There’s a rule that banks have to follow, which sounds simple in theory but is far harder in practice. “Know Your Customer” is a principle demanded by financial authorities to prevent money-laundering and other transgressions by clients. According to UK regulators, Commerzbank’s London business doesn’t know its customers well enough.
A review by the Financial Conduct Authority found that the UK branch of Germany’s second-largest bank has been deficient in applying “financial crime controls,” several people familiar with the matter told Handelsblatt. In other words, the division charged with screening potential customers has done a rather poor job of it.
The FCA has warned Commerzbank that it must take immediate action to fix the problem. Sources said Commerzbank management has immediately instructed staff to freeze business with customers that the FCA claimed had not been subject to adequate checks. That swift reaction has angered some employees and touched off “intense discussions” at the bank, according to one staffer, but Commerzbank has reason to be worried. UK authorities haven’t been shy in the past about penalizing financial firms they believe are flouting the rules.
The “Know Your Customer,” or KYC, rules require banks to conduct thorough checks both to onboard new clients and to ensure that existing customers continue to meet compliance standards. Identifying suspicious customers is easier said than done. “It’s a constant battle that the banks in this sector are fighting, and they’re fighting it for all of us,” said Markus Bender, a partner with financial services business and technology consulting firm Capco.
Mr. Bender has spent years helping banks implement controls meant to combat financial crime. He says it’s a constant struggle for banks to meet the rules. Those customers determined enough to commit crimes will react to the bank’s measures and seek out new ways to launder money or finance terrorism. “For many banks, it’s a big challenge to meet the growing demands of regulators,” he said.
Britain’s FCA and its US counterparts are at the vanguard of the push for increasingly tough compliance measures, which is exactly what has Commerzbank worried. While the FCA has not imposed any ban on business at Commerzbank, the bank has pulled back from some business areas until the matter is resolved. The freeze is designed to ensure that regulators have no reason to penalize Commerzbank. “It’s a way to avoid possible fines,” said one person familiar with the matter.
Executives have yet to reach any final decisions, but they are under major time pressure.
The scrutiny comes at an awkward time for Commerzbank, which has been the subject of takeover speculation from a raft of suitors. For London, anything that places its own suitability as a financial location in a bad light could also prove damaging, as many banks consider moving business elsewhere in Europe in response to Brexit. Indeed, shifting business is one possible consequence of the new FCA crackdown.
Commerzbank’s London branch employs about 1,000 people, whose primary duties are capital market operations and serving British corporate clients. However, the office has also been responsible for running checks on potential customers who have no direct ties to the UK. That’s now subject to change, with sources saying the bank plans to shift a number of its KYC processes to central Europe, likely to Germany or Poland.
Executives have yet to reach any final decisions, but they are under major time pressure. Those close to the company told Handelsblatt that Commerzbank has to work through a substantial backlog of KYC checks before it can resume business dealings with affected customers. “There’s a great deal of tension surrounding the issue,” another insider said.
The Financial Conduct Authority declined to comment on the matter. A spokesman for Commerzbank said the efforts to ensure that business “adheres to current legal and regulatory requirements” are ongoing, and its highest priority. “We continue to do business with our customers in London and provide customers with our products and services,” the spokesman added.
Commerzbank is far from the only financial institution forced to pay steep fines for violating sanctions.
The bank has been burned before. Two years ago, US regulators hit Commerzbank with a $1.45 billion (€1.22 billion) penalty for sanctions violations and inadequate enforcement of anti-money laundering, or AML, regulations. The bank came under scrutiny in part because of its dealings with IRISL, the Islamic Republic of Iran Shipping Lines, labeled by Washington as a proliferator of weapons of mass destruction. Commerzbank also found itself in the middle of a more than decade-long accounting fraud scheme, revealed in 2011, involving Olympus, a Japanese manufacturer of cameras and medical imaging systems. The bank cleared hundreds of millions of dollars in transactions that allowed the company to conceal substantial investment losses.
The Frankfurt-headquartered bank is far from the only financial institution forced to pay steep fines for violating sanctions and failing to follow AML rules. In early 2017, Britain’s HSBC revealed that the FCA was reviewing the bank’s own compliance with those controls. A month earlier, the FCA fined Deutsche Bank £163 million over regulatory failures, which allowed the suspicious transfer of $10 billion in Russian funds to foreign accounts.
Announcing the Deutsche Bank penalty in January, the FCA’s director of enforcement and market oversight, Mark Steward, issued a warning to the entire sector: “Other firms should take notice of today’s fine and look again at their own AML procedures to ensure they do not face similar action.” That’s a warning Commerzbank probably wishes it had heeded earlier.
Yasmin Osman and Andreas Kröner cover banks and financial regulation for Handelsblatt in Frankfurt. Carsten Volkery is Handelsblatt’s financial correspondent based in London. Amanda Price adapted this story for Handelsblatt Global. To contact the authors: firstname.lastname@example.org, email@example.com and firstname.lastname@example.org