Malta’s anti-money-laundering agency (FIAU) has slammed what it calls the European Banking Authority’s (EBA) “myopic” findings about its operations.
The Financial Intelligence Analysis Unit found itself in hot water this month after the EBA released a critical report about its regulatory oversight of Pilatus Bank in 2016, which saw it in breach of the EU’s anti-money-laundering rules.
In its report, the EBA took the FIAU to task over its failure to sanction Pilatus after preliminary findings by the agency raised concerns about the bank’s lack of compliance with anti-money-laundering laws.
Replying to questions from The Sunday Times of Malta, an FIAU spokesman maintained that neither the unit nor the EBA had sufficient information to confirm that Pilatus Bank had breached its anti-money-laundering obligations.
The spokesman argued that the EBA had wrongly concluded from one case, in 2016, that its findings pointed towards “general and systematic shortcomings” at the FIAU.
While acknowledging that in 2016, the FIAU could have better handled the Pilatus case, the spokesman disagreed that one case could be used to conclude that the unit had systemic failings which were still present.
Compliance visits
The FIAU has provided further insight into its 2016 compliance visits to Pilatus Bank.
A thematic visit that looked into the bank’s high ratio of politically exposed persons took place in March 2016.
Based on that visit, the FIAU drew up what it describes as “initial findings”, which were sent to the bank for feedback, as is the norm, the spokesman said.
These findings, which were leaked in 2017, showed the FIAU was concerned about what it termed a “glaring, possibly deliberate disregard of the applicable [anti-money-laundering] legislative provisions”.
Questioned about how the unit could retreat from such a strong letter to saying the issues highlighted “no longer subsist” a few months later, the spokesman said the FIAU could not have sanctioned Pilatus Bank immediately upon issuing the initial findings report.
The bank needed to be given the possibility to provide its views and any clarifications about the points the unit raised.
In this particular case, the then director of the FIAU, after having received the bank’s submissions, which included two external audit reports by KPMG and Camilleri Preziosi, took the decision to perform a follow-up examination.
This decision, the spokesman said, was taken during a meeting with the bank’s chairman, Seyed Ali Sadr Hasheminejad, and the bank’s advisers.
The FIAU spokesman denied that the unit had been subject to any political pressure, particularly from the Prime Minister’s chief of staff, Keith Schembri, during the course of its compliance work at Pilatus Bank.
In another leaked report, the FIAU described Mr Schembri as a close associate of Mr Hasheminejad and a person who had also taken a keen interest in the Pilatus Bank licensing process.
‘Missing’ documents appear
The spokesman said the follow-up examination by the FIAU and MFSA was carried out in August 2016 by the same officials who carried out the first inspection.
During this visit, all the documents related to the bank’s high-risk clients were found to be in place, the spokesman continued.
It was the absence of such documentation which had formed the basis of the “serious concerns” indicated in the initial findings report.
Following the August visit, the FIAU compliance monitoring committee met twice to discuss the Pilatus Bank case.
The committee concluded that since the documentation was now in place, the factual basis which had given rise to the serious concerns no longer existed.
“It could not be established with certainty whether the customer due diligence documentation and information had always been at the bank or whether the bank had taken remedial action following the May 17, 2016, initial findings report,” said the FIAU spokesman.
It could not be established with certainty whether the customer due diligence documentation had always been at the bank or whether it took remedial action
The spokesman said that the FIAU had since introduced a new procedure whereby banks and other entities subject to the unit’s inspections now had to sign a declaration when relevant documents were not found on file or presented during an on-site visit.
The audits by KMPG and Camilleri Preziosi were carried out “in the days immediately” following the initial findings report, the spokesman said.
The FIAU said that, under the circumstances, it had not been able to conclude that Pilatus Bank had actually breached anti-money-laundering laws, therefore it had no legal basis to issue any sanctions.
Concerns over governance
Rather than just flagging missing documentation, the FIAU’s preliminary findings raised concerns about the very governance structures at Pilatus Bank.
In one section of its report, the FIAU even said the bank was turning a “blind eye” to anti-money-laundering procedures for certain PEPs.
How were these concerns allayed in the follow-up visit?
The spokesman said that the lack of documentation about the source of wealth and source of funds regarding some of its clients formed the basis of “most of the concerns” expressed in the initial report.
Although the presence of this documentation was noted during the follow-up visit, the spokesman said that the FIAU remained concerned, and this concern was communicated to the bank in September 2016.
He said the unit highlighted the fact that the bank only provided information and documentation during the follow-up examination, and that the FIAU was disappointed and concerned at this course of action.
Plan ‘used against it’
Finance Minister Edward Scicluna on Wednesday claimed that the European Commission had put political pressure on the EBA to “rush and act” to make an example of the FIAU.
Prior to the EBA’s conclusions about the case, the FIAU sent the authority what it described as a comprehensive action plan.
The spokesman said the EBA had supported its conclusions that the unit was in breach of EU law by referring to this action plan as being evidence that the FIAU’s policies and procedures, which applied at the time of the case, were inappropriate.
According to the spokesman, the FIAU had worked since the Pilatus Bank case in 2016 to strengthen its governance and decision-making processes, as well as investing heavily in technical and human resources.
“The FIAU believes that the actions which it has taken or is in the process of taking already address the majority of the recommendations made by the EBA, and in some cases go beyond,” the spokesman said.
The FIAU said that it accepted that there were various areas in which it needed improvement and weaknesses that needed to be addressed.
Despite this acknowledgement, having room for improvement or weaknesses to address did not necessarily translate into a breach of EU law, the spokes-man maintained.
It was evident that the EBA had not taken into consideration any of the actions taken by the FIAU post-2016, which were taken upon the unit’s own initiative, he added.