Know Your Customer and Anti Money Laundering measures at ING

... min read Listen

ING announced on 4 September 2018 that it had reached a settlement agreement with the Dutch Public Prosecutor related to an investigation that found serious shortcomings in the execution of customer due diligence and transaction monitoring requirements related to fighting financial economic crime. The up-to-date information collected on this page will help you understand the steps that ING has been taking and continues to take, to improve and enhance its compliance risk management.

The September 2018 settlement

As announced in March 2017, ING Bank has been the subject of criminal investigations by Dutch authorities regarding various requirements related to client on-boarding, money laundering and corrupt practices. We fully cooperated with the investigations and requests, and also conducted our own investigation.

The investigations found serious shortcomings in the execution of policies to prevent financial economic crime (FEC) at ING in the Netherlands in the period investigated (2010-2016). These shortcomings include: customer due diligence (CDD) files missing or being incomplete, assignment of incorrect risk classifications, the failure to have the (periodic) CDD review process in order, failure to exit business relationships in a timely manner, insufficient functioning of the post-transaction monitoring system, classifying clients in the wrong segments and insufficient availability of qualitative and quantitative personnel.

We deeply regret that our business in the Netherlands did not adequately fulfil its role as gatekeeper to the financial system helping fight financial crime. Not meeting the required standards is unacceptable and ING takes full responsibility. Even though our policies and procedures in the Netherlands resulted in us terminating the relationships with thousands of clients, it was not enough.

On 4 September 2018 we announced that ING reached a settlement agreement with the Dutch Public Prosecution Service (DPPS). Under the terms of the settlement, ING paid a fine of €675 million, with an additional amount of €100 million for ‘disgorgement’. In determining the amount of the fine, the DPPS has taken ING’s financial strength (‘ability to pay’) into account, as well as the seriousness, extent and duration of the identified shortcomings. The ‘disgorgement’ amount represents the underspend by ING in the Netherlands on staffing for the implementation and execution of financial economic crime CDD policies and procedures over the period in scope (2010-2016).

ING has regular scheduled on-site visits and inspections by regulators across our franchises and we have a pro-active dialogue with them on many topics including KYC/AML.

As announced on 16 March 2019, we were informed by the Banca d’Italia of their report with conclusions regarding shortcomings in AML processes at ING Italy. ING is analysing the findings of an inspection conducted from October 2018 until January 2019 and will discuss them further with the Banca d’Italia. We are taking the necessary steps to improve processes and management of compliance risks as required by the Banca d’Italia. The measures in Italy come in the context of the steps ING announced in September 2018 to enhance its management of compliance risks and embed stronger awareness across the whole organisation.

Ralph Hamers, CEO of ING

Statement Ralph Hamers, CEO of ING

As a bank we have the obligation to ensure that our operations meet the highest standards, especially where it comes to preventing criminals from misusing the financial system. Not meeting those standards is unacceptable and ING takes full responsibility.

How ING is improving its compliance and customer due diligence

ING is committed to operating in compliance with applicable laws, rules and standards and is permanently working to meet these standards. As we mention in our 2018 Annual Report and as presented on the ING Investor Day 2019, ING continues to work on the global know your customer (KYC) Enhancement Programme, which emphasises regulatory compliance as the key priority. This is a sizeable operation as we have activities in over 40 countries and have more than 38 million customers. The global KYC Enhancement Programme encompasses all client segments in all ING business units, leveraging on experiences from the enhancement programme already started in the Netherlands.

Knowing our customers

Find out more about the global Know Your Customer (KYC) Enhancement Programme

In early 2017, ING formally launched the global KYC Enhancement Programme.
The outcome of the internal investigations carried out by ING in the context of the investigation by the Dutch authorities are incorporated into this programme.

The programme consists of three large parts:

  • Screening of transactions executed in the past. In case unusual transactions are identified, ING is committed to following the applicable reporting process.
  • A client due diligence (CDD) file enhancement part, where we improve the client documentation, client data & identity verification.
  • A structural solutions part, so we become sustainably better in the execution of our KYC policies.

The structural solutions consist of five pillars:

  • Policies & Risks
    Key elements for this pillar are: development and global roll-out of KYC risk appetite statements, KYC risk assessments on clients, capability structure and maturity assessments.

    • ING has rolled out a global KYC policy and risk-appetite statements across all locations.

    • ING has implemented a Systematic Integrated Risk Approach (‘SIRA’) globally, which takes various elements into account, such as location of the client, type of product and sector to determine client acceptance and type and frequency of monitoring.

