it should now be abundantly clear that if, as in this case, the account is in the name of, say, a UK LLP located in a non-typical location and it is sending or receiving funds from another UK LLP, registered at the same time to the same address and run by the same people, this really ought to trigger an alert.
And, given the comments above around those alerts Deutsche was looking in to, something like that must have been happening. Just not enough to warrant looking much more closely until some time in 2015.
And, just to set this into a more specific historical context, the FCA’s Final Notice in respect of the fine for the Deutsche Bank Mirror Trading scandal notes (Section 2.3) “Deutsche Bank notified the Authority in early 2015 of concerns regarding its AML control framework after it commenced an investigation into a form of suspicious securities trading, referred to in this Notice as “mirror trading”, involving DB Moscow”.
Now call me a cynic but I find it hard to believe that these two events coincidentally happened at around the same time. After all, the FN goes on to add (Section 2.8) “The effect of the mirror trades was to convert Roubles into US Dollars and to transfer more than USD6 billion out of Russia via Deutsche Bank in the UK to overseas bank accounts including in Cyprus, Estonia, and Latvia.”
Deutsche severed its arrangements with FBME Bank of Cyprus in 2014 and ceased clearing on behalf of all Latvian banks in 2017 having already started the process of exiting some of them in 2016.
The BaFin have indicated that they are talking to Deutsche about their role in the Danske Bank activities, which follows on from the appointment of an external “monitor” back in September.
I think it’s clear from Mr Wilkinson’s evidence to both the Danish and European parliaments that this is an area that needs to be looked at much more closely.
The modus operandi of professional money launderers is to target the weakest entry points in the global financial system (and they clearly and correctly believed that Danske Estonia was one of them) and doubtless this will continue.
It is overly optimistic to expect these smaller, regional banks to have the sophisticated systems available to rapidly identify criminal funds and, equally, they are highly unlikely to have the necessary clearing licences to send this money to its ultimate destination. This means that the main global clearing banks will have an increasingly important role to play.
So here are two suggestions:
- Create effective monitoring systems that rapidly identifies critical information with contained in the payment files relating to the underlying entities involved in the transactions. This should include:
- Common “mail box” addresses associated with shell company factories
- Partners, directors or designated members where these are common to a significant number of entities, especially where they are themselves legal entities, the more so if located in a known secrecy environment
- Where available, match the scale of transactions to known company financials (this was the trigger for Mr Wilkinson’s whistle blowing)
- Create a common database of clearing totals (it can be anonymised) at least for all the European clearing banks. This way, anomalous levels of clearing from speicifc locations can be rapidly identified against a calculated “norm” and proactive action taken.
As a footnote, I am ready and willing to take part in any debate, anywhere and with any other interested parties to ensure we realty get to grips with these issues.