Abstract
In September 2018, Danske Bank, the largest bank in Denmark and one of the largest in the Nordic region, published a report which detailed that the bank’s board had fallen into lapses in Anti-Money Laundering/Counter Terrorism Financing (AML/CTF) policies at the bank, in particular, within its Estonian subsidiary. The report was devastating in its criticism of AML processes in the Estonian branch, stating that, over a period of several years, “all lines of defence failed” to manage money laundering risks. Soon after the publication of this report, the CEO of Danske resigned, causing the details of the underlying scandal to become public knowledge (although some the issues involved had been aired publicly on a number of occasions previously). It was also revealed that the bank had become the subject of criminal investigations by US authorities. While the events that are covered in the initial report related to failures to manage AML risks, the situation is more complex than merely deficient AML controls in a remote branch. There was a failure to manage a smorgasbord of different types of risks at both the local and group (i.e., headquarters) level, including: strategic risks; technology risks; and especially operational risks. As befits a sophisticated modern financial institution, Danske Bank operates a group-wide enterprise risk management (ERM) framework covering multiple types of risk (credit, market operational, etc.). The fact that the failure to manage the AML risks took several years to come to light casts doubts on the efficacy of their ERM framework and its implementation. Using Turner’s case study approach, this paper considers the Danske Bank case from the perspective of operational risk management with a view to identifying lessons that can be learned from the scandal that can be applied to future, large-scale operational risk events.
Highlights
Danske Bank, the largest bank in Denmark and one of the largest in the Nordic region, is the very model of a successful, modern universal banking corporation, with a solid record of profitability in its chosen markets in Northern Europe
During the prolonged incubation period of any large disaster, Turner points out that there is a steady accumulation of events that are at odds with the norms of the organisation(s) but which go unnoticed because their importance is not fully appreciated
There were obvious organisational failures that undermined the independence of risk management function in the Estonian branch, making compliance with regulations “ineffective” (Danske Bank, 2018a): “In addition, the branch’s second and third lines of defence were organised in such a way that in practice, they reported to the branch CEO and were not sufficiently independent.”
Summary
Danske Bank, the largest bank in Denmark and one of the largest in the Nordic region, is the very model of a successful, modern universal banking corporation, with a solid record of profitability in its chosen markets in Northern Europe. The report estimated that these transactions involved some EUR 200 billion in value On receiving such an adverse report, the board estimated the bank’s gross income from these suspicious pavements totalled some DKK 1.5 (EUR 0.2) billion and this was to “be donated to an independent foundation supporting initiatives to combat international financial crime” (Danske Bank, 2018b). This ‘donation’ was a substantial hit to the bank’s annual profit when combined with an order from the Danish Financial Services Authority (DFSA) to increase capital with a DKK 10 billion Pillar II add-on (DFSA, 2018). Turner’s Framework for analysing organisational ‘disasters’ is briefly described
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: Journal of Business Accounting and Finance Perspectives
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
