Pilatus Bank has been fined a record €4.9 million for a “serious and systemic failure” to follow anti-money laundering laws at the now-shuttered bank. 

In a notification on its website, the Financial Intelligence Analysis Unit (FIAU) on Tuesday said the bank’s lax approach to due diligence on its customers was of particular concern. 

The FIAU said it had identified failures when it came to the bank’s obligations to ensure it keeps customer information, data and documentation up to date in 97% of the customer files it reviewed.

The FIAU said the bank’s dependence on a “series of connections to the Caucus region,” a veiled reference to Pilatus’s high number of Azeri clients, made it impossible for the bank to ever take concrete actions in respect of any transactions, activity or relationship deemed to be suspicious. 

In April 2018, Times of Malta had revealed as part of the Daphne Project, how a network of over 50 companies and trusts secretly owned by Azerbaijan's ruling elite used accounts at Pilatus Bank to move millions around Europe.

According to the unit, throughout its operations, the bank had exposed itself and the Maltese jurisdiction to “egregious” money-laundering risks that were not mitigated in any manner. 

“The bank’s total disregard towards necessary anti-money laundering and terrorism financing safeguards, led to it allow millions to pass through the Maltese economy without any considerations of possible money-laundering taking place,” the unit said. 

Pilatus Bank’s licence was stripped by the European Central Bank in November 2018, following the arrest of its founder and chairman Ali Sadr in the US.

Sadr has since been released after being found not guilty of money-laundering charges due to disclosure failures by the US prosecution.

That same year, the European Banking Authority had criticised the FIAU’s failure to impose any sanctions on the bank, despite its misgivings about its anti-money laundering controls.

An inquiry into the bank’s operations was opened by the Maltese police days before the order to shutter the bank was handed down.

The inquiry has since concluded and charges in connection with the bank’s operations are set to be issued. 

Former prime minister Joseph Muscat and his top aide Keith Schembri were both revealed to have attended Sadr’s lux wedding in Italy. Their friend, 17 Black owner Yorgen Fenech, was also invited to the 2015 wedding.

Fenech stands accused of conspiracy in the murder of Daphne Caruana Galizia. 

Bank relied on 'generic information'

The compliance review revealed how the bank’s measures for obtaining information on the activities of the customers, their source of wealth and expected source of funds and estimated account activity were overall lacking. 

The bank relied heavily on “generic information” provided by its customers, which was not even considered to be sufficient to establish the customer profile for normal risk customers. 

While the bank held information on the reason customers opened accounts with it, such as to hold, manage and invest the wealth of their beneficial owners, it did not substantiate this with more detailed information and documentary evidence. 

In other instances, the bank obtained CVs of customers without considering that these were not a reliable nor independent source of information.

The bank also held information on the customer’s operations and expected turnover that were “exceptionally high in value”, without obtaining documentary evidence to substantiate it. 

The FIAU said the bank was onboarding politically appointed customers, high net worth customers and companies that were at times dealing in high-risk jurisdictions and projecting to transact millions of euro annually. 

What did FIAU inspectors find? 

  • In 15 files reviewed at the bank, the source of wealth was the same. However, the bank did not ascertain whether it would make economic sense to have the same activity funding all 15 customers, nor did the bank question the links between the individual customers and the said business operations. It was observed that were one to combine the expected annual turnover of the 15 customers, this would amount to a total of circa €390 million. The financial statements provided by the bank only covered €23.5 million – the shortfall between the two amounts had to be considered as too significant to ignore, the FIAU said. 
  • In another instance, the bank did not adequately comprehend the source of wealth of a customer. The bank provided documentation that includes information that the account turnover for this customer was €5 million and that he is a well-known entrepreneur in the United Arab Emirates and Azerbaijan. However, there were no details of the customer’s own assets (apart from names of corporate entities owned by the customer) and evidence of the business earnings obtained from the same.
  • In another instance, the bank only held information that the customer’s income would be generated from future investments, mostly from the UK residential real estate market and that the beneficial owner would be injecting the initial capital. The bank provided a copy of the 'know your client' form which also made reference to the beneficial owner’s source of wealth as being his salary and savings as a private banker. The FIAU however said that no evidence confirming this was obtained. 
  • In another instance, Pilatus failed to obtain the necessary documentary evidence to substantiate the source of wealth of the customer, particularly in view of his wealth estimated to be in the region of €100 million.
  • The bank also failed to obtain evidence to substantiate an expected account turnover of €20 million for another customer.
  • In another instance Pilatus failed to query a substantial discrepancy between an estimated turnover of €10 million and a management account identifying a total income of approximately €190,000.
  • In a separate instance involving a trust, the bank held information as to the trust set up. However, it did not gather the necessary documentation to substantiate the source of the assets settled on trust.
  • For another customer, the bank failed to even obtain the necessary forms as well as to obtain important information relative to the customer, such as the financial size, expected business and provenance of funds information.
  • In another instance, the bank obtained information on the business operations of the customer. However, this was obtained seven months after the start of the business relationship and after having allowed over €16 million to pass through the customer’s bank accounts. It was also observed that not only was the information obtained late, but no documentation to substantiate this information was collected. 

The bank relied on there being no regulatory requirement for companies incorporated in the particular jurisdiction to prepare audited financial statements. 

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.