Settlement of regulatory issues
ING announced on 4 September 2018 that it had reached a settlement agreement with Dutch authorities related to an investigation that found serious shortcomings in the execution of customer due diligence and requirements related to fighting financial economic crime. The up-to-date information collected on this page will help you understand what happened and the steps that ING has been taking to improve and enhance its compliance risk management.
As announced in March 2017, ING Bank has been the subject of criminal investigations by Dutch authorities regarding various requirements related to client on-boarding, money laundering and corrupt practices. ING Group also received related information requests from US authorities.
We fully cooperated with the investigations and requests, and also conducted our own investigation.
The investigations found serious shortcomings in the execution of policies to prevent financial economic crime (FEC) at ING in the Netherlands in the period investigated (2010-2016). These shortcomings include: customer due diligence (CDD) files missing or being incomplete, assignment of incorrect risk classifications, the failure to have the (periodic) CDD review process in order, failure to exit business relationships in a timely manner, insufficient functioning of the post-transaction monitoring system, classifying clients in the wrong segments and insufficient availability of qualitative and quantitative personnel.
We deeply regret that our business in the Netherlands did not adequately fulfil its role as gatekeeper to the financial system helping fight financial crime. Not meeting the required standards is unacceptable and ING takes full responsibility. Even though our policies and procedures in the Netherlands resulted in us terminating the relationships with thousands of clients, it was not enough.
On 4 September 2018 we announced that ING has reached a settlement agreement with the Dutch Public Prosecution Service (DPPS). Under the terms of the settlement, ING will pay a fine of €675 million, with an additional amount of €100 million for ‘disgorgement’. In determining the amount of the fine, the DPPS has taken ING’s financial strength (‘ability to pay’) into account, as well as the seriousness, extent and duration of the identified shortcomings. The ‘disgorgement’ amount represents the underspend by ING in the Netherlands on staffing for the implementation and execution of financial economic crime CDD policies and procedures over the period in scope (2010-2016).
How ING is improving its compliance and customer due diligence
We are committed to conducting our business with integrity, which includes compliance with all applicable laws, regulations and standards in each of the markets and jurisdictions in which we operate. Meeting the highest standards wherever we do business is an ongoing commitment, and we have taken numerous steps to further strengthen our compliance risk management at ING in the Netherlands. For example, we have:
• started an enhancement programme to ensure compliance with ‘know your customer’ (KYC) and ‘client activity monitoring’ requirements. This includes enhancing management of customer information and improving effectiveness of the control framework applicable to the FEC domain, especially with respect to client activity monitoring capabilities.
• centralised and simplified operational KYC activities into one ‘KYC Centre’ across divisions, introducing standard processes and tooling, allowing ING in the Netherlands to manage these activities more effectively.
• set-up Client Risk Committees across business units, deciding on client on-boarding and exit escalations to ensure KYC risk mitigation.
• started an engagement programme to strengthen the internal compliance culture and awareness by better enabling employees to act in both the letter and the spirit of the law, empowered by their organisation and supported (and enforced) by compliance departments.
• taken an active role in the FEC-RAAD taskforce, where Dutch authorities that have supervisory, control, prosecution or investigation tasks cooperate with financial sector actors to strengthen the integrity of the sector. We have also joined forces with the Dutch Central Bank (DNB) and the Dutch Banking Association (NVB) to harmonise efforts and knowledge in the fight against financial crime, and we actively participate in various taskforces and project teams in this field.
Frequently asked questions
What went wrong?
The investigations, including our own internal investigation, established serious shortcomings in the execution of policies to prevent financial economic crime (FEC) at ING in the Netherlands in the period 2010-2016.
These shortcomings include:
- customer due diligence (CDD) files missing or being incomplete
- assignment of incorrect risk classifications
- the failure to have the (periodic) CDD review process in order
- failure to exit business relationships in a timely manner
- insufficient functioning of the post-transaction monitoring system
- classifying clients in the wrong segments; and
- insufficient availability of qualitative and quantitative personnel.
During the period investigated, the execution of ING Netherlands’ FEC policies resulted in the termination of ING’s relationship with thousands of clients. Nevertheless the shortcomings identified resulted in clients having been able to use their bank accounts for money laundering practices for a number of years.
Why is the fine so big?
The Dutch authorities have based the size of the fine on ING’s financial strength and ‘ability to pay’. The size of the fine also reflects the seriousness, extent and duration of the identified shortcomings, but also expresses the fact that it was not possible to determine to which extent and for what amounts bank accounts at ING in the Netherlands were actually misused.
What does ‘disgorgement’ mean?
The amount that ING will pay for ‘disgorgement’ represents the underspend by ING in the Netherlands on staffing for the implementation and execution of financial economic crime (FEC) customer due diligence (CDD) policies and procedures over the period in scope.
Will this settlement affect ING’s strength and stability?
The settlement will have an impact on ING’s third quarter 2018 results, which will be recorded as a special item, but will not affect the strength of ING, the execution of our strategy nor our commitment to our customers, shareholders and other stakeholders. We strongly believe that compliance is an essential part of the way we do business and the way we serve and empower our customers.
Who is to blame?
ING sincerely regrets that we did not do enough to preventing criminals from misusing the financial system. We take this very seriously and accept full responsibility for what went wrong. Not meeting the required standards is unacceptable. The investigations, including our own internal investigation, found no evidence or indications of (former) ING employees having actively cooperated with clients who used, or may have used, banking services for potential criminal activities, nor indications of (former) employees having received personal gains. However, ING takes this matter very seriously and finds that there have been collective shortcomings at all responsible management levels (i.e. business, compliance and control functions). After an internal assessment, ING has decided to initiate measures against a number of (former) employees in senior management positions who had broader responsibility for the safeguarding and execution of financial economic crime CDD policies and procedures in the Netherlands. These measures include holdbacks of variable remuneration and suspension of duties.
Although no current or former ING employees were found to have actively cooperated with, nor personally gained from, clients who may have used banking services for potential criminal activities, ING’s Supervisory Board announced on 11 September 2018 that chief financial officer (and member of the Executive Board) Koos Timmermans will step down from his role and leave ING. Given the seriousness of the matter and the many reactions from stakeholders since the settlement announcement, the Supervisory Board came to the conclusion that responsibility should be taken at Executive Board level. During the investigated period (2010-2016) Mr Timmermans was a member of the Management Board Banking and for several years end-responsible for ING Netherlands.
What about the SEC’s request for information related to the investigations?
As previously noted, in connection with the investigations ING also received information requests from the US Securities and Exchange Commission (SEC). ING has received a formal notification from the SEC that it has concluded its investigation. In the letter the Division of Enforcement states that, based on information as of this date, it does not intend to recommend an SEC enforcement action against ING.