The 5th Anti-Money Laundering Directive has been in force in the EU since January 2020 - and Switzerland is following suit. Companies are now faced with the challenge of expanding their screening processes and clearly identifying the UBO (Ultimate Beneficial Owner). This obligation protects against legal and financial risks, but is associated with increased effort. A case study on Swedbank shows how companies can meet this challenge and provides practical insights and best practices.
Failure to identify a UBO today has direct and serious consequences in the context of international money laundering prevention. Financial institutions need to recognize global ownership structures at an early stage in order to effectively prevent money laundering and terrorist financing. Identifying the Ultimate Beneficial Owner (UBO) of a company is a major challenge for banks and financial institutions around the world. Terrorists and criminals have demonstrated their abilitythat to move funds quickly between different banks, often in different countries, but the lack of timely access to financial information means that many investigations reach a dead end. Cooperation between the authorities responsible for combating terrorism and serious crime must therefore be improved, as financial information is an important part of investigations. Another solution is the transparency register that the countries must set up. On 22.05.2024, the Federal Council in Bern submitted the dispatch on the further development of the fight against money laundering to Parliament.
The Swedbank case is a clear example of the complexity of this task and the serious consequences of inadequate compliance with the UBO. It also shows that a lack of compliance has a global implications. For example, the Swedish bank became the focus of international investigations due to a lack of transparency in disclosing the true owners of its corporate customers. The problem goes back a long way, in some cases to the early 2000s, and highlights the need for UBO compliance to combat money laundering and other forms of financial crime.
Due diligence is the process of carefully investigating and analysing a company or asset position to ensure that all relevant facts and risks are known. So far, this is clear. An essential part of this, according to the current legal legislation, is the identification of the Ultimate Beneficial Owner (UBO), i.e. the beneficial owner of a company.
UBO rules are an important part of international efforts to combat financial crime. The Financial Action Task Force (FATF) and other international bodies have issued clear guidelines on how banks should identify the true owners of companies. These requirements have been transposed into national legislation in many countries in recent years, including in the EU with the Fourth and Fifth Money Laundering Directives.
It may not be possible to identify an individual even after extensive investigation. There may also be doubts as to whether the identified person is the beneficial owner. In such cases, the law provides that either the legal representative, the managing partner or the partner of the contracting party may be considered as the UBO.
Therefore, if the UBO cannot be clearly identified, one of these "fictitious UBOs" must be identified. Although European money laundering laws still differ slightly from one another, the identification of managing partners, managing directors and members of the top management level makes sense in an international context.
The Ultimate Beneficial Ownership (UBO) rules for the financial sector aim to create transparency about who really controls a company or assets. Only by correctly disclosing UBO information can banks and financial institutions fulfil their due diligence obligations and ensure that their services are not misused for illegal activities such as money laundering or tax evasion. Identifying the UBO also helps to protect the integrity of the financial system and builds confidence in business practices.
Financial institutions must therefore continuously improve their internal control mechanisms and due diligence procedures to identify the true owners of accounts and assets. This requires not only verificationof customer information, but also constant monitoring of transactions and increased attention to potential risk signals. Only in this way can banks ensure that they are fully compliant with UBO rules and identify potential abuses at an early stage.
Swedbank is facing a possible judgment in the US after media reports in 2019 revealed that the bank was involved in money laundering activities in the Baltic states. According to the reports, billions of euros were transferred from Russia and other countries through Swedbank accounts in Estonia, Latvia and Lithuania - without disclosing the true beneficiaries of these transactions. These activities were linked to the so-called "Russian Laundromat", a large-scale money laundering programme in which Danske Bank and Nordea Bank were also involved.
Specifically, between 2010 and 2014, more than 20 billion "dirty" dollars (about 15.5 billion euros) were allegedly moved from Russia to Europe, the US and other countries. These transactions were uncovered by Russian law enforcement authorities and led to one of the largest money laundering scandals in Europe.
