The Norwegian Financial Supervisory Authority published a supervisory report on Sparebank 1 Østfold Akershus finding deficiencies in the bank's compliance with anti-money laundering rules for cash handling. The main shortcomings concerned risk management, customer due diligence and the follow-up of suspicious activity. In particular, the bank's customer risk-classification model had significant weaknesses because it relied only on customers' own statements about expected cash use and did not adequately reflect actual cash activity, while manual processes to challenge or correct the automated classification were insufficient. The report says the bank's anti-money laundering risk assessment was not sufficiently tailored to its business, customer base and products because it did not adequately use internal data on the scale, development and history of cash usage. Procedures were described as too high-level and not operational enough, including on when to apply enhanced customer measures, how to assess whether suspicion had been dispelled and how to handle customer relationships where suspicious behaviour persisted. Electronic monitoring also did not cover all cash-related risks identified by the bank and had rule weaknesses that could allow customers with significant cash deposits to go undetected. Sample testing found cases where investigations were closed even though suspicion could not be regarded as dispelled, and cases where continuing suspicious activity after earlier reports to Økokrim did not lead to new reports, including customers that had triggered 40 and 20 further alerts. The authority expects the bank to strengthen its use of internal sources in its risk assessment, make its procedures more operational, establish a clear practice for following up persistent suspicious behaviour and improve ongoing oversight of the outsourced Kontant i Butikk cash service by documenting the associated risks and assessing whether the outsourcing remains sound.

Original source Back to tracker