2016 – 2017
Despite having effectively closed the Non-Resident Portfolio in Estonia, Danske Bank continued to incur reputational and legal damages associated with past activity in the Estonia branch. In 2016, news reports out of Azerbaijan implicated the Estonian branch in a political payoff scheme involving an Italian politician and Azerbaijani government officials. These reports prompted the creation of an informal task force within Danske Bank—involving Group Compliance & AML, Group Legal and Group Communications & Relations—that provided periodic updates to the CEO.
In March 2017, an anti-corruption NGO, working with reporters in Denmark, identified Danske Bank as one of the banks being used to launder money as part of the “Russian Laundromat” scheme. The scheme involved moving $20 billion out of Russia from 2010 to 2014 through a network of global banks. Most of the beneficiaries were Russian elites, many with ties to the Kremlin. Shortly before the story was published, Danske’s CEO informed the chairman of the Board, who then notified the whole Board of Directors. According to a Danske Bank internal memo prepared around the same time, the Bank identified 1,567 transactions and a flow of approximately $1.2 billion as part of the scheme.
The Russian Laundromat was discussed at the Executive Board meeting on March 28, 2017. According to Group Legal, “at this point, no final conclusions could be drawn as data and information on the case were still being gathered,” but “the Estonian branch seemed to have been misused for money laundering between 2011 and 2014.”
In March 2017, Danske Bank was asked by the DFSA to provide further information regarding the Estonian branch in relation to the Russian Laundromat. The DFSA’s subsequent investigation led to multiple orders and reprimands that were delivered in May 2018.
The Executive Board and Board of Directors were updated on the Russian Laundromat in April. As part of these updates, Group Compliance & AML wrote that ”[i]n countries where the bank operates on separate IT systems not connected to the central IT platform, this [that is, strong AML controls] becomes a challenge, as development of transaction monitoring scenarios needs to be done locally.”
Recognizing the severity of the situation, Danske Bank hired the regulatory consultancy Promontory, who was tasked with conducting a root-cause analysis. Promontory presented their results—including their finding that $30 billion in non-resident money passed through the Estonian branch in 2013 alone—to the CEO and Executive Board in June 2017. The Board of Directors was presented with a shorter version of their report in August.
In a press release on September 21, 2017, Danske Bank informed the public of Promontory’s findings, concluding that “several major deficiencies led to the branch not being sufficiently effective in preventing it from potentially being used for money laundering in the period from 2007 to 2015.” The three major deficiencies identified were:
The lack of a proper culture for and focus on anti-money laundering at the Estonian branch
Inadequate governance in relation to compliance and risk
Management follow-up and control were highly dependent on local country management
In the same press release, Danske Bank announced they were launching an expanded investigation into money laundering at the Estonian branch, to be conducted by the newly established Compliance Incident Team, which would take 9 to 12 months to complete.
While the Bank was waiting for the expanded investigation to reveal the full extent of money laundering in the Estonian Branch, they were staring down multiple legal and regulatory investigations. Danske Bank’s future, and the futures of its top executives, were very much in doubt.