The global financial crisis in 2008 rolled out the red carpet for anti-money laundering (AML) fines, with one report estimating that total penalties have surpassed $56 billion to date.
Over $4 billion in fines were issued in 2022 alone — with three quarters of that coming from the U.S.
The recent increase in enforcement shouldn’t come as a surprise, given the passage of the AMLA (Anti-Money Laundering Act of 2020). It’s the most significant anti-money laundering legislation passed by Congress in decades, a signal that authorities are focused on financial crimes.
In this article, we look at where those AML fines came from, the most common AML violations, and how you can protect your organization from money laundering.
AML fines in 2022 by sector
In 2022, global fines for money laundering and financial crime increased by more than 50%, with organizations across all sectors found lacking when it comes to proper preventative protocols.
The sectors that faced the most AML fines in 2022 were:
- Trading and brokerage: $6 billion
- Banking: $2 billion
- Gambling: $71.4 million
- Cryptocurrency: $30 million
- Asset management: $2 million
Which AML violations levy the biggest penalties?
Countries and regions have unique AML laws and thus different penalties for violations.
The U.S. alone has several different legislations governing financial crime, including the AMLA, the Bank Secrecy Act, the Money Laundering Control Act, and the USA PATRIOT Act.
Typically, non-compliance results in fines, sometimes substantial ones, and even sanctions or imprisonment.
However, severe punishment is usually reserved for malicious or egregious compliance failures. This occurs if organizations knowingly launder money, cover up offenses, or fail to implement basic security measures.
These security measures include:
Source of funds checks
Organizations must make appropriate efforts to ensure that a customer has acquired the funds legitimately to complete a transaction.
They can do this with source of funds checks, which review customers’ financial history to identify suspicious activity.
The process works congruently with wealth checks – which analyze money accumulated over a clients’ lifetime – to ensure that the customer has obtained funds legally.
Customer due diligence
Organizations are expected to perform ongoing due diligence checks to verify customers’ identities and spot fraudulent activity.
This requirement is outlined in the Customer Due Diligence (CDD) Rule issued by the FinCEN (Financial Crimes Enforcement Network), which states that covered financial institutions must “identify and verify the identity of the natural persons (known as beneficial owners) of legal entity customers who own, control, and profit from companies when those companies open accounts.”
Politically exposed persons background check
The definition of a politically exposed person (PEP) varies slightly by jurisdiction and is generally described as someone in a public, high-ranking position of power and influence.
Such individuals pose a greater risk of financial crime, such as corruption, bribery, or money laundering.
Organizations are expected to conduct background checks to determine if existing or prospective customers — and their related parties — are PEPs.
These checks form part of the due diligence process under Know Your Customer (KYC) and AML frameworks.
Examples of recent AML fines
Of the $4 billion in AML penalties issued in 2022, $2.5 billion came from three high-profile compliance failures.
1. Danske Bank
In December 2022, Danske Bank forfeited $2.06 billion after its improper AML measures resulted in fraudulent transactions.
The U.S. Department of Justice, which investigated Danske’s practices, found that the bank had defrauded partners in the U.S. about Danske Bank Estonia customers who lived outside the country, including in neighboring Russia.
Danske was charged with having insufficient AML systems, inadequate transaction monitoring capabilities, and high-risk customers.
These oversights resulted in “highly suspicious and potentially criminal transactions” taking place via U.S. banks, through which Danske processed more than $160 billion on behalf of non-residents between 2008 and 2016.
2. Credit Suisse
In October 2022, Credit Suisse agreed to pay €238 million ($234 million) to settle a tax fraud and money laundering case that began in France.
The settlement concerned an alleged scheme in which Credit Suisse helped clients avoid declaring certain assets to the French government.
Prosecutors said that the practice occurred between 2005 and 2012, and caused more than €100 million ($106 million) in “fiscal damage.”
The settlement fee covers compensation for the financial damage plus lost tax revenue for the French government.
3. Santander UK
In December 2022, the UK’s FCA (Financial Conduct Authority) fined Santander UK £107.7 million ($132 million) for repeated anti-money laundering compliance failures.
These include “ineffective systems for verifying the information provided by customers about the business they would be doing” and improper monitoring of transactions.
The FCA also highlighted Santander’s failure “to properly monitor the initial amount declared by the customers with the actual turnover of the client.”
Mark Steward, the executive director of enforcement and market oversight at the FCA, said that Santander’s practices “created a prolonged and severe risk of money laundering and financial crime.”
How to avoid AML fines
As regulations continue to change in reaction to the environment, there are ways you can protect your fintech from money laundering to meet today’s AML compliance requirements as well as prepare for future regulations.
Persona’s identity infrastructure provides a flexible and simple system to:
- Monitor transactions and flag suspicious transaction patterns through Graph
- Automate filing suspicious activity reports (such as cash transactions exceeding $10,000, as mandated by U.S. law) through Workflows and Cases
- Generate alerts with Reports when sanctioned individuals and organizations are added to watchlists and other reports
- Collect and verify information about users through Verifications and Dynamic Flow