Money laundering doesn’t pay (for banks)

Swedish tv station SVT has investigated suspected money laundering by Russian and Ukranian customers of Swedbank. Oligarchs used accounts at Swedbank’s Estonian branch to move money offshore. The documentary is available online in English: part 1 and part 2.

At the end of part 2, Daria Kaleniuk, executive director of the Anti-Corruption Action Center in Kiev is asked “why do you think they [i.e., the bank] let this happen?”. Ms. Kaleniuk replies “because it’s profitable!”.

However, I’m not convinced that is true. Payments are a low-margin activity that expose banks to a lot of downside risk. Violating anti-money laundering (AML) rules have cost banks hundreds of millions of dollars in recent years.

In my opinion, criminals succeed in money laundering because compliance with AML regulation was (is?) not a priority for top executives.1 A lack of funding and management attention for compliance leads to a mentality of “just check the boxes, so it looks like we did what we had to do”.

Stronger enforcement, including higher fines and other sanctions, might change that situation.

Birgitte from Lehman Sisters

[A] higher share of women on the boards of banks […] is associated with greater stability. As I have said many times, if it had been Lehman Sisters rather than Lehman Brothers, the world might well look a lot different today. – Christine Lagarde, Managing Director of the International Monetary Fund

In today’s finance & crime news:

“Swedbank AB has fired its chief executive officer, Birgitte Bonnesen, amid allegations the bank was used to launder billions of dollars in Russian money on her watch.” – Bloomberg

For your information, five of the eleven members of Swedbank’s Board of Directors are women.

A decade after Lehman fell: the best articles

A selection of the best articles I’ve read on the 10th anniversary of September 15, 2008.

Can we survive the next financial crisis?

Why claims that the 2008 bailout was a “success” should make you angry

Crisis firefighters still uninterested in fire prevention

The broken conversation about financial regulation

10 jaar bankencrisis (in Dutch)

The most devastating cyberattack in history

Wired has a great article (warning: long but worth your time) on last year’s cyberattack. It started as part of the Russian cyberwar against Ukraine. Almost immediately, companies around the world became collateral damage. Andy Greenberg’s Wired story highlights the impact on shipping giant Maersk.

Just to illustrate the vulnerability of IT systems:

Maersk’s 150 or so domain controllers were programmed to sync their data with one another, so that, in theory, any of them could function as a backup for all the others. But that decentralized backup strategy hadn’t accounted for one scenario: where every domain controller is wiped simultaneously. “If we can’t recover our domain controllers,” a Maersk IT staffer remembers thinking, “we can’t recover anything.”

The total damage caused by the attack has been estimated at $10 billion…

How Europe’s financial regulation is made

CRD IV, EMIR, MiFID, Solvency II… Financial risk managers in Europe deal with these regulations every day. But where do they come from?

In his brief article It’s hard to love the European Union when you see it up close, Owen Sanderson describes the EU’s legislative process. It’s not a pretty sight.

Highly recommended if you’re into risk management and/or politics!