Settlement of regulatory issues

ING announced on 4 September 2018 that it had reached a settlement agreement with Dutch authorities related to an investigation that found serious shortcomings in the execution of customer due diligence and requirements related to fighting financial economic crime. The up-to-date information collected on this page will help you understand what happened and the steps that ING has been taking to improve and enhance its compliance risk management.

What happened?

As announced in March 2017, ING Bank has been the subject of criminal investigations by Dutch authorities regarding various requirements related to client on-boarding, money laundering and corrupt practices. ING Group also received related information requests from US authorities.
We fully cooperated with the investigations and requests, and also conducted our own investigation.

The investigations found serious shortcomings in the execution of policies to prevent financial economic crime (FEC) at ING in the Netherlands in the period investigated (2010-2016). These shortcomings include: customer due diligence (CDD) files missing or being incomplete, assignment of incorrect risk classifications, the failure to have the (periodic) CDD review process in order, failure to exit business relationships in a timely manner, insufficient functioning of the post-transaction monitoring system, classifying clients in the wrong segments and insufficient availability of qualitative and quantitative personnel.

We deeply regret that our business in the Netherlands did not adequately fulfil its role as gatekeeper to the financial system helping fight financial crime. Not meeting the required standards is unacceptable and ING takes full responsibility. Even though our policies and procedures in the Netherlands resulted in us terminating the relationships with thousands of clients, it was not enough.

Ralph Hamers, CEO of ING

Statement Ralph Hamers, CEO of ING

As a bank we have the obligation to ensure that our operations meet the highest standards, especially where it comes to preventing criminals from misusing the financial system. Not meeting those standards is unacceptable and ING takes full responsibility.

On 4 September 2018 we announced that ING has reached a settlement agreement with the Dutch Public Prosecution Service (DPPS). Under the terms of the settlement, ING will pay a fine of €675 million, with an additional amount of €100 million for ‘disgorgement’. In determining the amount of the fine, the DPPS has taken ING’s financial strength (‘ability to pay’) into account, as well as the seriousness, extent and duration of the identified shortcomings. The ‘disgorgement’ amount represents the underspend by ING in the Netherlands on staffing for the implementation and execution of financial economic crime CDD policies and procedures over the period in scope (2010-2016).

How ING is improving its compliance and customer due diligence

ING is committed to operating in compliance with applicable laws, rules and standards and is permanently working to meet these standards.

In recent years, ING Netherlands has taken various initiatives to further strengthen the management of compliance risks, such as:

  • The KYC enhancement programme, an improvement programme aimed at compliance in the area of ‘Know Your Customer’ (KYC) and monitoring customer activities. It involves improving the management of customer data and improving the effectiveness of the management system in the field of financial and economic crime (FEC), primarily in relation to monitoring customer activities.
  • Centralising operational KYC activities into a single KYC Centre across various divisions, introducing standard processes and resources to enable ING Netherlands to manage these activities more effectively.
  • A programme that reinforces the internal compliance culture by better enabling employees to act in accordance with the letter and the spirit of the law.
  • ING works with DNB (the Dutch central bank) and the Dutch Banking Association (NVB) on harmonising efforts in the fight against FEC and participates actively in various working groups and project teams in this area. As such, ING actively participates in public-private partnerships to combat FEC, such as participating in the FEC Council PPS (‘FEC-RAAD Public Private Cooperation’) in which Dutch authorities and financial institutions cooperate on supervision, control, prosecution or investigation with financial sector parties to strengthen the integrity of the sector. This is done by means of preventative action to identify and combat threats to integrity. These sections below describe the results of these improvement initiatives and gives more information on the KYC enhancement programme.

Knowing Our Customers

Find out more about the Know Your Customer enhancement programme (KYC programme).

In early 2017, following a start-up period that had begun in 2016, ING formally launched the KYC programme. The outcome of the internal investigations carried out by ING in the context of the investigation by the Dutch Public Prosecution Service (DPPS) and the Dutch Fiscal intelligence and Investigation Service (FIOD) are incorporated into this programme.

The KYC programme aims to introduce structural solutions and permanent improvements and consists of:

  1. File enhancement for KYC and the related processes, enhanced reporting of unusual transactions, setting up more effective processes for customer exits and enhanced transaction monitoring.
  2. Design and implementation of structural solutions for AML.

All departments with responsibility for KYC in business, compliance and audit are fully involved and the KYC programme is carried out under the supervision of DNB. The recruitment policy and the training curriculum have been amended to meet current requirements.

Culture-driven change

We’re not only improving processes and procedures, but building the right compliance culture. That starts with ING’s senior leaders.

To further highlight the importance of KYC/AML in the organisation and to tighten the culture of the organisation in this area, to achieve continuous compliance:

  • a KYC/AML leadership day was held at the beginning of 2018 for senior management, led by the COO and the CRO of ING. This will be repeated in the first quarter of 2019;
  • in March 2018, the ‘i for integrity’ programme was rolled out at ING Netherlands to have an impact not only on the minds, but also the hearts of the ING employees. This programme, strengthens the internal compliance culture;
  • a team has been appointed to roll out Behaviour Risk Assessments. These assessments focus on analysing the behaviour of employees and teams in relation to risk management. If undesirable behaviour is identified, further action is taken. The head of this team reports to ING’s CRO.

