Staff at Danske Bank’s Estonia branch actively and knowingly helped a number of highly suspicious clients to hide from authorities in cases where these clients would have faced issues with the authorities, had their identities been revealed.
This information has come to light in internal documents from Danske Bank itself.
Berlingske has been given access to a letter from Danske Bank’s internal auditors to the bank’s top management.
This letter, which was sent to two high-ranking members of the Danske Bank executive board in February 2014, also concluded that the branch »acts against AML legislatory principles« by not establishing the identities of a number of suspicious clients nor monitoring their transactions. In fact, the auditors stated, the bank was making a lot of money from these clients.
The new information casts serious doubt on previous explanations given by Danske Bank’s top management following revelations by Berlingske and partner media, earlier this year, of large-scale money laundering taking place in the bank’s Estonian branch.
Until now, Danske Bank CEO Thomas Borgen has merely acknowledged that the Estonia branch did not have sufficient money-laundering controls in place at the time.
Hence the bank could not rule out the possibility that it had been »exploited« for money laundering. Thomas Borgen has stated, however, that »nothing indicates« that employees at the bank knew of or assisted in illegal activities.
The internal auditors’ letter paints a completely different picture: that staff at the Estonia branch were wittingly covering for the suspicious clients, and that the group’s top management was made aware of this as early as the beginning of 2014.
Both experts and political figures say the letter sheds a completely different light on the money-laundering scandal.
Jeppe Kofod of the Social Democrats (S), who chairs the European Parliament committee on money laundering, says the letter »completely contradicts what Danske Bank has stated so far,« while Hans Kristian Skibby of the Danish People’s Party (DF) calls the new information »surprising and provocative.« Lisbeth Bech Poulsen of the Socialist People’s Party (SF) described the letter as a »smoking gun« in the case.
The letter was written immediately after an internal auditors’ review of the Estonian branch at the beginning of February 2014. Formally, the letter is a draft version but, according to information given to Berlingske, this was the exact wording sent to the bank’s top management.
In the letter, the auditors stated that the branch was in breach of regulations requiring it to register the true owners of a number of companies being used to transfer large amounts of money through accounts held with the bank.
Instead, the branch had simply registered the accounts as belonging to British shell companies, which the auditors described as »inadequate« documentation.
In the letter, auditors also stressed the importance of knowing the true identity of clients as prescribed by money-laundering regulations, particularly as such corporate structures have often been used by suspicious clients from former Soviet republics.
The auditors indicated they had asked the head of International Banking at the Estonia branch why the bank was not in compliance with regulations.
According to the auditors’ letter, the executive admitted that the branch was deliberately hiding the true identities of these clients:
»In relation to above, the Head of International Banking in the branch confirmed verbally (in the presence of all audit team) that the reason underlying beneficial owners are not identified is that it could cause problems for clients if Russian authorities request information,« the auditors wrote in their letter to the top management at Danske Bank.
Casting doubt on previous explanations
Søren Bergenser, a lawyer specialising in financial crime, has read the letter.
»As I see it, this is completely clear-cut,« he says.
»A manager at the Estonian branch admits to actively assisting in hiding suspicious clients from the authorities because these clients might otherwise get into trouble with the authorities. This is in direct breach of money-laundering regulations requiring banks to know their clients.«
The letter shows that the bank »is willfully aiding and abetting potential criminal behavior,« says L. Burke Files, an American expert on financial investigations and partner at Financial Examinations and Evaluations.
Money-laundering laws place strict requirements on banks to establish the identities of their clients and monitor their transactions to prevent criminals from channelling proceeds from crime through banks.
Jakob Dedenroth Bernhoft, an expert on money-laundering rules and head of the advisory firm Revisorjura.dk, has also read the letter.
He describes the wording used by auditors as “extraordinary”, noting in particular that the team of auditors specifically stressed the fact that all three of the auditors heard what the International Banking manager stated:
»I can only interpret this as signifying that the bank had full knowledge of what was going on and so must have known that it most probably assisted in money laundering or other financial crime,«” he says.
The letter from February 2014 was sent to Lars Mørch, Head of Business Banking, and Robert Endersby, Chief Risk Officer, who were both on the executive board at Danske Bank’s Copenhagen head office.
As such, they reported directly to CEO Thomas Borgen. Lars Mørch is still on the executive board, while Robert Endersby has now left the bank.
