A penalty of £4.2m has been imposed on EFG Private Bank Ltd because of its serious failures, over more than three years, to take reasonable care to establish and maintain effective anti-money laundering controls for high risk customers.
EFG provides private banking and wealth management services to high net worth individuals, a large proportion of whom reside in overseas jurisdictions, including countries recognised as posing an abnormally high risk of money laundering to the Firms/institutions dealing with their citizens. In January 2011, the FSA visited EFG as part of a thematic review of firms facing a higher money laundering threat. The FSA says that what it found at EFG gave it serious cause for concern in terms of compliance with the Money Laundering Regulations 2007 ("the 2007 Regulations") and FSA Handbook. In summary, the FSA's concern was that there was a systemic failure to properly document compliance with the Firm's (generally compliant) anti-money laundering procedures. By way of examples:
- In 17 out of 36 sample customer files reviewed by the FSA, EFG's own processes had revealed adverse information about the customer, including allegations of fraud and corruption. However, there was no evidence to demonstrate how EFG had sought to mitigate the money-laundering risk posed.
- EFG's processes revealed that criminal allegations had been made against 13 of those 17 customers. Whilst EFG had concluded in each case that the allegations were unfounded or politically motivated and on that basis had taken on the relevant customer, there was no documented trail as to how that view had been reached.
- In addition to failures at the "take on" stage, EFG failed properly to monitor client relationships or to apply enhanced monitoring of certain higher risk customers (as required by the 2007 Regulations).
The FSA found that the failures of EFG constituted a negligent breach of Principle 3 of the FSA Principles for Businesses (a firm must organise its affairs responsibly and with adequate risk management systems). In addition, it found breaches of SYSC 6.1.1R and SYSC 6.3.1R, which relate to devising and implementing anti-money laundering and financial crime procedures.
There is perhaps not a great deal new to take from the EFG Final Notice. At the least, it reinforces a continued commitment to tackle money laundering failings (see Enforcement Watch 5 "AML enforcement cases on the agenda"). It also reinforces that many enforcement cases come out of thematic reviews. With the arrival of the new regulator and its new approach towards early protection, it is a trend that we consider will increase.
In terms of the £4.2m penalty, as most of the misconduct occurred before the introduction of the new penalty regime, there is little transparency on just how the figure was arrived at. However, it seems likely that the need for a "deterrent effect" was to the fore.
In addition to the legal provisions in the Handbook and the 2007 Regulations, firms handling customers' money should ensure they are familiar with the FSA's guide to preventing financial crime introduced in 2011, which includes guidance on dealings with high risk and PEP customers. Firms that accept business from high risk customers must have systems, controls and practices to manage the associated risk. The perhaps somewhat obvious lesson from this case is that those systems and controls must also be properly implemented on the ground.
We stated in Enforcement Watch 7 that there appeared to be other money laundering cases going through the system. It is notable that last year the FSA fined Coutts the sum of £8.75m and Habib Bank AG Zurich £525,000 for similar shortcomings (see Enforcement Watch 7: "Coutts and Habib substantial fines for anti-money laundering failings"). Like Coutts and Habib, EFG cooperated and settled with the FSA at an early stage of the investigation.