从 Danske 总结出的问题：

The Board & Senior Management show a weak control and oversight and this culminated in a
failure in governance. Both the CEO and BOD were seen to prioritize profits over ethical
compliance, which goes against the care and loyalty they owe to their roles.
Turning to the Compliance Function, we observe a significant under-estimation of compliance
risks and inadequate KYC processes. In the Internal Audit Function, the lack of cohesive controls
points to a systemic weakness.

Why Danske?
The most critical reason is that, compare to other participants, there is more public information
related to this one. Danske Bank has a website dedicated to explaining the details of this scandal,
the punishment they received and the improvement on this matter to stakeholders.
Another reason is that I think the participants in this matter may have similar deficiencies and
Regulators’ action. Maybe Danske Bank doesn't cover all the possible deficiencies and action, I
think it can represent most of them.

Most important reason?

In this case of Danske, although many departments failed to fulfill their duties, the company's
strategy of ignoring the law and putting profits first played an important role. In such a large-scale
money-launching operation, both CEO and BOD received warnings from inside and outside many
times, but they still insisted on not to scale back non-resident accounts. I think this CEO with no
moral bottom line and his team are the main reasons for Danske's ending.

"Profit before credit losses"？

refers to the profit a bank or financial institution makes from its operations before any losses due
to non-payment are taken into account.

标题页
Such a large-scale money-launching operation has revealed significant issues with Management
Oversight, Compliance, and Internal Audit. We'll examine these areas, and the regulatory
responses.

介绍所选银行
Among the banks of receiving most money, Danske is the top three, partly due to its acquisition of
AS Sampo's Estonian branch prior to the scandal. It's a fascinating case with many layers. I'll
explain this further for a detailed analysis.

2007-2009
In 2007, Danske Bank completed the acquisition. This purchase included a branch in Estonia. A
few months after this acquisition, warning from Russia’s central bank and Estonian financial
regulators followed. They criticized the bank for dubious transactions and possible problems with
its KYC rules.
During the Financial Crisis in 2008, Danske did not pay sufficient focus on integrating the branch
into the whole system. The Estonian branch was largely independent from its headquarters.
Danske’s plans to merge the Estonian branches in the main IT platform were abandoned, and, as a
result, those branches’ AML checks suffered.

In 2009, the Danske Board observed suspicious activity on the Estonian branch. But they
expressed indifference to the “substantial Russian deposits”, as the amount of profit earned by this
branch from foreign accounts increased dramatically.

In the initial years of acquisition, numerous issues came to light, but they were ignored.

分类页
Here we'll categorize these deficiencies into three main areas. This form will be updated as events
unfold.

2011-2012 第一屏
In 2011 and 2012, internal auditors at Danske and Danish FSA reported respectively the
deficiency of Estonian branch in AML regulation. But until 2013, Danske’s head office still had no
person responsible for AML, as required by Danish law.
2011-2012 第二屏
This may be related to the appointment of the new CEO. I think he played an important role ( 切)
in Danske 's participation in the Russian money laundromat scandal.

2012-2013 第一屏
In 2013, business bank group in Danske frequently pointed out that Estonian branch was involved
in money laundering. They noticed abnormal non-resident accounts and non-regulated entities
generated over-normal profits, and the reputational risk associated with assisting “capital flight”
from Russia.
But Borgen was unwilling to scale back nonresident accounts. He emphasized a “need for a
middle ground", suggesting a preference for balancing risk management with maintaining these
accounts.

2012-2013 第二屏
Borgen's blindness may be related to his past experience. In 2008, Danske suffered a lot after the
Financial Crisis and struggled to generate profits like most banks. But the bank still had one
successful profit line: the Estonian branch. From 2007 to 2013, the percent profits for the Estonian
branch rose significantly, especially period in this scandal. Borgen was unsurprisingly offered the
CEO position after his success in Estonian branches instead of suffering through the Financial
Crisis like the rest of the bank.

2013-2014
In 2014, the internal audit group at Danske noted some suspicious activity in nonresident business.
But Borgen still unwilling to take action because exiting the offshore business strategy might
“significantly impact any sales price”.
Deficiencies 总结页
So this is the whole deficiencies analysis. This is a complete form, as we have just summarized on
each page.

监管页
In 2015 and 2016, the FSA of Estonian and Danish criticized Danske bank respectively for
violation of AML regulations.

By 2022, Danske had attracted the attention of the Danish Data Protection Agency, which fined
Danske for GDPR violations for retaining customer data beyond legal limits. And the SEC
charged the bank with fraud, accusing it of misleading investors about its AML compliance
failures in Estonia.

The cumulative penalties imposed by the US and Danish authorities amounted to more than 2
billion dollar, reflecting the gravity of the bank's infractions.

Now, let’s move to the learning points section, focusing on the lessons learned from
the Russian Laundromat particularly for Banks and Regulators.

First, what can banks learn here?