Until 2012, Thomas Borgen was personally in charge of Danske Bank’s Baltic activities, before being appointed CEO of the banking group in 2013.
He has previously denied that the bank or its staff assisted in or were aware of any money laundering, following Berlingske’s revelations that there were several instances of suspicious money flows coming through the Estonian branch.
Some of this money came from the former Soviet republics of Moldova and Azerbaijan and flowed to offshore entities in tax havens.
According to Thomas Borgen, the bank only discovered the problems in 2014 and then set about clearing up the suspicious accounts.
In September 2017, Thomas Borgen launched a wider investigation into problems at the Estonian branch. At the time, Berlingske put the following question to Thomas Borgen:
»Is there anything to indicate that some members of staff at your branch in Estonia were aware of this and deliberately let it continue?«
To which Thomas Borgen replied:
»There is at present nothing to indicate this, but of course our investigation will aim to establish that. And if it finds that any of the bank’s staff had any knowledge of this, it will be reported to the authorities and the police.«
At Christiansborg, seat of the Danish parliament, the view is that the letter now counters that explanation.
»It appears the top management had more serious knowledge about these issues than what the bank has so far acknowledged in its statements to us. This is highly surprising and strikes me as provocative,« says Hans Kristian Skibby, the spokesperson for business of the Danish People’s Party. His counterpart from the Socialist People’s Party, Lisbeth Bech Poulsen, states that »Danske Bank’s management is steadily losing credibility.«
»These skeletons keep dropping out of the closet at Danske Bank. The bank has tried to portray this as just a case of sloppiness. Now we have evidence that they broke the rules with their eyes wide open,« says Lisbeth Bech Poulsen.
She intends to raise the matter with the Minister for Trade, Business and Financial Affairs, Brian Mikkelsen of the Conservative Party (K).
The Minister has declined to comment on the letter.
In breach of regulations
In addition to the admissions from the local executive, the letter also contains a number of strongly worded warnings that cast doubt on other previous statements by Danske Bank’s top management.
For instance, it makes clear that by February 2014 the top management already had far more detailed knowledge of money-laundering breaches at the branch than what Danske Bank has previously indicated in public.
Since the initial revelations by Berlingske in the spring of 2017, the bank’s management has merely stated that it discovered in 2014 that the branch »did not have sufficient knowledge of clients« to verify whether these had »legitimate aims.«
This led the bank to launch efforts to tidy up these suspicious clients – work that carried on long into 2015. Similarly, the bank has merely stated its regret that it »failed to prevent our being exploited for money laundering.«
But in their 2014 letter, the internal auditors specifically indicated that the bank was acting in breach of money-laundering regulations, explaining that the bank was collaborating with nine Russian middlemen who had referred several clients to the branch.
This collaboration, the auditors noted, was »highly profitable« bringing in 7,5 million euro in income in 2013 alone. Danske Bank Estonia then assisted clients in carrying out suspicious securities transactions which allowed the clients to convert large amounts of Russian roubles to US dollars.
According to the letter, these transactions also involved the Moscow branch of the international banking giant Citibank.
The auditors stated that the bank did not have sufficient information on the identities of these clients, and that the branch management had already admitted this in a memo from »in late 2012.«
»According to this memo the Bank has no full information on the end-client of the Russia based intermediaries. This in our opinion leads to the conclusion that the Estonian Branch is not able to identify the actual source of funds and therefore acts against AML legislatory principles,« the auditors wrote. They added that this risc was “clearly identified” by branch management prior to Internal Audit involvement.
According to Søren Bergenser, the financial-crime lawyer, these indications amount to »the strongest possible warnings that any bank management could have«.
In particular, he points to the criticism that the bank had not confirmed the identities of these clients.
»It sounds as if the Estonian branch did not take this issue seriously. Perhaps, in the end, they were fully aware of the types of characters they were dealing with.«
Berlingske has tried, unsuccessfully, to get a comment from Citibank.
No controls on criminals
Overall, the auditors concluded in their letter that the Estonian branch had such serious lapses in its money-laundering controls that it was in breach of both European money-laundering regulations and Danske Bank’s own standards.
For instance, the head of money-laundering compliance was also responsible for approving new clients at the branch. Reporting on money-laundering risks was largely insufficient and »not showing the actual risk«.
