FIAU slaps Malta-based online bank with €359,339 fine for AML breaches

[email protected] had previously obtained a prohibtory injunction to stop the publication by the FIAU of any statement in relation to the sanction and to defend its rights in front of "a real and fair court."

The FIAU has fined Emoney €359,339 for breaches of AML laws
The FIAU has fined Emoney €359,339 for breaches of AML laws

A Malta-based online bank has filed a warrant of prohibitory injunction against the Financial Intelligence Analysis Unit over a €359,339 fine for breaches of anti-money laundering laws concerning clients involved in passport sales, cryptocurrency and with potential links to organised crime. 

A statement published on Friday by the FIAU states that it had issued an administrative penalty against [email protected] plc, based in Sliema, following an inspection which revealed a number of serious shortcomings.

The FIAU said that some of the bank’s customers had previously been arrested for forgery, others had been linked to organised crime and investigated in this regard.

The bank had failed to perform adequate enhanced monitoring and checks on these clients, it said.

In a statement [email protected] accused the FIAU of releasing information about the sanction despite a prohibitory injunction issued by the court prohibiting publication, which was filed earlier this week. The bank hinted that it could sue the agency over a breach of its right to a fair hearing. 

The FIAU said it had identified shortcoming in the way the bank collected information about its clients. From a review of the bank’s documents, it emerged that it had failed to determine and verify the identity of its business customers’ Ultimate Beneficial Owners (UBOs).

In addition, the bank had not collected any information concerning the anticipated level and nature of transactions to be performed throughout its business relationship with 16 files – mostly businesses- held by the bank before 2018.

In four files, the bank had not obtained adequate information in relation to the business activity of its customers.

In one file, the customer’s primary business activity was listed as ‘business consultancy’, and the secondary activity as ‘IT consultancy’. But following checks performed by FIAU, it transpired that the customer actually provided legal advice “in the area of passport acquisition through investment.”

The FIAU concluded that the information obtained by the bank was too generic in order to be able to accurately understand the true nature of the customer’s business and, as a result, it was not aware of the risk of crime they posed.

In two other files, the FIAU said that customers with a transactional limit in excess of €250,000 had an offshore fiduciary structure in their ownership set-up.

In that case, the FIAU said, the corporate structure as well as the annual transactional limit of the customers, should have prompted enhanced due diligence to be carried out by the bank, but this had not been done.

In yet another file, the FIAU noted that while the customer operated in the cryptocurrencies sector and made large transactions, the proper due diligence had not been carried out despite the risks inherent to the client’s activities.

Another transaction between the bank’s clients, of €200,000, was not scrutinised despite one of the parties being named in several adverse media reports.

Other files showed four transactions of between €1 million and €2 million which were supported merely by “gentleman’s agreements” which the FIAU said were “vague and lacked sufficient detail.”

In its reaction, the bank denied the FIAU’s findings, claiming that information on the purpose and intended nature of the business relationships was being collected, and that it was, in fact, performing enhanced due diligence measures.

In its statement, [email protected] plc indicated that it would be suing the FIAU for what it said was a breach of its rights over the way in which audits were carried out and sanctions imposed. 

“The FIAU in this instance acted as judge, jury and executioner,” it said, saying that it had not been given a fair or impartial hearing and that the penalty imposed on it was disproportionate to the breaches identified and the size of the company. 

[email protected] plc said that the FIAU had been ordered by a local court not to publish any statement related to the sanction, as part of a prohibitory injunction that the bank had sought and obtained with urgency. This notwithstanding, the FIAU sanction had been made public, it said. 

“The company feels aggrieved and shall contest the manner in which the audit was carried out by the FIAU’s consultants, the content of the report and the sanctions imposed in all available fora, including in the Maltese constitutional courts and at EU level,” it said. 

It said that it had terminated its relationship with clients flagged by the FIAU long before they were found guilty or processed for an offence, and denied that [email protected] had any clients which were involved in the sale of passports.

[email protected] also pointed out that the sanctions imposed did not take into account the positive remarks that the FIAU had made in its regard. The authority had noted that the company “was overall proactive in its approach and… had a comprehensive and adequate ongoing monitoring system, designed to effectively and efficiently scrutinise transactions, which system is extremely important to a financial institution in adhering to its AML/CFT obligations,” it said.