The Financial Conduct Authority (FCA) announced on 17 June 2020 that it has fined Commerzbank an enormous £37,805,400 - reduced from a potential £54,007,800 due to Commerzbank’s cooperation with the FCA’s investigation - for the bank’s anti-money laundering (AML) failures.
Those failures resulted in a breach of Principle 3 of the FCA’s Principles for Businesses (Principle 3: A firm must take reasonable care to organise and control its affairs responsibly and effectively, with adequate risk management systems). By imposing such a hefty penalty, the FCA has once again emphasised to UK firms the importance of ensuring effective AML risk control frameworks and adhering to applicable AML regulations.
During the five-year period beginning 23 October 2012 and ending 29 September 2017, the FCA identified the following weaknesses in Commerzbank’s AML systems and controls:
Despite concerns being raised by the FCA on several occasions, Commerzbank had failed to take the steps necessary in order to remedy those failures.
As a result, the FCA decided that Commerzbank did not have adequate risk management systems in place during this five-year period.
As substantial as this fine is, it has not been Commerzbank’s only consequence flowing from its AML failures. In May 2017, the FCA required Commerzbank to appoint a ‘skilled person’ under s166 of the Financial Services and Markets Act 2000 to review and report on the bank’s remediation project relating to its financial crime controls.
After this investigation was conducted, Commerzbank entered into a voluntary undertaking to maintain certain ‘business restrictions’ starting September 2017, which include suspension of the following activities:
Despite Commerzbank’s request for the restrictions to be gradually lifted, nearly three years later they remain in place - and the FCA does not appear in a hurry to lift them completely.
Regulated financial services firms are subject to strict statutory and regulatory obligations to take appropriate measures to ensure they do not facilitate crime. There is substantial evidence that global efforts to prevent the financing of terrorism and crime has had material impact worldwide. Whilst there is nothing in the FCA’s final notice (or elsewhere) to suggest that Commerzbank’s failures assisted the financing of terrorism and crime, nonetheless these are obligations that every financial institution must take seriously and maintain effective systems to safeguard against.
It is clear, not only by the large financial penalty but also by the business restrictions imposed upon Commerzbank, that the FCA believes it is of utmost importance that firms have sufficient AML procedures and adequate documentation in respect of these procedures for all employees to understand and implement.
The FCA noted that, “Commerzbank’s failures…created a significant risk that financial and other crime might be undetected,” warning that “the risk alone” of allowing such criminal activity to take place and remain undetected is sufficiently serious and deserving of such great penalties. The FCA went on to strongly advise firms to “recognise that AML controls are vitally important to the integrity of the UK financial system.”
Crucially, firms should take heed of the AML failures seen in the case of Commerzbank and safeguard against the existence of such shortcomings in their own institutions by ensuring that all AML procedures and documentation are of an effective and high standard. After all, prevention is undoubtedly the best cure.
This article has been co-written with Iris Bajraktari, a trainee solicitor in the banking and finance team.