Malta-based bank fined €5m over AML and terrorism breaches

Malta's Financial Intelligence Analysis Unit (FIAU) has fined Pilatus Bank just shy of €5m (€4,975,500) in relation to breaches in legal obligations over anit-money laundering and terrorism rules. 

The unit's committee said in a report issued on 31 August that "the Bank has exposed itself, and the Maltese jurisdiction to egregious ML risks that were not being mitigated in any manner.

The Bank's total disregard towards necessary AML/CFT safeguards, led to it allowing millions to pass through the Maltese economy without any consideration of possible money laundering taking place."

The FIAU said that for all the files sampled for review, "the Bank did not obtain the necessary information and documentation to understand the purpose and intended nature of the business relation and to build a comprehensive customer business and risk profile".

Despite the Bank having adopted a form to obtain the information necessary to establish the purpose and intended nature of the business relationship, it was observed that the Bank did not implement effective measures to ensure that it had a clear and unequivocal understanding as to the purpose and intended nature of the business relationships it was establishing with its customers.

Indeed, the compliance review revealed how the Bank's measures for obtaining information on the activities of the customers, their source of wealth and expected source of funds and estimated account activity were overall lacking.

The Bank relied heavily on generic information provided by its customers, which was not evenconsidered to be sufficient to establish the customer profile for normal risk customers. Indeed, while the Bank held information on the purpose why customers opened accounts with it, such as to hold, manage and invest the wealth of their beneficial owners, it did not substantiate this with more detailed information and documentary evidence.

In other instances, the Bank obtained CVs of customers and BOs without considering that these were not a reliable nor independent source of information.

In other instances, the Bank held information on the customer's operations and expected turnover that were exceptionally high in value, without obtaining documentary evidence to substantiate the same.

Indeed, documentary evidence was found by the Committee to be indispensable for the Bank. This in view of the type of customers it was onboarding: PEP customers, high net worth customers and in view that the companies it was onboarding were at times dealing in high-risk jurisdictions and projecting to transact millions of Euro annually.

The Committee also observed that the Bank was heavily relying on visits Bank officials carried out at the customer's premises, this to build an understanding of the customer's operations and risk profile.

The Committee did observe that while customer visits are a good initiative to get to know thecustomer better, such visits are far from being considered as sufficient in particular to manage the heightened risk the Bank was exposed to from the customers it was onboarding and to meet its EDD obligations triggered by such high-risk situations.

In its concluding remarks the Committee said that it had identifiedvery serious and systemic concerns with respect to the Bank's ability to implement measures aimed at satisfying its AML/CFT legal obligations and in safeguarding its operations and the jurisdictions from possible ML/FT threats.

Such robust measures, including the need to carry out enhanced due dligence measures, were indispensable for the Bank as it held banking relationships with PEPs and high net worth individuals, and was exposed to a series of other high risk factors such as high risk jurisdictions, complex corporate structures, complex transactions, transactions of extreme high value, money movements atypical of any business or trade and an unusual high number of loans for significant amounts between Bank customers, third parties or the Bank itself.

Of particular concern for the Committee was the Bank's lax approach towards both its due diligence and enhanced due diligence obligations albeit being established to purely provide banking services to high-risk customers. It must be remarked that the Committee could not in any way ignore the Bank's

direct or indirect exposure to a series of connections with figures from the Caucasus region considered to present extreme risks of money laundering.

The Committee also acceded to the concerns raised in the FIAU Supervisory Examination Report that the Bank's dependence on these connections for its

viability made it impossible for the Bank to ever take concrete action actions in respect of any transaction, activity or relationship deemed to be suspicious and to report the same to the FIAU.

The Committee ascertained that the Bank's systemic failures in the implementation of AML/CFT controls, measures and processes has greatly exacerbated the risks of its being used and abused by money launderers to process illicit proceeds through the Bank.

The seriousness and systemic nature of the failures determined following the supervisory examination on the Bank, exacerbated by the considerations set out hereabove has led the Committee to impose the €4,975,500 penalty.