And there were »no automated monitoring in place« on whether new clients »are not PEPs, subject to sanctions, criminals etc,« the auditors stated.
These indications are »damning« for the bank, says L. Burke Files, the financial investigations expert who has also read the letter.
Among other factors, he stresses that Danske Bank allowed the same person to be in charge of approving new clients and responsible for money-laundering compliance as well.
»The conflict of interest is clear and obvious. It's the equivalent of foxes guarding a henhouse,« he says.
The auditors also noted in the letter that a large number of the bank’s clients were choosing to close their accounts again within two years, allowing them to escape a legal requirement to send accounts to the Estonian authorities.
This implied »a high potential risc that the customers are trying to avoid the requirements to run their business in the transparent way« the auditors stated.
According to Jakob Dedenroth Bernhoft, the expert on money-laundering law, the letter generally contains such strongly worded warnings that »the bank should have reported these clients to the authorities immediately and completely refused to handle any transactions for these clients.«
And still Danske Bank did not finish its efforts to tidy up these problematic client accounts at the Estonian branch until late 2015.
As the chair of the European Parliament money-laundering committee, Jeppe Kofod has had confidential access to thousands of documents relating to recent tax-shelter leaks such as the so-called Panama Papers.
He describes the letter as »among the most serious I have seen.«
»The initial impression was that this was a case of extremely sloppy banking, and the message from the bank itself was that it had been exploited for money-laundering. But this now states, in black and white, that executives knew about these illegalities and did nothing. And top management knew.«
»I had hoped never to see this in a Danish bank,« says Jeppe Kofod.
Danske Bank: Warned by a whistleblower
No one at Danske Bank, including Lars Mørch and Thomas Borgen, wished to be interviewed by Berlingske.
An emailed response from the bank’s press section does not address the criticism that the letter contradicts previous statements given by the bank. Danske Bank also declined to say whether the information presented in the letter was passed on to the bank’s board of directors or to authorities in Estonia or Denmark.
Instead, Danske Bank’s head of Group Compliance, Anders Meinert Jørgensen, is quoted in the email as saying that the letter from Internal Audit »confirms what we have previously communicated«.
»We established in 2014 that we did not have sufficient controls and procedures in Estonia to prevent being used for money-laundering. We established this based on various indications, including a report from a whistleblower, and subsequently a report from the bank’s internal audit at the beginning of 2014.«
The fact that the warning about problematic clients at Danske Bank came from a whistleblower has not been made public before. In fact, the bank previously indicated that it was its own »regular monitoring« that uncovered the problems.
Anders Meinert Jørgensen also states in the email that the bank then »initiated a number of actions to reduce risk and strengthen our control procedures in relation to the branch in Estonia. In addition, we started clearing the “non-resident portfolio« (foreign clients, ed.).«
»As previously stated, given what we now know, we should have cleared this portfolio sooner,« he states, stressing that in September the bank launched a comprehensive internal investigation into the clients and transactions of the Estonian branch over the period from 2007 to 2015.
»While this investigation in ongoing, we do not wish to comment further on this issue. Once the investigation has been completed, we will address the need for any consequences and actions to take following the conclusions to this investigation,« he is quoted as saying.
Estonian regulator: Bank showed lack of will to act
Berlingske has not been able to get a response from Ole Andersen, the chairman of Danske Bank, as to whether the information contained in the letter was passed on to the board of directors at that time.
This would be a crucial detail, as the head of the bank’s internal audit team formally reports to the board of directors and not the executive board that the letter was addressed to.
Jens Peter Thomassen, who was then the head of internal audit and co-signed the letter, but who has since retired, also declined to comment.
Similarly, neither the Danish financial-fraud office (SØIK) or the financial regulator Finanstilsynet have wanted to comment on the case – including the question of whether Danish authorities were told about the information contained in the letter.
Berlingske also asked the Estonian authorities whether Danske Bank passed the information in the letter on to the authorities in February 2014.
The head of Estonia’s Financial Intelligence Unit, Madis Reimand, declined to elaborate on the circumstances of the letter.
»But what can be said is that both your quote of the audit letter as well as other exerpts of the document you sent me, demonstrate quite expressively the systematic deficiencies of the bank’s AML systems and the lack of willingness to tackle money laundering and fend off suspicios money,« he writes in an email.