Norion Bank Fined $8.3 Million Over Anti-Money Laundering Due Diligence Failures

Key Takeaways

• PEP Screening Deficiencies: Sweden’s Financial Supervisory Authority said Norion Bank failed to sufficiently assess whether beneficial owners tied to medium- and high-risk customers were politically exposed persons or connected individuals.
• Enhanced Due Diligence Failures: Regulators found the bank did not obtain sufficiently detailed information regarding certain high-risk customers’ business activities, financial situation, or source of funds.
• $8.3 Million Penalty: Finansinspektionen issued Norion Bank a formal remark alongside an administrative fine of approximately $8.3 million (SEK 90 million).
• Corporate Customer Focus: The regulator’s investigation specifically reviewed how the bank handled customer due diligence obligations involving legal entity customers and beneficial ownership structures.

Deep Dive

One of the details buried in Sweden’s enforcement notice against Norion Bank is that the regulator specifically examined customers that were legal entities, not just individuals or companies. That distinction tends to matter. Corporate structures are where anti-money laundering programs become less about identity verification and more about whether a bank actually understands who is sitting behind the paperwork.

The ownership chains stretch, another entity appears, and then a holding company in one jurisdiction controls another in a second jurisdiction which owns a third somewhere else entirely. Eventually someone at the bank needs to ask who actually controls this customer?

On Thursday, Sweden’s Financial Supervisory Authority, Finansinspektionen, said Norion Bank failed to do enough of that work.

The regulator issued the bank a formal remark and an administrative fine of approximately$8.3 million (SEK 90 million) after an investigation into the bank’s compliance with Sweden’s Anti-Money Laundering and Counter-Terrorist Financing Act.

Norion did not take sufficient measures to assess whether beneficial owners connected to customers presenting medium or high money laundering and terrorism financing risk were politically exposed persons, or family members and known associates of such individuals. The authority also said the bank failed to apply enhanced customer due diligence measures to obtain more detailed information about high-risk customers’ business activities, financial situation, and source of funds.

The findings did not rise to the level where the regulator considered withdrawing the bank’s authorization or issuing a formal warning. Finansinspektionen said those measures were not warranted in this case. Still, the authority concluded there were no grounds to avoid intervention entirely and paired the remark with the $8.3 million (SEK 90 million) penalty.

The GRC Report is your premier destination for the latest in governance, risk, and compliance news. As your reliable source for comprehensive coverage, we ensure you stay informed and ready to navigate the dynamic landscape of GRC. Beyond being a news source, the GRC Report represents a thriving community of professionals who, like you, are dedicated to GRC excellence. Explore our insightful articles and breaking news, and actively participate in the conversation to enhance your GRC journey.