Not only did the bank's reputation suffer considerably as a result of the allegations, but it also faced a number of legal consequences. Regulators in Sweden, Estonia, Latvia and Lithuania launched extensive investigations, which ultimately led to a fine of four billion kronor (around 372 million euros). This fine was imposed in March 2020 after the Swedish Financial Supervisory Authority (Finansinspektionen) sanctioned the bank for inadequate internal controls in relation to money laundering allegations.
When compliance breaches become public, there are also personnel consequences: Swedbank's CEO, Birgitte Bonnesen, was dismissed and other changes in the bank's management followed. The US investigation into the money laundering allegations is still ongoing and there is a possibility that the bank may face further penalties.
Scandinavian companies are under increasing pressure to comply with international anti-corruption and money laundering regulations. This is evidenced by the fact that in recent years the US authorities have taken several major companies in the region to court for bribery and corruption. For example, Swedish telecoms giant Telia, had to pay a fine of over 7.7 billion kronor (around $965 million or €804 million) in 2017 for its involvement in a bribery scandal in Uzbekistan. Ericsson was also fined more than 10 billion kronor (about 1 billion USD/ 834 million Euros) after it was involved in a corruption scandal in several countries investigated by the US Securities and Exchange Commission (SEC) and the Department of Justice.
Following the revelations in 2019, Swedbank took several steps to limit the damage and improve its compliance structures. However, despite these efforts, the consequences of the scandal are still being felt today. Among the most important measures are:
1. Change of management: One of Swedbank's first reactions to the scandal was to change its top management. Birgitte Bonnesen was dismissed in March 2019 and Anders Karlsson temporarily took over the role of CEO. Jens Henriksson, who was previously CEO of the Swedish insurer Folksam, was appointed as the new CEO in September 2019. At the same time, Göran Persson, a former Swedish Prime Minister, was appointed Chairman of the Supervisory Board.
2. Creation of a task force: Swedbank has established a special Money Laundering Task Force that focuses specifically on on the fight against financial crime. This task force works closely with national and international regulators to ensure that the bank takes the necessary steps to combat money laundering.
3. Increasing the centre: To strengthen the measures against money laundering and financial crime, Swedbank allocated an additional 64 million euros. These funds were used to expand internal compliance processes and to introduce new technologies to monitor transactions and identify suspicious activities.
4. Transparency and investigations: Swedbank publicly acknowledged its anti-money laundering deficiencies and committed to work closely with the regulators to resolve the allegations. The bank also hired external consultants to review its internal controls and identify weaknesses.
5. External reports and audits: A central element of the measures was the preparation of the so-called Grimstad Report, named after the former Norwegian Attorney General Torgrim Grimstad, who was commissioned to investigate the money laundering allegations. The report revealed significant internal violations of money laundering regulations and led to extensive reforms of Swedbank's internal control mechanisms and compliance processes.
If Swedbank had been using a robust compliance solution, it may have been able to avoid many of these problems. Our Pythagoras UBO screening and monitoring solutions have been providing comprehensive, real-time risk monitoring since 2005. They enable financial institutions to quickly identify changes in the ownership structure and, as in the case of Swedbank, respond to potential risks at an early stage. Automated monitoring provides full transparency and efficiently ensures compliance with regulatory requirements. Nevertheless, the bank has since improved its compliance measures to prevent future breaches.
Germany and Switzerland require a thorough screening and identification of business partners, but the specific requirements and procedures differ. In both case, the focus is on the prevention of financial crime. The measures comply with the international standard of the Financial Action Task Force (FATF/GAFI) on Money Laundering and Terrorist Financing and the recommendations of the Global Forum.
Although the legal frameworks conditions in Germany and Switzerland are similar, there are also some differences. In Switzerland, the requirements are governed by the Money Laundering Act (AMLA) and the Ordinance on Professional Due Diligence in Financial Transactions (CDB).
