Cases of money laundering & sanctions/embargo breaches have become more common following the tougher regulatory environment. Since the 2008 crisis, large fines have been handed out which acted as a wake up call for the regulators & governments to act. Furthermore, the banking sector is over represented in the list of fines recipients: in total, this represents $26bn since 2008 issued across the globe to banking institutions. However the impacts of such fines do not solely lie within the spectrum of financial losses, other impacts can be observed, such as the loss of reputation, lower credit ratings, or sometimes even the loss of a banking license…
This short publication aims to answer the important questions:
- Where & who handed the fines?
- For which reasons are they handed out?
- Why are some fines much higher than other?
- What are the impacts of the tight regulatory environment on the banks?
Overview of fines delivered since 2008
$26bn in fines over the last 10 years. It is the staggering number that shows a vast focus of authorities worldwide on the role that bank play either in the laundering of cash or in financing activities in sanctioned jurisdictions / individuals.
However this number is far from equally spread out between countries and regions: North America and particularly the US represent the vast majority of fines handed out:
Graph 1:
North America: USA, Canada, Mexico & Bermuda
Source: Fenergo
There are certain distinct regional differences that are important to consider, these are outlined below.
Note that the fines included for each regions/countries are counted by where they are given and not by the nationality of the receiving institution.
Graph 2:
North America: USA, Canada, Mexico & Bermuda
Source: Fenergo
How are AML/KYC & sanctions penalties spread out between banking institutions?
BNP Paribas & HSBC represent nearly 40% of all penalties. The rest being shared between many banks across various jurisdictions:
- BNP Paribas alone represents 1/3rd of the $26bn in penalties with $8.9bn paid in the US for a range of sanctions breaches notably around Sudan & Iran.
- The second place holder is HSBC who paid almost $2bn in money laundering case involving its Mexico branch.
- The rest remains under the $1bn step, with the majority of fines being less than $200m
The context of such high fines & penalties:
Substantially high fines have historically almost always been handed out in the US. And the US judicial system partly explains this pattern. While in Europe, firms rarely pay fines in the billions of euros, indeed the average fine in the EU is around $20m while that of the US is closer to $180m.
Failings and weaknesses found in AML/KYC & sanctions controls and governance will most often mainly include remediation plans, sometimes with a smaller fine. However, when it has been proven that criminal activity was effectively facilitated by the bank, on the top of failings in controls and efficient oversight, the fines are proportional to the amounts involved in the said criminal activity.
For example, HSBC’s $1.9bn US fine in 2012 came as the DOJ stated that $800m had actually been laundered by Mexican & Colombian drug traffickers via HSBC’s Mexico branch. Danske Bank may also face a similarly large fine, depending on whether or not the €200bn of laundered cash from Russian origins is confirmed…
What are the impacts?
4 main types of consequences to the tougher regulatory environment regarding AML/KYC & sanctions failings can be identified clearly:
- Shortcomings in internal controls & related governance: This puts forward the issue of the need to invest more heavily into automatized controls, strong oversight & governance as well as screening solutions (screening of post-transaction information) that are able to detect the ever more complex ways money laundering can take place or sanctions can be breached. This is particularly true for large international banks processing millions of payments and servicing large numbers of corporate customers throughout the globe.
The vast majority of fines handed out to banks involve an element of operation remediation/change. It is sometimes the very condition (such as Differed Prosecution Agreements in the US) for avoiding higher penalties. This can prove to be a tough exercise, especially in a context of cost cutting strategies for banks and more particularly investment banks. Hiring additional experts, implementing new digital solutions, strengthening controls & oversight all bear a significant cost to the bank on the top of being timely undertakings.
- Settlements / financial compensations & remediation costs: Costs linked to the fine itself or to remediation expenses can have serious consequences on a bank’s balance sheet and thereby its capacity to finance itself on the market. This is admittedly a rare occurrence as fines are usually based on the size of the bank’s revenues. However, in some cases such as the BNP Paribas settlement of June 2014 (~US$8.9bn), this fine represented close to 15% of the bank’s market capitalisation at the time. On the other hand, the example of ING Groep’s €775m fine (September 2018) demonstrates that large banking groups can easily absorb even substantial penalties as it was effectively able to absorb the fine leaving its earnings relatively unaffected[1].