Russian Laundromat succeeded in part due to weaknesses in the Anti-Money

Laundering policies of institutions. Thus, the compliance function of banks plays a
crucial role in the anti-money laundering process by providing an effective AML
policy which including strong know your customer procedure, robust transaction
monitoring systems and well-organized employee training. The policy should also be
adaptable to the changing landscape of financial crimes.

The Laundromat involved the use of fake companies to move funds. Many
transactions passed through multiple layers of shell companies, making it important
for banks to enhance due diligence. A Strong know your customer procedures,
including verifying the identities of customers, understanding their business activities,
ongoing evaluation and monitoring of risk management, is essential. The case tells the
need for compliance function to continually improve their customer due diligence
with enhanced due diligence, especially in the face of transactions with complex
structures.

The case also involved a large volume of transactions moving through the financial
system. So, banks need a transaction monitoring systems capable of handling such
scale with alerts designed to detect anomalies in transaction patterns and technology
to uncover potential money laundering activities that might go unnoticed with
traditional methods, which will be talked in the later Fintech Solutions section.

The Laundromat exploited the complexity of international transactions. This teaches

the compliance function the value of establishing an adaptable AML policy that will
continually assess the risks associated with cross-border transactions and adjust the
monitoring mechanisms as needed to respond to emerging patterns.
The complexity of the Laundromat scheme also underscores the need for well-trained
staff to ensure the effectiveness of AML policy.

The Laundromat's prolonged operation without detection highlights the need for the
internal audit function of bank to strengthen AML controls specifically in conducting
independent and regular audits.

Independence is a big deal for internal audit teams, especially when it comes to anti-
money laundering inspections. Structural independence means that the team is not tied
up in the day-to-day operations and does not have any biases or conflicts of interest.
This is vital as it allows them to check that the bank's AML controls are effective from
a completely unbiased perspective. They can quickly identify risks and take action to
ensure that the compliance team follows with AML rules and standards. Having an
independent internal audit therefore keeps the bank's financial systems under control
and ensures that the bank plays fair.

In the pursuit of strong anti-money laundering controls, the case demonstrates the
importance of keeping a vigilant /ˈvɪdʒɪlənt/ internal audit function in place. Regular
testing and monitoring help audits identify gaps and areas for improvement. The
internal audit function works closely with the compliance team, utilizing their
expertise/ ɛkspəːˈtiːz/ to address identified issues timely and promote continuous
improvement.

So, What about Regulators?

The persistent existing of money laundering schemes in the case indicates gaps in
regulatory oversight. Regulators must establish and maintain strong oversight
capabilities to ensure financial institutions effectively implement AML measures. It is
crucial to promptly identify shortcomings in their policies and guide them towards
timely corrections. Additionally, regulators should provide ongoing guidance to
financial institutions by updating regulations and issuing clear directives on best
practices for anti-money laundering.

The case also tells the regulators the importance of building collaborative regulatory
ecosystems capable of responding to transnational financial crime. By sharing
information and coordinating efforts across borders, regulatory bodies can collectively
strengthen their ability to detect, prevent, and respond to cross-border financial crimes
effectively.
Global cooperation is not easy, yet technology, as Xinyi will explain, provides a
detailed pathway forward.

1.
To detect and avoid money laundering transactions in a timely manner requires the comprehensive
use of legal, regulatory and technical methods. Then I will introduce possible solutions from the
aspects of fintech and technology.
想要及时侦测和避免发生洗钱交易，需要综合运用法律、监管和技术手段。那么我从金融
科技和技术的方面来介绍可能的解决方案。

2.
Problem: Loopholes in the international financial system, and money launderers establish shell
companies overseas to transfer assets（问题：国际金融体系漏洞，洗钱人员在海外建立空壳
公司来转移资产）
Three characteristics of blockchain can prevent potential money laundering activities.
 allows regulators to track and audit transactions
 can be programmed to implement specific regulatory requirements
 specific actions will be automatically performed under specific conditions

3.
In this case, the use of shell companies and transactions makes the flow of funds complicated and
difficult for regulators to track. （问题：在这个案例中，通过虚构公司和交易，资金的流动
变得复杂，难以被监管机构追踪。）
RegTech is a technology that can improve regulatory compliance.
It contains xxxx functions.
RegTech involves three parties: regulatory agencies formulate regulatory rules, financial
institutions and FinTech companies need to meet regulatory compliance requirements, and
RegTech companies provide technical services.

4.
One of the RegTech is xxx.
Utilizing big data analysis and artificial intelligence technology, abnormal transactions and
patterns can be detected in a timely manner. Regulators can track potential money laundering
activities through these systems and take preventive measures.
Indispensable in this incident is the participation of some major banks. The EU banking system
needs to be better regulated and should act as a firewall to prevent corrupt money from being
sucked in from Russia and elsewhere. Without more effective banking supervision, we will see
more scandals like this, damaging the entire EU banking system.

5. Corruption issues