In Germany, due diligence is regulated by various laws such as the German Money Laundering Act (GMLA/GwG) and the German Banking Act (GBA/KWG). The Transparency Register was introduced in Germany in June 2017 to implement the Fourth EU Anti-Money Laundering Directive (EU Directive 2015/849 of 20 May 2015).
According to the Federal Council's Communication of 22 May 2024, a federal register, the transparency register, will be introduced in Switzerland in which companies and other legal entities will have to enter their beneficial owners. The draft of a new federal law on the transparency of legal entities and the identification of beneficial owners provides for a simplified reporting procedure. It is not expected to enter into force until 2026 at the earliest.
In the future, due diligence obligations under Money Laundering Act will also apply to the provision of certain advisory services (in particular legal advice) that entail an increased risk of money laundering.
In principle, all companies and legal entities in Switzerland are obliged to disclose their beneficial owners to the Federal Transparency Register. For most of them, in particular single-member companies, limited liability companies, foundations and associations, the simplified procedure applies if the beneficial owners are already entered in the commercial register. In order to minimise compliance risks, companies must familiarise themselves with the relevant national regulations.
In summary, compliance with due diligence requirements in both Germany and Switzerland is crucial to avoid legal and financial risks and to ensure the integrity of the financial system.
The challenge for banks and financial institutions is to minimise compliance risks during due diligence through strong compliance management that not only meets regulatory requirements but also builds customer confidence. Legislation explicitly requires data to be kept up to date, but does not specify how often the data should be reviewed. This means that monitoring must be based on the risk of the data set. Automated compliance software can therefore help to optimise due diligence processes and facilitate the identification and verification of UBOs.
For large financial organisations with extensive international business relationships, the following UBO compliance measures are critical. They can ensure that UBO compliance is guaranteed:
1. Identification and verification of UBOs: Real-time updates enable a thorough analysis of ownership structures and a careful verification of background information. This enables financial institutions to recognize changes in the ownership structure immediately and react quickly to potential risks. This ensures that all relevant information is up-to-date at all times and compliance risks are minimized.
2. Use of advanced technologies: The use of modern technologies such as artificial intelligence (AI) and machine learning can significantly improve the monitoring and detection of suspicious activity. UBO reference data from providers such as Dun & Bradstreet is particularly helpful here, as it provides comprehensive, accurate and reliable information from millions of companies worldwide to identify beneficial owners - even across multiple levels of ownership, international borders and complex corporate networks. Pythagoras' UBO screening compares large volumes of data, analysing and uncovering potential high-risk links faster and more efficiently. The solution documents the investigation and evaluation steps and their results in an audit-proof manner.
3. Regular review and updating: The Anti-Money Laundering Act requires UBO information to be continuously reviewed and updated on an ongoing basis in order to detect changes in ownership structures in a timely manner. Banks should ensure that they have the latest information to keep their customer profiles up to date. Automated monitoring facilitates this process.
4. Employee training and awareness: Regular training on UBO compliance and anti-money laundering is essential to ensure that employees understand and implement the applicable regulations. Comprehensive training increases employees' awareness of the risks and helps to minimise potential vulnerabilities.
5. Collaboration with external partners and authorities: Sharing information and best practice with external partners and regulators ensures that UBO compliance remains up to date. Collaboration not only promotes mutual understanding, but also compliance with regulatory requirements.
Our screening and monitoring solutions, such as Partner Screening, here especially in combination with UBO Screening, for Know Your Customer (KYC) checks and Anti-Money Laundering (AML) solutions, such as Transaction Screening, Transaction Monitoring and Instant Payment Screening, can be integrated on one solution platform to ensure comprehensive risk analysis and monitoring. We help compliance officers to meet regulatory requirements automatically, daily and efficiently. From the first contact, we start with an individual analysis of your initial situation and needs in order to jointly tailor a suitable solution. We are with you from day one, providing strong support in the background.