Norwegian Financial Supervisory Authority identifies ongoing anti-money laundering deficiencies at DNB Bank and will follow up the remediation plan

The Norwegian Financial Supervisory Authority (Finanstilsynet) has published an on-site inspection report on DNB Bank ASA’s compliance with anti-money laundering and counter-terrorist financing requirements, focused on Corporate Banking, Private Banking and Markets. Although the bank has implemented several improvements since the previous AML inspection in 2020, the review found continuing weaknesses and missing elements, and DNB has drawn up an action plan to remediate the findings. The report highlights shortcomings linked to the Anti-Money Laundering Act provisions on risk assessment, enhanced customer due diligence for correspondent relationships, investigations of suspicious circumstances, and internal control, alongside identified gaps in routines, enhanced customer measures, training and electronic transaction monitoring. Issues cited include insufficient assessment of risks associated with an organisational restructuring, first-line controls that did not cover all AML obligations and limited board reporting on actual compliance and closure of deviations, and risk assessments that were difficult to follow and not consistently calibrated across business areas, including unclear separation of money laundering and terrorist financing risks and inadequate assessment of a new risk-classification model before implementation. Finanstilsynet also found weaknesses in transaction monitoring coverage and scenario evaluation (including retraining of a machine-learning model), deficiencies in customer due diligence files and ongoing review (including group-level assessments without entity-specific analysis), a significant backlog of enhanced measures after the new model without a concrete plan for higher-risk customers, and repeated concerns about handling of alerts and investigations, including one case where Finanstilsynet considered it should have stopped transactions earlier, notified Økokrim and blocked the account. The review further notes shortcomings in correspondent and respondent banking risk assessment and classification, including limited coverage beyond bank relationships, insufficient consideration of geographic risk and inadequate application of enhanced measures for high-risk country links. DNB is expected to implement its action plan and report progress to Finanstilsynet, which will follow up execution. The bank is also asked to send a copy of the inspection report to its auditor.