Swedish tv station SVT has investigated suspected money laundering by Russian and Ukranian customers of Swedbank. Oligarchs used accounts at Swedbank’s Estonian branch to move money offshore. The documentary is available online in English: part 1 and part 2.
At the end of part 2, Daria Kaleniuk, executive director of the Anti-Corruption Action Center in Kiev is asked “why do you think they [i.e., the bank] let this happen?”. Ms. Kaleniuk replies “because it’s profitable!”.
However, I’m not convinced that is true. Payments are a low-margin activity that expose banks to a lot of downside risk. Violating anti-money laundering (AML) rules have cost banks hundreds of millions of dollars in recent years.
In my opinion, criminals succeed in money laundering because compliance with AML regulation was (is?) not a priority for top executives. A lack of funding and management attention for compliance leads to a mentality of “just check the boxes, so it looks like we did what we had to do”.
Stronger enforcement, including higher fines and other sanctions, might change that situation.
[A] higher share of women on the boards of banks […] is associated with greater stability. As I have said many times, if it had been Lehman Sisters rather than Lehman Brothers, the world might well look a lot different today. – Christine Lagarde, Managing Director of the International Monetary Fund
In today’s finance & crime news:
“Swedbank AB has fired its chief executive officer, Birgitte Bonnesen, amid allegations the bank was used to launder billions of dollars in Russian money on her watch.” – Bloomberg
For your information, five of the eleven members of Swedbank’s Board of Directors are women.
Wired has a great article (warning: long but worth your time) on last year’s cyberattack. It started as part of the Russian cyberwar against Ukraine. Almost immediately, companies around the world became collateral damage. Andy Greenberg’s Wired story highlights the impact on shipping giant Maersk.
Just to illustrate the vulnerability of IT systems:
Maersk’s 150 or so domain controllers were programmed to sync their data with one another, so that, in theory, any of them could function as a backup for all the others. But that decentralized backup strategy hadn’t accounted for one scenario: where every domain controller is wiped simultaneously. “If we can’t recover our domain controllers,” a Maersk IT staffer remembers thinking, “we can’t recover anything.”
The total damage caused by the attack has been estimated at $10 billion…
CRD IV, EMIR, MiFID, Solvency II… Financial risk managers in Europe deal with these regulations every day. But where do they come from?
In his brief article It’s hard to love the European Union when you see it up close, Owen Sanderson describes the EU’s legislative process. It’s not a pretty sight.
Highly recommended if you’re into risk management and/or politics!
When people ask me what I used to do before I became a writer/consultant, I usually tell them that I was a risk manager. That’s also the description I use on the cover of Bankers are people, too. Continue reading “What I used to do”