We’ve already made improvements…

These examples show how ING in the Netherlands has improved how it fights financial economic crimes

Policy and risk

  • In 1Q2017, a new FEC policy, guidance and working instructions were implemented, in the area of Customer Due Diligence (CDD) and transaction monitoring;
  • in 4Q2017, guidance was prepared for so-called event triggers: events that should trigger a review of customers;
  • in 3Q2018, a KYC Risk Appetite Statement was prepared, including policy and governance;
  • in 3Q2018, KYC SIRA (Systematic Integrity Risk Analysis) policy and governance was prepared and implemented. The SIRA is an instrument for financial institutions to systematically manage their integrity risks;
  • in 3Q2018, ING Netherlands established the Client Integrity Risk Committee (CIRC), to succeed the existing Risk forum. In the CIRC, business, Compliance and Legal decide whether or not to accept or continue relationships with customers where the client integrity in the context of FEC/AML is doubtful or risks should be further mitigated.

Transaction monitoring

  • An entirely new transaction monitoring system (for each segment) went live.
    All relevant employees were given new guidance and were trained in this system.
  • An example of improvements that have been implemented is that Monitoring is now carried out at customer level, whereas previously it was carried out at account level. This enables ING Netherlands to better monitor the behaviour of customers with several ING accounts.

… And we’re working with others to keep getting better

ING contributes knowledge and capacity to various public-private partnership projects that combat money laundering in the Netherlands

To achieve better results in combatting money laundering, ING has regular meetings with other parties. ING is also part of the FEC Council (‘FEC-Raad’), on which other banks, DNB, FIOD, Financial Intelligence Unit (FIU) and the DPPS have a seat alongside ING.

ING contributes knowledge and capacity to various public-private partnership projects. For instance with the Money Laundering Indicators Project (Project Witwasindicatoren). The ING Netherlands fraud team is actively involved in various thematic money laundering investigations. And in recent years, active cooperation has been sought with FIOD in other investigations into insolvency fraud, for example. Furthermore, ING regularly shares knowledge and experience on financial criminal investigations.

Related news


Frequently asked questions

What went wrong?

The investigations, including our own internal investigation, established serious shortcomings in the execution of policies to prevent financial economic crime (FEC) at ING in the Netherlands in the period 2010-2016.

These shortcomings include:

  • customer due diligence (CDD) files missing or being incomplete
  • assignment of incorrect risk classifications
  • the failure to have the (periodic) CDD review process in order
  • failure to exit business relationships in a timely manner
  • insufficient functioning of the post-transaction monitoring system
  • classifying clients in the wrong segments; and
  • insufficient availability of qualitative and quantitative personnel.

During the period investigated, the execution of ING Netherlands’ FEC policies resulted in the termination of ING’s relationship with thousands of clients. Nevertheless the shortcomings identified resulted in clients having been able to use their bank accounts for money laundering practices for a number of years.

Why is the fine so big?

The Dutch authorities have based the size of the fine on ING’s financial strength and ‘ability to pay’. The size of the fine also reflects the seriousness, extent and duration of the identified shortcomings, but also expresses the fact that it was not possible to determine to which extent and for what amounts bank accounts at ING in the Netherlands were actually misused.

What does ‘disgorgement’ mean?

The amount that ING will pay for ‘disgorgement’ represents the underspend by ING in the Netherlands on staffing for the implementation and execution of financial economic crime (FEC) customer due diligence (CDD) policies and procedures over the period in scope.

Will this settlement affect ING’s strength and stability?

The settlement will have an impact on ING’s third quarter 2018 results, which will be recorded as a special item, but will not affect the strength of ING, the execution of our strategy nor our commitment to our customers, shareholders and other stakeholders. We strongly believe that compliance is an essential part of the way we do business and the way we serve and empower our customers.

Who is to blame?

ING sincerely regrets that we did not do enough to preventing criminals from misusing the financial system. We take this very seriously and accept full responsibility for what went wrong. Not meeting the required standards is unacceptable. The investigations, including our own internal investigation, found no evidence or indications of (former) ING employees having actively cooperated with clients who used, or may have used, banking services for potential criminal activities, nor indications of (former) employees having received personal gains. However, ING takes this matter very seriously and finds that there have been collective shortcomings at all responsible management levels (i.e. business, compliance and control functions). After an internal assessment, ING has decided to initiate measures against a number of (former) employees in senior management positions who had broader responsibility for the safeguarding and execution of financial economic crime CDD policies and procedures in the Netherlands. These measures include holdbacks of variable remuneration and suspension of duties. It is important to note that, given its regulatory responsibility, the DNB has been kept informed on many matters related to the investigation, the settlement agreement, and the further steps we are taking. This includes the management assessment.

Although no current or former ING employees were found to have actively cooperated with, nor personally gained from, clients who may have used banking services for potential criminal activities, ING’s Supervisory Board announced on 11 September 2018 that chief financial officer (and member of the Executive Board) Koos Timmermans will step down from his role and leave ING. Given the seriousness of the matter and the many reactions from stakeholders since the settlement announcement, the Supervisory Board came to the conclusion that responsibility should be taken at Executive Board level. During the investigated period (2010-2016) Mr Timmermans was a member of the Management Board Banking and for several years end-responsible for ING Netherlands.

What about the SEC’s request for information related to the investigations?

As previously noted, in connection with the investigations ING also received information requests from the US Securities and Exchange Commission (SEC). ING has received a formal notification from the SEC that it has concluded its investigation. In the letter the Division of Enforcement states that, based on information as of this date, it does not intend to recommend an SEC enforcement action against ING.

More questions?


Raymond Vermeulen

Head of Media Relations
raymond.vermeulen@ing.com
Tel: +31 20 576 63 69

Back to top