BaFin put N26, the challenger bank, on notice to correct AML failures (AGAIN)

BaFin put N26 on warning once again for their lax anti-money laundering controls, according to an announcement made by the German regulator on Tuesday, May 11.

The digital bank was ordered to:

• “Rectify deficiencies both in IT monitoring and in customer due diligence.”
• https://www.bafin.de/SharedDocs/Veroeffentlichungen/EN/Massnahmen/60b_KWG_und_57_GwG/meldung_210512_57_GwG_N26_en.html

Specifically, it must:

• “Ensure that it has the adequate personnel, technical and organizational resources to comply with its obligations under anti-money laundering law.”

Furthermore, BaFin has said it intends:

• To appoint a special commissioner to oversee the above and its efforts to comply with this most recent order to remedy its AML deficiencies.

NOT THE FIRST TIME – SUSPICIOUS TRANSACTIONS IN 2019

It isn’t the first time that the young start-up has faced scrutiny from BaFin.

In 2019, BaFin conducted a special audit of N26’s processes due to reports of fraudulent transactions and security failures.

The bank had failed to flag several suspicious transactions flowing through its system.

• https://www.altfi.com/article/5242_n26-german-financial-regulator-bafin-valentin-stalf

And the German news magazine WirtschaftsWoche had announced it was able to open accounts using forged IDs.

• https://www.thelocal.de/20210512/german-watchdog-steps-up-monitoring-of-popular-n26-online-bank/

BaFin found similar deficiencies during that audit. Indeed, BaFin’s statement to Reuters about the online bank’s anti-money laundering controls in 2019 —

• “[N26 must] ensure the existence of…adequate personnel and technical, organizational equipment to comply with its obligations under money laundering law” — is virtually identical to the one the regulator issued this May.
• https://www.pymnts.com/news/regulation/2019/n26-bank-bafin-aml-money-laundering-online-hack/

CYBER FRAUD

• Reports also surfaced in March 2019 that one of the bank’s customers was the victim of a hack that emptied their account of €80,000. According to the victim, N26’s customer support left a bit to be desired as well.

OTHERS ALSO STRUGGLE = REVOLUT’S COMPLIANCE PROCESSES

N26 is not the only new fintech that has received scrutiny from regulators. In 2019, for instance, it was reported that a whistleblower had expressed concerns about the UK fintech Revolut’s compliance processes

• https://www.bbc.co.uk/news/technology-47751945

It’s a vulnerability of challenger banks generally, as many are young and take a tech-first perspective.

Many start-ups focus on leveraging new technologies to provide customers with a seamless banking experience — which can be a source of friction when navigating the AML compliance landscape.

Challenger banks worldwide would do well to view the AML challenges N26 and Revolut faced (and continue to face) as lessons learned from afar.

Steps were taken now, such as assessing and improving their compliance programs and implementing tools that automate screening processes, can go a long way toward ensuring that these digital-first banks avoid a regulatory nightmare in the future.