Germany’s financial markets watchdog (BaFin) ordered the fintech N26 Bank on Wednesday to step up controls to ensure it is better protected against money laundering.
In March the online bank, launched in 2013, made negative headlines when German newspapers reported that a customer’s account had been hacked and emptied of 80,000 euros ($89,000).
The episode drew the attention of BaFin, amid wider criticism that N26 – which has secured more than $500 million in backing from investors including Tencent Holdings and Allianz – had neglected security and compliance in its dash for growth.
On Wednesday, BaFin said N26 must take measures including reidentifying some existing customers, catching up on a backlog of IT monitoring and documenting workflows.
“Furthermore N26 Bank GmbH has to ensure the existence of … adequate personnel and technical-organisational equipment in order to comply with its obligations under money laundering law,” BaFin said in a statement.
N26 said that it took the matter seriously and was working with BaFin to implement the measures.
The bank, which plans to launch in the United States, is a leading player on the Berlin fintech scene.
After the March incident, media quoted the customer as saying that he tried to call N26’s service hotline but nobody picked up the phone and he was unable to get any help on its chat line.
N26, which has more than 2.5 million customers, declined to comment on specific cases at the time but warned against fraud by phishing.
“We have also massively expanded our anti-money laundering and financial crime team and this team will continue to grow in the future,” the bank said in a statement on Wednesday.
N26 said it will have completed processing all pending transactions identified as unusual or irregular by the end of next week.