Case Studies
Combating money laundering in European banks: Highlights of a key whistleblower’s testimony
05 Dec 2018

The European Parliament’s Special Committee on Financial Crime, Tax Avoidance and Tax Evasion (the Committee) recently held a hearing on “Combating Money Laundering in European Banks” to discuss a number of recent cases on money laundering in financial institutions based in the EU[1].

Naturally, the main focus of the Committee’s deliberations was on Danske Bank.

Star Witness: Howard Wilkinson

The star witness was Howard Wilkinson (Wilkinson)[2,3], the Head of Baltic Markets who blew the whistle at Danske. He made a number of interesting and revealing points.

He noted that four Russian banks were the immediate source of suspicious funds transferred to Danske. Of these Russian institutions, one was a subsidiary of an EU bank, whilst another was a subsidiary of a US bank.

These suspicious funds were eventually transferred from Danske to two US banks and the US branch of an EU bank.

He pondered what had those three latter banks done with the $200 billion of suspicious funds.

Although these three banks terminated correspondent relationships with the Estonian branch of Danske in 2013 and 2015, he wondered how many suspicious activity reports (SARs) regarding Danske were submitted by the banks.

Perhaps, we will learn how many through the current investigations into the Danske saga.

Abuse of Non-Disclosure Agreements

Wilkinson was scathing about Danske’s use of non-disclosure agreements (NDA). On 8 April 2014, he warned the bank’s senior management that he was prepared to make his own report to the Estonian Financial Investigation Unit (FIU) unless the bank made such reports.

Within three weeks, he signed an NDA preventing him from disclosing anything to anyone “unless required by law”.

As he had no legal requirement to report his concerns to the Estonian authorities, Danske had, in effect, silenced him.

It was only in 2018 in the face of a media storm did Danske permit him discuss his issues with various authorities.

In June, he was allowed to talk to the Danish regulator.

In October, he received Danske’s approval to speak with the US Department of Justice and Securities and Exchange Commission, committees of the Danish and European Parliaments and with the Danish prosecutor.

To date, he is barred from speaking with the Estonian prosecutor.

He believes that the Danske NDA would be unenforceable in the United Kingdom and illegal in the Unites States.

Wilkinson called for a ban on NDAs that prohibit any disclosures to regulators or other public authorities such as the one used by Danske. He also called for greater protection of whistleblowers.

Email correspondence

Wilkinson disclosed to the Committee his email of 8 April 2014 to the bank’s senior management.

In it, he complains that:

  • (a) none of the accounts of clients he had previously reported in January that year had been closed, although there was still a current and substantial volume of transactions taking place
  • (b) Danske did not seem to understand the full scope of the issue with UK LLPs  filing false accounts with Companies House
  • (c) Danske only became aware in the past fortnight of the UK requirement for LLPs to file accounts at Companies House and finally he sought an assurance that Danske would fully investigate those clients who used UK LLPs and that the relevant SARs would be submitted.

He advised senior management that unless he received a substantial assurance by 15 April 2014 he would submit his own report to the Estonian FIU.

Danske responded by the deadline assuring him that they would close the accounts of those clients who were associated with the original suspicious clients, they would consider whether there was a need to increase scrutiny of some offshore clients and they would review the existing client base to “correct any outstanding shortcomings in customer documentation.”

However, Danske assured him there were no indications of any breaches in Estonian law.

The email extracts naturally do not present the full story of the events at Danske.

In written evidence to the Committee, Wilkinson opines that, originally in January 2014, Danske’s attitude was one of concern.

By March, he believed Danske had no intention of making any substantial effort to address his issues.

This view was confirmed by the email of 15 April which was the result of “the highest attention” at Danske Bank in Copenhagen.

Wilkinson was not satisfied with Danske’s response or attitude. Within a fortnight, he left Danske’s employment after signing an NDA.

Lack of reporting procedures in Danske Estonia

In a damning indictment of the lack of reporting procedures both in terms of money laundering suspicions and whistleblowing concerns in the Danske branch in Estonia, Wilkinson advised the Committee that he was unable to identify any whistleblowing procedures.

Indeed, in his original email to senior management of 27 December 2013, he stated: “I have been unable to find any whistleblowing procedure locally in the  Estonian branch in English: therefore I am adopting a common sense approach by disclosing to you, as senior executives…”

Wilkinson also confirmed, in response to a question by the Committee on the procedure for reporting money laundering suspicions: “Neither I nor, to my knowledge, were my team made aware of any such procedures.”

He later specifically advised the Committee that in seven years with Danske he had never received any AML training. The importance of regular training of staff in AML issues has been recognised by regulators around the world.

He also advised the Committee that he did not report his concerns to the Estonian authorities as he believed that Danske, with an excellent reputation, would treat his concerns seriously and act on them as a matter of urgency.

We, and the Committee, now know his belief was mistaken.

Danske bank responds

The Committee invited Jesper Neilson, the Interim CEO of Danske to comment
on the situation the bank finds itself in[4].

He acknowledged that Danske in Estonia did not know enough about their clients and should not have accepted many of them as clients.

Whilst between 2007 and 2015, Danske recognised that the non-resident client banking in Estonia were high risk, the bank’s senior management believed their risk mitigation procedures satisfactorily addressed those risks.

Neilson recognised this belief was incorrect.

Danske confesses

Neilson outlined to the Committee the bank’s failings, as highlighted by a recent independent report:-

  • Insufficient attention was given to money laundering risk in the Estonian branch, who had a high degree of autonomy;
  • The Estonian branch had its own IT systems which were not integrated into the Group systems, hence transaction monitoring was not possible at Group level;
  • The control functions in Estonia were not sufficiently independent of local management;
  • Internal warnings and red flags were not properly understood at Group level;
  • Insufficient understanding of risks at Group level meant that internal reports that local risks were adequately mitigated went unchallenged, and
  • There was possible collusion between staff and clients in Estonia.

Danske takes action

Following the media storm which began earlier this year, the bank’s CEO has resigned, the bank’s chair has announced his departure and a number of employees contracts, including senior managers, have been terminated.

Forty-two staff have been reported to the authorities, including eight to the police. It is not clear why the CEO and Chair departures have only occurred following intense media interest.
The Estonian non resident portfolio has been closed down.

Meanwhile, the number of AML officers has quadrupled whilst the three lines of defence model has been strengthened.

In addition, business procedures have been automated as far as possible, IT spend has been increased and the bank’s know your customer procedures have been improved.

Neilson concluded his opening statement by confirming that, in future, Danske will not deter nor discourage any whistleblowers and that this episode did not reflect Danske’s 147 year history nor how it wanted to be in the future.


Those working in banks with an interest in financial crime issues would be well advised to review the presentations, statements and written answers given by the Danske witnesses.

This case represents the largest reported case of money laundering in a bank in history.

It serves as a reminder that getting the basics right in terms of AML procedures and controls is fundamental in the successful mitigation of risk.

Author profile: UK-based Denis O’Connor is both a Fellow of the Institute of Chartered Accountants in England & Wales and the Chartered Institute of Securities and Investment.

He was a member of the British Bankers’ Association Money Laundering Committee from 2003-10; and a member of the JMLSG’s Board and Editorial Panel between 2010 and 2016. He has been a frequent speaker at industry conferences on financial crime issues, both in the UK and

This article is expressing personal opinions and is meant for information purposes only.
The article does not intend to replace professional or legal advice. It is recommended
that readers seek independent professional or legal advice, or speak to authorised


You can claim CPD minutes for this content, by signing up to our CPD Wallet