Swedish Regulator Fines Ikano Bank €12.8 Million for Anti-Money Laundering Failures

Key Takeaways

• FI Identified Fundamental Risk Assessment Failures: Swedish regulators found that Ikano Bank's general risk assessment did not adequately identify or evaluate money laundering and terrorist financing risks associated with its corporate customers and products.
• Enhanced Due Diligence Measures Were Insufficient: The bank failed to implement the enhanced customer due diligence measures necessary to obtain adequate knowledge of customers considered to present a high risk of money laundering or terrorist financing.
• Deficiencies Extended Beyond Documentation: According to FI, weaknesses in the bank's risk assessment framework prevented it from serving as an effective foundation for procedures, guidelines and other anti-money laundering controls.
• $14.7 Million Fine Accompanies Formal Remark: The regulator imposed an administrative fine of approximately $14.7 million (SEK 140 million) and issued a formal remark, concluding that intervention was necessary despite stopping short of a warning or license-related action.

Deep Dive

Ikano Bank's anti-money laundering problems did not begin with customer due diligence. According to Sweden's financial regulator, they began earlier with the bank's understanding of its own risks. The Swedish Financial Supervisory Authority, Finansinspektionen (FI), has issued the bank a formal remark and imposed an administrative fine of approximately €12.8 million (SEK 140 million) after finding shortcomings in its anti-money laundering and counter-terrorist financing framework.

The decision follows an investigation into the bank's compliance with Sweden's Anti-Money Laundering and Counter-Terrorist Financing Act.

At the center of the case was Ikano's general risk assessment, a document that regulators increasingly view as the foundation of an effective financial crime program. FI concluded that the bank had not conducted a separate, comprehensive and realistic assessment of how products offered to corporate customers could be exploited for terrorist financing.

The regulator also found that Ikano failed to adequately consider risk factors linked to those customers and did not sufficiently incorporate information from public authorities concerning money laundering and terrorist financing risks and methods.

Those shortcomings had consequences beyond the assessment itself. According to FI, the deficiencies meant the bank's risk assessment could not effectively serve as the basis for procedures, guidelines and other measures intended to prevent money laundering and terrorist financing. In effect, the regulator concluded that weaknesses at the center of the framework affected the controls built around it.

Focus on Higher-Risk Customers

The investigation also identified deficiencies in the bank's treatment of customers presenting elevated financial crime risks. FI found that Ikano had not implemented the enhanced customer due diligence measures necessary to obtain adequate knowledge of customers associated with a high risk of money laundering or terrorist financing.

Enhanced due diligence requirements are designed to provide institutions with a deeper understanding of higher-risk customers and their activities. Regulators across Europe have increasingly focused on these controls as they seek evidence that firms can identify and manage heightened financial crime risks rather than simply document them.

The Swedish authority did not identify specific customers or transactions in its announcement. Instead, its findings focused on weaknesses in the bank's overall systems and processes.

Enforcement Without Escalation

FI determined that intervention was necessary but stopped short of pursuing the most severe sanctions available. The regulator concluded that the violations were not serious enough to justify withdrawing Ikano's banking authorization or issuing a warning. Instead, it opted for a remark accompanied by the €12.8 million (SEK 140 million) administrative fine.

Ikano is authorized to conduct banking business under Sweden's Banking and Financing Business Act and offers products including loans, deposit accounts, invoice purchasing, factoring and leasing.

The decision reflects a supervisory trend that has become increasingly visible across Europe's banking sector. Regulators are looking beyond whether institutions have anti-money laundering policies in place and asking whether firms genuinely understand where their risks lie. When that answer is incomplete, the weaknesses tend to surface elsewhere in the control framework.

The GRC Report is your premier destination for the latest in governance, risk, and compliance news. As your reliable source for comprehensive coverage, we ensure you stay informed and ready to navigate the dynamic landscape of GRC. Beyond being a news source, the GRC Report represents a thriving community of professionals who, like you, are dedicated to GRC excellence. Explore our insightful articles and breaking news, and actively participate in the conversation to enhance your GRC journey.