The UK Financial Conduct Authority (FCA) has fined Santander £107,793,300 for repeated failures to deal with anti-money laundering (AML). Santander’s business banking customers were those most affected by the poor oversight. The high-street bank joins Standard Chartered Bank, HSBC, and Natwest as all have been fined over £50million for poor AML.
Between 31 December 2012 and 18 October 2017, Santander failed to properly oversee and manage its AML systems. This significantly impacted the account oversight of more than 560,000 business customers, and led to the bank being fined.
Santander had ineffective systems to adequately verify the information provided by customers about the business they would be doing. The firm also failed to properly monitor the money customers had told them would be going through their accounts compared with what actually was being deposited.
Mark Steward, executive director of enforcement and market oversight at the FCA, said:
“Santander’s poor management of their anti-money laundering systems and their inadequate attempts to address the problems created a prolonged and severe risk of money laundering and financial crime.
“As part of our commitment to prevent and reduce financial crime, we continue to take action against firms which fail to operate proper anti-money laundering controls.”
Failing to properly manage accounts
In one case, a new customer opened an account as a small translations business with expected monthly deposits of £5,000. Within six months it was receiving millions in deposits, and swiftly transferring the money to separate accounts.
Although the account was recommended for closure by the bank’s own AML team in March 2014, poor processes and structures meant that this was not acted upon until September 2015. As a result, the customer continued to receive and transfer millions of pounds through its account.
Santander agreed to a request from law enforcement to keep the account open in September 2015. However, it failed to keep track of this request. The account remained open until the FCA wrote to Santander in December 2016.
The FCA identified several other Business Banking accounts that Santander failed to manage correctly, leaving the bank open to serious money laundering risk. There were also examples of the bank failing to promptly deal with ‘red flags’ associated with suspicious activity, such as automated monitoring alerts.
“Financial crime depends on access to legitimate but unwitting financial services – which is why having authoritative, automated and real-time know your customer (KYC) data is so vital.” – Ian Henderson
These failures led to more than £298million passing through the bank before it closed the accounts.
Santander knew that there were significant weaknesses in its AML systems and controls. It began a programme of improvements in 2013 – resulting in some success. However, Santander concluded that the changes did not adequately address the underlying weaknesses. In 2017, it decided to implement a comprehensive restructuring of its processes and systems. Santander UK continues to invest in its ongoing transformation and remediation programme.
Santander has not disputed the FCA’s findings and agreed to settle. This means it has qualified for a 30 per cent discount. Without the discount, the financial penalty would have been £153,990,400.
As part of its role to protect consumers and the market, the regulator has repeatedly stepped in and penalised firms for poor management of their AML systems. For example, it has fined Standard Chartered Bank £102.2million, HSBC Bank plc £63.9million, and its investigation led to NatWest being fined £264.8million.
Significance of the fine
Ian Henderson, CEO, Kyckr, responded to the news by saying:
“The £108million fine by the FCA against Santander for its ‘ineffective’ anti-money laundering systems underlines the high stakes and complexities of verifying customers at scale. Financial crime depends on access to legitimate but unwitting financial services – which is why having authoritative, automated and real-time know your customer (KYC) data is so vital.
“All banks and financial organisations have built substantial teams working in financial crime prevention and anti-money laundering. In a world where financial crime is becoming ever more sophisticated, manpower alone is not enough to protect businesses from money-laundering risk and regulatory fines.
“Banks and financial services must get smarter and deploy KYC systems that can uncover the true nature of every customer and supplier at scale and at speed to improve the efficiency and effectiveness of their protections.
“This FCA fine comes at an interesting time. Right now, banks and other regulated businesses are in between a rock and a hard place. Especially following last month’s European Court of Justice’s preliminary ruling to protect the identities of EU Ultimate Business Owners. The dust on this ruling hasn’t settled yet but one thing is already clear – the financial services industry will be even more reliant on robust technology solutions, both to protect against the escalating threat of financial crime and to make better business decisions.”