- Damage to the bank’s franchise: Reputational risk, not only in the eyes of investors, but more importantly in the eyes of the customers, is a key risk factor. This risk can materialise itself in the restrictions imposed on a bank to perform certain services in a given jurisdiction. Client loyalty may also be eroded from the adverse news emanating from the regulatory failings in AML or sanctions. In an era of high competition within the banking sector, reputation is key for banks looking to safeguard and attract new customers. The risk of a deposit run is still prevalent & real.
Investors are another stakeholder group sensitive to such adverse news. This was ever more apparent in the recent case of Danish bank Danske Bank’s AML controls failures in 2018 as represented in Graph 3 below:
Graph 3:
Source: Standard and Poors
Although to this day, it is often observed that although the stock price falls during the legal proceedings, once the final fine & conditions are agreed upon (which are most often lower than initially feared), the stock price recovers somewhat eventually such as in the case of BNP Paribas in 2014. This however is not systematically the case.
- Credit ratings implications: Such impact on a banking institutions is not evident. However in either of the following scenarios, one can expect the bank’s credit ratings to potentially be impacted:
- In cases where there are widespread failings in KYC, AML & sanctions controls
- When the fine handed out has a significant impact on earnings
- If there is an important damage to the bank’s franchise or reputation
It should be noted that the impact on the ratings will also depend on whether the identified risk(s) are specific to the bank itself or rather to the industry as a whole…
Credit ratings remain however on average relatively unaffected.
For example, ratings on issued subordinated debt of BNP Paribas and Danske Bank were both lowered following the initiation of the investigation or final proceedings (June 2014 & July 2018 respectively). The overall ratings of both banks were however maintained.
Cases of industry wide impact on ratings in specific jurisdictions were observed on several cases following the announcement of regulatory failings. The more recent cases of this include the lowering of the Banking Industry Country Risk Assessments (BICRAs) by Standard & Poor (2018) on Estonia and Malta resulting from a “changed perception of regulators’ effectiveness”.
Behavioural change & the rise of compliance
Behaviours are changing and have been changing especially over the last few years. Significant efforts are being made by banks to not only be more efficient in preventing / detecting AML/KYC & sanctions failings, but also to avoid certain risky markets, at the expense of their revenue base.
Recently, we have observed that large banks have been exiting their risky correspondent banking relationships[2].
More widely, we have seen banks investing heavily into their compliance functions, implementing new digital solution that bring higher efficiency in the track for money laundering or sanctions failings. Some go as far as to say it is a “boom” in spending[3]. Interestingly, this can be seen in the given to compliance within the bank’s annual reports as can be seen in Graph 4 below:
Graph 4:
Source: The Economist
This development was notably helped by the sharp increase in the market for compliance digital solutions, including many new comers or start-ups, but also already established firms like Nice Actimize[4] or IBM. Banks are also currently considering more seriously the benefits to security that Blockchain technologies can bring.
Closing note
With ever increasing regulatory scrutiny combined with rising numbers of sanctioned entities & individuals, it is not likely this trend will halt in the short & medium term (Standard & Poor, 2018). However large investments into digital solutions as well as a more risk-averse approach are beginning to shift the balance, but these changes will take a significant amount of time.
International bodies such as the Financial Action Task Force are continuing to help & advise banks be more efficient in combatting money laundering or servicing sanctioned entities or individuals, however a dedicated pan-European body has still not been created. Considering the multitude of jurisdictions that make up the European Union, one could gain efficiency by centralising these matters.
International cooperation between intelligence units and supervisors remains critical in the identification & prevention of illegal money flows.
[1] https://www.ing.com/web/file?uuid=a2ccc1f6-84ec-4874-b6fc-de23cdfff726&owner=b03bc017-e0db-4b5d-abbf-003b12934429&contentid=45187&elementid=2075773
[2] https://www.imf.org/external/pubs/ft/sdn/2016/sdn1606.pdf
[3] The Economist, 2019: https://www.economist.com/finance-and-economics/2019/05/02/the-past-decade-has-brought-a-compliance-boom-in-banking