  • Development and global roll-out of a bank-wide KYC digital service, including processes and tooling around CDD, screening and workflow management. This includes the fulfilment of the client maintenance life cycle within one global digital platform.

    All required screening components (name screening, pre-transaction screening, adverse media screening) will be incorporated into the client due diligence process. Once a customer is on-boarded, ongoing screening and monitoring of transactions can then be activated.

    • ING is rolling out a global case management system, with feeds from a.o. name & adverse media screening and client activity monitoring. The adverse media screening tool has been rolled out in most locations.

  • Monitoring and screening
    Translation of risk assessment outcomes into scenarios and alert definitions that can be applied in transaction monitoring. This includes the design and definitions of the applicable financial economic crime (FEC) and client activity monitoring (CAM) scenarios per entity, the building of the alert definitions (including data feeds) and, validating and testing the approach from risks to alerts.

    • ING is rolling out the same transaction monitoring tooling globally, supported by risk-based scenarios, with follow-up in terms of alert handling and suspicious activity reporting (SAR).

    • ING works actively together in partnerships with public authorities and other banks on a.o. collective transaction monitoring, as we believe anti-money laundering can be countered more effectively by sharing information. We duly take into account privacy and other legislation.

  • Governance
    • ING set up a central KYC organisation to develop consistent processes, work instructions and roles and responsibilities across the globe.

    • Two core committees have been introduced:
      • KYC Committees in the countries and Wholesale Banking are in place, headed by the local COO and CEO to track and trace progress of the KYC Enhancement Programme, overseen by the Global KYC Committee.
      • Client Integrity Risk Committees in the countries and Wholesale Banking are in place, chaired by the Risk function to decide on client acceptance and exits in case of dilemmas, based on compliance criteria.

  • Development and rollout of KYC communication and awareness initiatives and set up of a behavioural risk department that performs risk assessments.
    • In its internal communications, ING has made it clear that non-financial risk and compliance are just as important as financial risk.

    • Continuous communication, training including the set up of a global KYC academy.

    • MBB members spent a considerable amount of time engaging with staff to explain and discuss our responsibility as gatekeepers of the financial system. In these meetings, the impact of the settlement, the root causes, the shortcomings and our commitment and efforts to enhance were discussed.

    • In addition, ING started behavioural risk assessments supported by a team with psychological training to detect high risk behaviours and intervene where needed.

All departments with responsibility for KYC in business, compliance and audit are fully involved. The recruitment policy and the training curriculum have been amended to meet current requirements.

The global KYC Enhancement Programme is expected to run until end-2020 and is carried out under the supervision of the DNB.

Culture-driven change

We’re not only improving processes and procedures, but building the right compliance culture. That starts with ING’s senior leaders

  • To further highlight the importance of KYC/AML in the organisation and to tighten the culture of the organisation in this area, to achieve continuous compliance: a KYC/AML leadership day was held at the beginning of 2018 for senior management, led by the COO and the CRO of ING.
  • In March 2018, the ‘i for integrity’ programme was rolled out at ING in the Netherlands to have an impact not only on the minds, but also the hearts of the ING employees. This programme, aims at strengthening the internal compliance culture.
  • A team with psychological training has been appointed and started the roll out of behaviour risk assessments to detect high risk behaviours and intervene where needed. The head of this team reports to ING’s CRO.
  • In March 2019 KYC/AML enhancement was extensively addressed during the ING leadership days, led by the Management Board Banking.

ING contributes knowledge and capacity to various public-private partnership projects that combat money laundering in the Netherlands

ING recognises that fighting Financial Economic Crime requires close cooperation with other banks and supervisory and regulatory authorities. ING is therefore working with the Dutch Banking Association (NVB) and the Dutch central bank (DNB) on harmonising efforts in the fight against FEC and participates actively in various working groups and project teams in this area. As such, ING actively participates in public-private partnerships to combat FEC, such as participating in the FEC Council PPS (‘FEC-RAAD Public Private Cooperation’) in which Dutch authorities and financial institutions cooperate on supervision, control, prosecution or investigation with financial sector parties to strengthen the integrity of the sector. This is done by means of preventative action to identify and combat threats to integrity. ING believes that introducing clear accountabilities and standard processes across the financial industry will allow ING to manage and control KYC activities and integrity risks more effectively.

Related news

More questions?

Raymond Vermeulen

Head of Media Relations
Tel: +31 20 576 63 69

Back to top