A Malta-based online bank has been fined €359,339 for a series of anti-money laundering breaches concerning clients involved in passport sales, cryptocurrency and with potential links to organised crime.
The Financial Intelligence Analysis Unit said on Friday that it had issued the administrative penalty against Sliema-based [email protected] plc, after an inspection revealed a number of serious shortcomings.
Some of the bank’s customers had previously been arrested for forgery, the FIAU said, while others had been linked and investigated for connections with organised crime.
Despite this, the bank had failed to perform adequate enhanced monitoring and checks.
In a statement, [email protected] accused the FIAU of releasing information about the sanction despite a prohibitory injunction by the courts ordering not to do so and indicated that it would be suing the agency for having breached its right to a fair hearing.
The FIAU said it had identified several deficiencies in the way information about the bank’s clients was collected.
During a review of the bank’s documents, it transpired that on seven occasions it had failed to determine and verify the identity of its business customers’ Ultimate Beneficial Owners.
Prior to 2018, the bank had not collected any information concerning the anticipated level and nature of transactions to be performed throughout its business relationship with 16 files held by the bank.
The bulk of these were businesses.
In four files, the bank had not obtained adequate information in relation to the business activity of its customers.
In one particular file, the customer’s primary business activity was indicated as ‘business consultancy’, while the secondary activity was ‘IT consultancy’. Following independent searches performed by FIAU, it transpired that the customer actually provided legal advice for “in the area of passport acquisition through investment.”
The FIAU concluded that the information obtained by the bank was too generic in order to be able to accurately understand the true nature of the customer’s business and, as a result, it was not aware of the risk of crime they posed.
In two other files, the FIAU said that customers with a transactional limit in excess of €250,000 had an offshore fiduciary structure in their ownership set-up.
The FIAU said that the corporate structure as well as the annual transactional limit of the customers, should have prompted the bank to perform what is known as enhanced due diligence, however this had not been done.
In another file, the FIAU noted that while the customer operated in the cryptocurrencies sector and transacted in large sums, the proper due diligence had not been done despite the risky nature of the client’s activities.
Another customer had an incoming transaction of €200,000 originating from another of the bank’s clients which was not scrutinised, despite the fact that the transacting party had been named in several adverse media reports.
And in another instance, four transactions in the ranges of between €1 million and €2 million were highlighted. Two of these transactions were supported merely by “gentleman’s agreements” considered by the FIAU as “vague and lacking sufficient detail.”
The bank rebutted the FIAU’s findings and claimed that information on the purpose and intended nature of the business relationships was being collected, and that it was performing enhanced due diligence measures.
While the bank had provided documentation to back up its claims, the FIAU said these simply contained text taken from the law and anti-money laundering regulations.
‘Judge, jury, executioner’ – [email protected] responds
In a statement, [email protected] plc indicated that it would be suing the FIAU for what it said was a breach of constitutional rights over the way in which audits were carried out and sanctions imposed.
“The FIAU in this instance acted as judge, jury and executioner,” it said, saying that it had not been given a fair or impartial hearing and that the penalty imposed on it was not in proportion to the breaches identified or size of the company.
[email protected] plc said that the FIAU had been ordered not to publish any statement related to the company sanction by a local court, as part of a prohibitory injunction that it had sought and obtained with urgency. This notwithstanding, the FIAU sanction had been made public, it said.
“The company feels aggrieved and shall contest the manner in which the audit was carried out by the FIAU’s consultants, the content of the report and the sanctions imposed in all available fora, including in the Maltese constitutional courts and at EU level,” it said.
It said that it had terminated its relationship with clients flagged by the FIAU long before they were found guilty or processed for an offence, adding that [email protected] in no instance had any clients which were involved in the sale of any kind of passports.
[email protected] also highlighted positive remarks that the FIAU had made in its regard, such as the noting that the company “was overall proactive in its approach and… had a comprehensive and adequate ongoing monitoring system, designed to effectively and efficiently scrutinise transactions, which system is extremely important to a financial institution in adhering to its AML/CFT obligations.”
These did not tally with the nature of the sanctions imposed, it said.